Sujan's Home

Context Aware Computing

2011-02-03T20:25:00.000-08:00

Imagine a mobile device which tells you nearest restaurant when you feel hungry, which tells you who are the friends nearby when you travel, which tells you latest sport news of your interest, which tell you great places to visit when you are on a trip, which tells you about good shopping places nearby, which shows a parking lot when you are looking for parking slot.

Imagine a conference room which sends reminders to participants about meeting, which download the slides for the presenter, which turn on the projector on time, which find external information about the topic being discussed.

Imagine a vehicle which alarm driver when they about to pass dangerous area, which alarm when driver feel sleepy, which warn when driver is drunk.

Imagine a world where systems being proactively behave according to the CONTEXT. This is the ultimate goal of context aware computing research.

I recently read about context aware computing, its application and its challenges. This is a summarization of my recent study. I would like to decompose my discussion into few sub topics, namely definition, factors, applications, modeling and reasoning.

Definition

What is the definition of context?
Following are some of definitions I found:
• The interrelated conditions in which something exists or occurs
• Information that can be used to characterize the situation of an entity. An entity is a person, place or object that is considered relevant to the interaction between a user and an application, including the user and application themselves.
• Context is any information that can be used to characterize the situation of person or computing entity.

I rather like to introduce context as identified status about environment/occasion/event depending on the known facts.

What is context aware computing?
Context aware computing is a relatively old computing paradigm where people try to invent computing systems which adapts/responds according to situation.

Factors
There are several major factors that help to understand certain environment/occasion/event. Some of them are,
• Location
• Time
• Nearby resources
• Motion
• Noise
• Identity
• Activity
• Connectivity/bandwidth
• Vibration
• Gestures

Even though we see these are the major factors that we use to understand certain situation, we always use our knowledge about these situations implicitly to understand what is going on.

Applications
Before talking about the technical aspects of the context aware computing, I would like to discuss about some interesting applications. Following are some application that researches developed as prototypes.

Easymeeting room : A meeting room that understands meeting and remind its participants, provide resources to the meeting proactively.
University navigation system : A navigation system which assist new students to explore the university(students will be provided with information about the location they passby).
Context aware mobile phone : A mobile phone which provide location based services and user profile based services.
Shopping assistant: Guide user to shopping places where he/she find interesting stuff.
Software Engineering environment : Assign task according to the complexity, skills of engineers and availability.
Parking lot: Assist user to find free parking lot when user looking for parking slot

Apart from these there are vast number of context aware applications we can think of.

Now let’s talk about the technology behind these applications.
Context Modeling

We should be able to represent the knowledge about context in a manner in which an automated system can understand. This is a major challenge in context aware computing as well as many other computing paradigms. People use different strategies represent context, namely,
• Key/value pairs
• Tagged encoding
• XML
• Object oriented
• Logic based model
• Entity relationship model
• Ontology

But none of these are totally successful in general. Each of this modeling technique has its own advantages and disadvantages. Most interesting and successful applications were used ontology as context modeling technique.

Context Reasoning
Finally in order to provide context based services, automated system should be able to understand the situation by using provided facts. So reasoning is the core functionality in context aware systems. People use rule based systems and inference engines to reason about certain situation. But still with the limitation or the resources in the environment (context aware systems are highly deployed in mobile devices where processing power is very limited) these are not scale well. So scalability is main challenge in context reasoning.

Apart from these major technical areas people talk about hardware components which are capable of sensing the changes in environment, architectural issues in context aware computing and finally security and privacy issues. Although context aware computing is relatively old research area, still there is no ‘killer application’ which realizes the context aware computing.

References:
Merriam-Webster’s Collegiate Dictionary
Towards better understanding of context and context awareness (Anind K. Dey, Gregory D. Abword)
A Survey of Context-Aware Mobile Computing Research (Guanling chen, David Kotz)
Semantic web in a pervasive context-aware architecture(Harry Chen, Tim Finin, Anupam Joshi)
Ontology based context modeling and reasoning using OWL(Xiao Hang Wang, Tao Gu, Da Qing Zhang, Hung Keng Pung)
Context-Aware Computing: A Test Case (Jenna Burrell, Geri K Gay, Kiyo Kubo, Nick Farina)
Leveraging Semantic web computing for Context-Aware software engineering environments (Roy Oberhauser)

First Quarter in US

2010-12-01T14:23:00.000-08:00

It’s my first snowing experience today. It has been three months since I have been to US for my PhD. I thought of writing the my experience not expecting someone will read it or somebody will be benefit from this writing, but to my own reference expecting this writing will give me nice memory someday.

Life
First of all life in US, since I don’t know the exact meaning of the word ‘life’, I may write things not align with your understanding of term life. This is about how I feel life in US. It’s easy as far as you get it easy. Being an alien to here I always felt I miss the great time in my life, because I miss my family, friends and all good and bad experiences back in my mother country Sri Lanka. But I must write here that nice people who were around me help me to feel that I didn’t miss all of those.

The quality of living is very high standard compared to my experience. Especially transportation, normally it took 1 hour and 15 minutes to go to my office which is 17km away from my home back in SL. But it is about 10 to 12 minutes’ drive in here. That is a major thing that we (as sri lankan’s) should consider. We should not let people waste their time in the road on fully loaded buses in huge traffic. Hopefully this issue will be resolved at least within next 10 years.

Fun
Yeah it’s fun, fun to be here as long as we can balance all things in life. Within last three months I visited three major attractions in US. First one was mammoth cave (One of the largest cave system in the world). Second one was Virginia and third one was Washington DC. I visited Norfolk harbor during my visit to Virginia, there were more than 30 war ships which belongs to US Navy. It was a great experience. I wish if we could have one such ship for my country. During my visit to Washington I visited white house which is not big as I thought.

Education
In terms of education student have full freedom to do what they want. Unlike in SL student are not restricted to specific area of study even when they doing their undergrad degree. Our system has restrictions for university students to explore what they want. You can’t take whatever subjects you want in the university, if you are there to do computer science you have to follow very restricted curriculum and earn the degree, but in US you can experiment yourself, you can take subjects from phycology department, business school and also from computer science department, after experimenting yourself then you select your major. I think this is a good system since just after doing advance level it is not possible to select what you want to do? Since school education is totally different from university education.

Culture
This is where the major conflict comes. Culture is totally different. It’s different from every aspects of it such as clothes, relationships, life style etc… . But still I love my culture.

Test Driven Development - Just Mock It

2009-02-22T03:47:00.000-08:00

There are number of software development methodologies exist with each having its strong and week points. These methodologies are applied to various projects depending on their requirements, degree of risk, time bounds and so many other facts. Test Driven development is one of the methodology to which software developers adapted recently. It says write the test first and write logic(real requirement) next.

But the problem is when you are working on large project which is not develop with test driven development in mind. It is not easy to apply these techniques directly to such project.This fact is very true if the project is on maintenance stage. Because in that stage you don't have to write whole method, you are just required to change some logic and test it, So you can't write test which will cover whole method you changed. It is great if you can test only the logic you changed. In java JMock is the solution for this.

JMock allows you to mock the objects inside the big method, set expectations and test only the part you change.Which will ultimately allows you to validate your logic. JMock is also very useful when you can't set the required environment to test your code eg - if you want to test your code on web server or application server. You can simulate this environment by mocking required objects(HttpSession, HttpRequest, local and remote services etc...)

Please refer for more information.

Final Year Project

2008-05-08T01:23:00.000-07:00

Today almost all anomaly detection systems (anti-virus solutions, intruder detection systems) are programmed to recognize known signatures of anomalies. But people have managed to discover new approaches (signatures) to execute the same attack and also to execute new attacks, which cannot be detected using previously mentioned anomaly detection systems. This situation leads the research community to discover anomaly detection systems which are capable of handling the undiscovered paths mentioned above. My Contribution would be towards finding novel solution to this problem.

Human immune system is the best known natural anomaly detection system which consists of several techniques to protect the body from foreign invaders such as virus, bacteria, fungi etc... The system has several features like distributed, autonomous, adaptive and also has the capability of identifying new threats and act upon it, which motivated the research community to apply its model to arising problems in computing world. The basic approach of immune system would be to detect all abnormalities by examining the normal behavior.

I have selected the stock exchange fraud detection as the problem domain because it is highly dynamic and randomized environment in which people have managed to execute various techniques to earn money using inappropriate ways. Few of such known frauds are,

Insider trading

Pump and dump

Making the close

Front running

The main attribute of all these frauds are that when someone carry out such a fraud, price and volume data stream reflect an abnormal behavior and the executing person shows an abnormal behavior with respect to its peer group. My objective would be to introduce a novel concept to detect the anomalies which reflect through abnormal behaviors of price/volume data and involving parties.

The proposed solution is enriched with techniques used by immune system model such as danger signal, negative selection, clonal selection and immune network theory which ultimately avoid the drawbacks of currently available anomaly detection systems. It doesn’t have a separate learning phrase and capable of identifying the abnormalities by examining features of the given data stream rather that globally assigns boundary values for anomaly detection. Here is a brief description about main steps of proposed solution.

Danger signal
Proposed solution is act upon a danger signal which will be generated by examining the price/volume data stream. System will identify the sudden increases and decreases as danger which will ultimately cause to reduce the false positive and false negative alarm rate.

Creating scenarios
If there is no any suspected party, the probability that case of being a fraud is very low, so in this step system try to identify “is their any suspected parties” and their relationship by examining the behavior of individuals against its peer group.

Memory
System will maintain a memory which consists of identified fraud scenarios in order to mount quick response on up coming fraud scenarios. Maintaining memory is done by measuring the activating frequency of stored scenarios.

Stock market surveillance systems

2008-01-15T23:10:00.000-08:00

Stock exchange plays a dominant role in any country’s economy where companies sell their stocks to raise their capital.It sometimes use as indicator to predict the fluctuations of whole country’s economy. Because of this people pay more attention to invest their money on stock market. Normally people invest their money on stock market irrespective of their economy level, age, educational level etc...

So there is a possibility of investors get in to trouble and lost all their money due to unawareness about the fluctuations of market. People normally tend to react on sudden movements on stock market expecting huge profit. But these movements sometimes created by stock manipulators to cheat people and earn money. There are several well known cases on stock manipulation which some times resulted in change of ownership of companies. Manipulation of stock market are done by the people who have lot of stocks(money) and more power. Eg – Businessman, stock brokers.

Some techniques that are used by stock manipulators are not illegal but execute with the intention of cheat others. Some countries have laws against illegal stock transactions and it is mandatory (recommended) to have stock surveillance systems in such countries. Functionality of stock market surveillance system is to detect such manipulation in real time and report them. Stock surveillance systems are monitor the market for detect well known stock manipulation cases.

Following are some of well known stock manipulation techniques.

Insider trading

Front running

Painting the tape

Wash sales

Pump and dump

Poop and scoop

Making the close(portfolio pumping)

The most intersting subject in my UNI life

2008-01-14T06:22:00.000-08:00

I really enjoyed by arguing on subject matters with my batch mates.Recently I had such a discussion, which I guessed most interesting discussion I had in my UNI life.That is about Evolutionary Computing(EC) and its applications.

EC is inspired by Darwinian principle of "survival of the fittest" which we observed in daily life.Under that we have learn about

Genetic Algorithms(GA)

Genetic Programming(GP)

Evolutionary stratergies(ES)

Evolutionary Programming(EP)

Learning Classifier Systems(LCS)

First four techniques are used to optimization, constraint satisfaction problems while the most interesting part that is LCS use for automatic rule generation.It can be use as alternative for Expert Systems(ES).

Under LCS we have solved the problems like

Robot navigation to have maximum reward

Reduce numbers in to one number

Predicting character sequence which are organized in circular way

What makes these techniques more interesting is that all these techniques has concept and no rigid ways to implement them.It is our responsibility to understand them and apply them accordingly.

I invite all computer science undergraduates to discuss on these technique and like to say that if you have a chance to learn Evolutionary Computing Don't miss it.

XenKIMONO

2007-10-06T22:55:00.000-07:00

XenKIMONO is a kernel rootkit detector which has been design to run on top of xen virtual machine by taking the benefits of xen.

The existing solutions to identify kernel level rootkits will not work if the observing kernel is compromised, because the detection system is also run on the same kernel.XenKIMONO is try to address this issue by isolating the detection system from observing kernel.

XenKIMONO uses the features of Dom0 in xen virtual machine to isolate detection system from observing kernel.Dom0 is a privileged domain run with other DomUs on top of xen virtual machine which has the access to the DomUs.

So XenKIMONO tries to overcome the issue of compromised kernel by locating the XenKIMONO on Dom0.

XenKIMONO uses several techniques to identify rootkits,

Intergrity checking

Cross-view detection

Monitor critical processes

Detect suspicious activities

White-list based detection

innotek VirtualBox

2007-09-28T22:38:00.001-07:00

innotek VirtualBox is a software which enables the virtualization. I have some experience using this. It is very simple to install and configure on linux. I have done this on ubuntu 7.04. I install WindowsXP on the virtual machine I created on virtual box.
Configuration of the virtual machine is,

256 Memory

5 GB Hard disk

It runs smoothly on these configurations.
This is a screenshot of my machine.It has both ubuntu and windows menu bars.

Download innotek VirtualBox and enjoy with virtualization.

Virtualization

2007-09-27T19:48:00.000-07:00

In computing virtualization means lot.Simply it is the method of showing single physical resource(processor,storage devices) as multiple resources or vice versa.Nowadays virtual machines are getting very famous, because lot of computing problems can be solve using virtual machines.One well known virtual machine is Xen which is open source one.
The platforms that allows multiple operating systems to run on one machine is called Virtual Machine Monitor(VMM) or Hypervisor.

There are two types of hypervisors.

Type 1 hypervisor - Software that runs directly on hardware.So the guest OS run as 2nd level above hardware. E:g - Xen,Vmware's ESX server

Type 2 hypervisor - Software that runs within host's OS.So the guest OS runs as 3rd level of hardware. E:g - swsoft,VMware server

There are number of advantages of virtualization. It is very good method to resource sharing.There are lot of applications built with the help of virtualization.One such example is intruder detection systems(IDS).

Attificial Immune Systems

2007-09-18T22:53:00.000-07:00

Human immune system is the system which is responsible for protect the body from harmful foreign attacks. These attacks come as viruses, bacteria, fungi and other parasites.
The system is,
• Distributed
• No central place to monitor
• Adaptive
• Very complex

The system identifies harmful foreign attacks by using its detectors as well as it is capable of storing details of those intruders for future use.

The main functionalities of human immune system are,

• Randomly generate detectors.
• Maturate those detectors.
• Distribute the identified detectors across the body.
• Identify anomalies.
• Discriminate them with body cells.
• Take relevant actions on anomaly cells.
• Maintain memory about selected anomalies.

Artificial Immune Systems is the system which is aim to solve some computational problems using the techniques use by human immune systems to detect anomalies.
These techniques are use to solve following computational problems.
• Computer virus attacks
• Network intruder detection systems
• Mining data patterns
• Data clustering

Apply SSL between SQL sever & Application

2007-07-16T20:54:00.000-07:00

Most of systems are not consider about security between database server and application.But it is a critical factor since most of the attacks are coming from inside the organization.
So in this article I try to explain how to enable SSL channel between SQL server and your application.

Main Steps:

Install IIS server.

Install certificate server.

Install SQL server.

Prepare Certificate for apply SSL on SQL server.

Prepare SSL channel.

NOTE - First 4 steps should be done in same machine that you are going to install SQL server.
In this document I will explain important points on these steps.

Help on installing certificate server.
Important Steps:

Click install windows components from add or remove programs.

Select certificate authority.

Create root certificate.Fill common name attribute with your machine name.

Prepare Certificate for apply SSL on SQL server.
Important Steps:
Create Request -

Go to http://machineName/certsrv

Select "Request a certificate", and click Next.

Select "Advanced Request", and click Next.

Select "Submit a certificate request to this CA using a form", and click Next.

Fill the form you should use your SQL server name as Name.

Select "Server Authentication Certificate" as Intended Purpose.

Select "Use local machine store" and click Submit.

Now you have request a certificate and your request is in pending state.

Issue Certificate -

Go to Run, type mmc.

Follow the following path

Console -> Add/Remove snap in -> Add -> select Certificate Authority -> Add -> Select Local Computer -> Finish -> Close -> OK -> Expand Certificate Authority -> Pending Requests.

Now you can see your request.

Right click on request and click issue.

Install Certificate -

Go to http://machineName/certsrv

Select "Check on a pending certificate" and click Next.

Select your certificate and click Next.

Click install certificate.

Now you are ready to prepare SSL channel between SQL server and your application.This can be basically done in two ways.

From server side

From client side

Apply SSL from server side.
If you apply SSL on this way, all the client connections will get encrypted.
Steps:

Go to Server Network Utility tool on server machine.

Select "Force protocol encryption", click Apply and OK.

Now restart your SQL server.

Apply SSL from client side.
To do this client should have root certificate of the certification authority that issue certificate to the SQL server.

From server machine export the root certificate as .p7b.
Export root certificate -

Open Internet Explorer and follow the following path:

Tools -> Internet Options -> Content -> Certificates -> Trusted root certificate authorities -> Select your root certificate -> Export -> Next -> Select .p7B format -> Select "Include all certificates in the certification path if possible" -> Select place to save your certificate -> Next -> Finish.

Import certificate to client machine -

Open Internet Explorer on client machine.

Follow the following path:

Tools -> Internet Options -> Content -> Certificates -> Trusted root certificate authorities -> Select your root certificate -> Import -> Next -> Browse to certificate location -> Next -> Accept the certificate.

Now you can configure SSL from client machine.
You can configure SSL from ODBC connection manually or programatically.
Configure SSL programatically.
Sample connection strings:
ODBC
"Driver=SQLServer;Server=Protect-Drive;UID=sa;PWD=123;Network=DBNETLIB.DLL;Encrypt=YES "
OLEDB
"Provider=sqloledb;Data Source=Protect-Drive;Initial Catalog=slt;User Id=sa;Password=123;use encryption for data=true"

Configure SSL manually through ODBC.

Select "Use strong encryption" when you configure ODBC connection.

Note - if you don't have "Use strong encryption" option when you configure ODBC connection.You may need to install SQL client tools on client machine.

Best wishers,
If you have any problem with configuring SSL on SQL server please let me know.

How to install openLDAP

2007-03-19T20:17:00.001-07:00

To install openLDAP you need to install BerkeleyDB first
Download latest version of BerkeleyDB
Extract it using tar xvf
cd in to db-version/build_unix
Run following commands in the same order
../dist/configure
make
make install

This should be run without any errors

Now you can install openLDAP
Download openLDAP which is a open source software.
Then do the following

Copy the tar.gz file to your preffered directory.
Extract it using tar xvf command
Change your current working directory in to ectracted openLDAP directory
Run following command in the same order
./configure
make depend
make

Then run 'make install' as root user

My Expierience
I got a error while running configure the openLDAP saying that it can't find the BerkerleyDB, if you also encounted with this error copy the db.h file it is normally located in /usr/local/BerkeleyDB.4.3/include to /usr/include
Then you should be ok.
Best wishers

Next document how to use openLDAP server as digital certificate storage