Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Reusability of learning objects is expected to noticeably elevate the creation of online learning material, and several repositories have been developed worldwide to collect large sets of reusable learning objects. In traditional learning environments lessons are designed for a specific group of learners in a particular context, at considerable cost and effort. In the reusable learning object approach, a small-sized learning object may be created by one person, indexed into a repository and then found and reused, individually or by combining it with other objects, in another context by any number of people. This can significantly reduce the time and effort needed for the creation of learning content. However, creating instructional material from learning objects on a large scale requires access to large collections of learning objects. Metadata are used to describe learning objects in order to enable finding relevant content, using metadata schemas (Like the IEEE Learning Object Metadata standard – LOM). Metadata schemas also enable the exchange of learning object metadata between repositories. Repositories that conform to the same common metadata schema can exchange metadata instances between them. In this way, it becomes possible to create a course on, for instance, 'Global Warming' by combining objects (e.g., images, narrative texts, slides and audio and video clips) from more than one interconnected repository. The goal of this thesis was to investigate the real use of learning object metadata in learning object repositories. We studied the creation of metadata application profiles from existing metadata schemas, and the mapping of metadata profiles and legacy schemas into common schemas. The next step was to investigate the actual use made of metadata in learning object repositories during indexation and retrieval, and the usability of tools provided to enable the indexation and finding of learning objects. Tracking the use of the learning object itself is also one of the main issues covered in this thesis.

Academic collection --- 681.3*H <043> --- 681.3*H52 <043> --- Information systems--Dissertaties --- Information interfaces and presentation: user interfaces, input devices, input strategies, user interface management systems--Dissertaties --- Theses --- 681.3*H52 <043> Information interfaces and presentation: user interfaces, input devices, input strategies, user interface management systems--Dissertaties --- 681.3*H <043> Information systems--Dissertaties

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Statistical relational learning (SRL) combines state-of-the-art statistical modeling with relational representations. It thereby promises to provide effective machine learning techniques for domains that cannot adequately be described using a propositional representation. Driven by new applications in which data is structured, interrelated, and heterogeneous, this area of machine learning has recently received increasing attention. However, combining statistical modeling and relational representations also poses new challenges. There is a trade-off between the expressivity of a machine learning formalism and its computational efficiency, as a higher expressivity entails a larger search space during learning. Propositional machine learning techniques are at one end of this trade-off, while approaches that combine the full power of statistical and relational learning are at the other end. In this thesis, we present a collection of simple SRL techniques that focus on computational efficiency rather than maximum expressivity, and thereby occupy an intermediate position in the outlined expressivity-efficiency trade-off. The thesis has three main contributions. We first introduce dynamic propositionalization approaches, which provide a simple but principled integration of relational and statistical learners. Dynamic propositionalization is shown to outperform more traditional static propositionalization approaches, while maintaining computational efficiency. A second part presents Markov models for relational sequences, where sequence elements can be logical atoms or complete logical interpretations. By restricting attention to fully observable data and employing a Markov assumption, inference and learning in the resulting formalisms is significantly easier than in more general SRL systems. In a final part, we present two structured probabilistic models that are tailored to particular application domains, namely haplotype reconstruction and activity recognition. These two domains could be modeled using general-purpose statistical relational sequence models; however, the restriction to a particular domain again allows us to derive more efficient special-purpose inference and learning algorithms. The approaches presented throughout the thesis are evaluated in several relational real-world domains, including structure-activity prediction for chemical compounds, web page classification, modeling user behavior in mobile phone networks, and modeling massively multiplayer online games. The field of machine learning is concerned with making predictions based on known examples. For instance, a computer could learn to automatically classify e-mail messages as spam or legitimate messages, based on a number of examples provided by the user. Today, there are a variety of application domains for machine learning. Examples include predicting the biological properties of molecules, applications in information retrieval from the world wide web, or recognizing faces from camera images. Many complex learning tasks have two important properties: 1) the data under consideration is richly structured, such as chemical molecules or the graph structure of the world wide web, and 2) information is often of an uncertain/probabilistic nature. These two issues are addressed in the field of statistical relational learning, which combines relational techniques that can handle structured data with statistical modeling. In this thesis, we present a collection of simple statistical relational learning approaches. Compared to other techniques developed in the field, the resulting systems are slightly less powerful, but much faster and thus applicable to larger data collections. The thesis is organized into three parts, in which we consider different learning settings. In a first part, the goal is to classify individual data items. Techniques developed for this setting are applied to predicting biological properties of molecules. In a second part, we consider modeling sequences of data items. This is relevant for modeling processes that unfold over time, where the state of the process at any given time is structured. As an example domain, we consider modeling the state of massively multiplayer online games, in which a large number of players interact in a structured way. Finally, a third part of the thesis discusses learning approaches that are tailored to particular application domains. By exploiting the specific domain structure, the resulting techniques are significantly faster than general-purpose machine learning tools that could also be applied.

Academic collection --- 681.3*I26 <043> --- 681.3*H <043> --- Learning: analogies; concept learning; induction; knowledge acquisition; language acquisition; parameter learning (Artificial intelligence)--See also {681.3*K32}--Dissertaties --- Information systems--Dissertaties --- Theses --- 681.3*H <043> Information systems--Dissertaties --- 681.3*I26 <043> Learning: analogies; concept learning; induction; knowledge acquisition; language acquisition; parameter learning (Artificial intelligence)--See also {681.3*K32}--Dissertaties

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Ondanks vele jaren van onderzoek en grote investeringen door bedrijven, is de ontwikkeling van veilige software nog steeds een groot probleem. Dit blijkt uit de gestage toename van de kwetsbaarheden die jaarlijks zijn gemeld. Snelle verspreidende wormen zoals de worm Code Red, die naar schatting een wereldwijd economisch verlies van $2,62 miljard heeft veroorzaakt, zullen vaak fouten in programma's uitbuiten om zich snel te verspreiden. Kwetsbaarheden die kunnen uitgebuit worden door aanvallers voor het uitvoeren van code injectie aanvallen zijn een belangrijke vorm van implementatiefouten. De worm Code Red buit een bufferoverloop uit om willekeurige code te kunnen uitvoeren op de kwetsbare machine, waardoor hij zichzelf kan verspreiden door zich te kopiëren naar machines die hij besmet. Het wijdverspreide gebruik van C-achtige talen waar dergelijke kwetsbaarheden een belangrijk probleem zijn heeft het probleem verergerd. In dit proefschrift onderzoeken we een aantal kwetsbaarheden in C-achtige talen, die door aanvallers kunnen worden uitgebuit voor het uitvoeren van code injectie aanvallen en bespreken we tegenmaatregelen die bescherming bieden tegen dit soort aanvallen. Dit proefschrift bestaat uit drie belangrijke onderdelen: het begint met de presentatie van een uitgebreide inventarisatie van de huidig bekende kwetsbaarheden en tegenmaatregelen, dit wordt gevolgd door een discussie van twee nieuwe tegenmaatregelen die gericht zijn op een betere bescherming tegen aanvallen op verschillende kwetsbaarheden terwijl die slechts een te verwaarlozen invloed hebben op performantie. De inventarisatie biedt een uitgebreid en gestructureerd overzicht van kwetsbaarheden en tegenmaatregelen voor code injectie in C-achtige talen. Diverse tegenmaatregelen maken verschillende afwegingen in termen van performantie, effectiviteit, geheugenverbruik, compatibiliteit, enz. Dit maakt het moeilijk te beoordelen en vergelijken van de geschiktheid van de voorgestelde tegenmaatregelen in een gegeven context. Deze inventaristatie is een classificatie en evaluatie kader, op basis waarvan de voordelen en nadelen van tegenmaatregelen kunnen worden beoordeeld. Op basis van de opmerkingen en de conclusies die werden getrokken uit de inventarisatie, zijn twee tegenmaatregelen ontworpen, geïmplementeerd en geëvalueerd. De eerste tegenmaatregel die we beschrijven is een efficiënte tegenmaatregel tegen stapelvermorzelingsaanvallen. Onze tegenmaatregel maakt geen gebruik van geheime waarden (zoals kanaries) en beschermt tegen aanvallen waartegen gelijkaardige tegenmaatregelen niet beschermen. Onze techniek splitst de standaard stapel in meerdere stapels. De verdeling van de soorten gegevens aan één van de stacks is gebaseerd op de kans dat een specifiek data-element ofwel een doelwit ofwel een bron van aanvallen is. We hebben deze tegenmaatregel ge"implementeerd in een C-compiler voor Linux. De evaluatie toont aan dat de impact op performantie door het gebruik van onze tegenmaatregel verwaarloosbaar is. De tweede tegenmaatregel beschermt tegen aanvallen op hoop-gebaseerde bufferoverlopen en zwevende wijzers. Het wijzigen van de beheersinformatie die gebruikt wordt door de dynamische geheugenbeheerder is vaak een bron van een aanval op deze kwetsbaarheden. Alle bestaande tegenmaatregelen met lage impact op performantie maken gebruik van magische waarden, kanaries of andere probabilistische waarden die geheim moeten blijven. In het geval van magische waarden wordt een geheime waarde geplaatst vóór een cruciale geheugenlocatie en door toezicht te houden of de waarde is veranderd, kunnen overlopen opgespoord worden. Als aanvallers willekeurige geheugenlocaties kunnen lezen, dan kunnen ze deze tegenmaatregel omzeilen. Deze tegenmaatregel presenteert een aanpak die, wanneer toegepast op een memory allocator, zal beschermen tegen deze aanvalsvector zonder toevlucht te nemen tot magie. We hebben deze aanpak geïmplementeerd door het wijzigen van een bestaande algemeen gebruikte geheugebeheerder. Uit testen blijkt dat deze tegenmaatregel een te verwaarlozen, soms zelfs positieve, invloed op performantie heeft. Despite many years of research and large investments by companies, the development of secure software is still a significant problem. This is evidenced by the steady increase in vulnerabilities that are reported year by year. Fast spreading worms like the Code Red worm, which caused an estimated worldwide economic loss of $2.62 billion, will often exploit implementation errors in programs to spread rapidly. Vulnerabilities that can be exploited by attackers to perform code injection attacks are an important kind of implementation error. The Code Red worm exploited a buffer overflow to be able to run arbitrary code on the vulnerable machine, allowing it to spread by copying itself to the hosts it infected. The widespread use of C-like languages where such vulnerabilities are an important issue has exacerbated the problem. In this dissertation we examine a number of vulnerabilities in C-like languages that can be exploited by attackers to perform code injection attacks and discuss countermeasures that provide protection against these kinds of attacks. This dissertation consists of three important parts: it starts off by presenting an extensive survey of current vulnerabilities and countermeasures, this is followed by a discussion of two novel countermeasures which aim to better protect against attacks on different vulnerabilities while having only a negligible impact on performance. The survey provides a comprehensive and structured survey of vulnerabilities and countermeasures for code injection in C-like languages. Various countermeasures make different trade-offs in terms of performance, effectivity, memory cost, compatibility, etc. This makes it hard to evaluate and compare the adequacy of proposed countermeasures in a given context. This survey defines a classification and evaluation framework, on the basis of which advantages and disadvantages of countermeasures can be assessed. Based on the observations and the conclusions that were drawn from the survey, two countermeasures have been designed, implemented and evaluated. The first countermeasure we present is an efficient countermeasure against stack smashing attacks. Our countermeasure does not rely on secret values (such as canaries) and protects against attacks that are not addressed by state-of-the-art countermeasures. Our technique splits the standard stack into multiple stacks. The allocation of data types to one of the stacks is based on the chances that a specific data element is either a target or source of attacks. We have implemented our solution in a C-compiler for Linux. The evaluation shows that the overhead of using our countermeasure is negligible. The second countermeasure protects against attacks on heap-based buffer overflows and dangling pointer references. Overwriting the management information of the memory allocation library is often a source of attack on these vulnerabilities. All existing countermeasures with low performance overhead rely on magic values, canaries or other probabilistic values that must remain secret. In the case of magic values, a secret value is placed before a crucial memory location and by monitoring whether the value has changed, overruns can be detected. Hence, if attackers are able to read arbitrary memory locations, they can bypass the countermeasure. This countermeasure presents an approach that, when applied to a memory allocator, will protect against this attack vector without resorting to magic. We implemented our approach by modifying an existing widely-used memory allocator. Benchmarks show that this implementation has a negligible, sometimes even beneficial, impact on performance. Hackers en computervirussen zijn een belangrijke bedreiging voor de veiligheid van moderne computersystemen. Een van de meest voorkomende vormen van aanval is een code-injectie-aanval, waar een aanvaller door het uitbuiten van verschillende fouten in bestaande programma's, een eigen programma op de aangevallen computer kan uitvoeren. Er bestaan verschillende tegenmaatregelen die dit soort aanvallen moeilijker maken. Deze thesis geeft een uitgebreide inventarisatie en classificatie van deze tegenmaatregelen. Verder worden er ook nog twee tegenmaatregelen in beschreven die automatisch en transparant toegepast kunnen worden op programma's om te beschermen tegen dit soort aanvallen. Hackers and computer virusses are an important threat to the security of current computers. One of the most common forms of attack is a code injection attack, where an attacker executes a foreign program on the target computer using a variety of flaws which are present in the installed software. Many countermeasures exist which try to make it harder for such an attacker to be able to execute such an attack. This dissertation provides an extensive survey and classification of these countermeasures. Two countermeasures that protect against these attacks are also presented that can be automatically and transparantly applied to computer programs.

681.3*D46 <043> --- Academic collection --- 681.3*H <043> --- 681.3*H <043> Information systems--Dissertaties --- Information systems--Dissertaties --- 681.3*D46 <043> Security and protection: access controls; authentication; cryptographic controls; information flow controls; security kernels; verification (Operating systems)--Dissertaties --- Security and protection: access controls; authentication; cryptographic controls; information flow controls; security kernels; verification (Operating systems)--Dissertaties --- Theses