Abstract

1Ontologies have emerged as a common way of representing knowledge. Recently, people with minimal domain background or ontology engineering are developing ontologies, leading to a corpus of informal and under-evaluated ontologies. Existing ontology evaluation approaches require rigorous application of formal methods and knowledge of domain experts that can be cumbersome or tedious. We propose a lightweight approach for evaluating sufficiency of ontologies based on Natural Language Processing techniques. The approach consists of verifying the extent of coverage of concepts and relationships of ontologies against words in domain corpus. As a case study, we applied our approach to evaluate sufficiency of ontology in two example domains - Education (Curriculum) and Security (Phishing). We show that our approach yields promising results, is less effort intensive and is comparable with existing evaluation methods.

Abstract

In India, a large number of engineering undergraduates are adopting eLearning as it provides access to best faculty and reduces concerns on inadequate physical infrastructure at colleges. Virtual Labs is a Government of India eLearning initiative containing simulation and remote triggered labs for engineering students. Virtual Labs developed over a period of 6 years is used by more than a million undergraduate students across nine engineering disciplines. The software used for developing these experiments requires substantial effort for maintenance due to deprecation, compatibility, etc. We propose a targeted crowdsourcing approach for maintenance of Virtual Labs with sustainable quality. The targeted crowdsourcing involves the large number of engineering students who are also the major stakeholders of these labs. Our quality enhancement using crowdsourcing approach was validated for 14 labs and …

Abstract

The ability to modify the existing published web pages is what we are calling Renarration of the web. Such a mechanism is useful for improving accessibility and personalization of the content currently on the web. There are many techniques in place for enabling both Web Accessibility and Web Personalization. In this paper we propose a novel approach: an Aspects inspired design of renarration. Aspects have traditionally been applied to programming. Here we reinterpret concepts like Join Points, Point-cuts and Advices and apply them to web documents. To validate our approach, we designed a framework called Rennaration Studio that is built using microservices based architecture pattern and implemented using Python's flask platform. We demonstrate the feasibility of our proposal by renarrating different Aspects (text, language, phonetics) of two specific web documents.

Abstract

Cross origin request attacks (CORA) such as Cross site request forgery (CSRF), cross site timing, etc. continue to pose a threat on the modern day web. Current browser security policies inadequately mitigate these attacks. Additionally, third party authentication services are now the preferred way to carry out identity management between multiple enterprises and web applications. This scenario, called Federated Identity Management (FIM) separates the problem of identity management from the core functionality of an application. In this paper, we construct formally checkable models and design laboratory simulations to show that FIM is susceptible to cross origin attacks. Further, we employ the Cross Origin Request Policy (CORP) to mitigate such attacks.

Abstract

In this paper we report on a Systematic Literature Review where we explored the notion of semantics in Computer Science (CSE) literature. Our goal was 1) to surface how the idea of semantics has been used and represented, and 2) to surface its publication pattern in CSE. Our automated search in 5 CSE repositories yielded 653 relevant papers, emerging from multiple disciplines and geographies, spanning a period from year 1967 to 2017. We shortlisted 50 representative samples to study. This literature review was motivated by an external Web Accessibility effort in which we wanted to understand how to influence the various meanings that a variety of human end-user could derive by varying the computer rendering of a given content. The results of the SLR indicate that 44% of papers do have their own definition, almost all are formal in their presentation, and 94% of them have a notion of semantics that favors the computer as a processor. We observe the limited human oriented focus on semantics in CSE, and suggest such semantics focus as an area of potential study.

Abstract

On March 27, 2015, Github witnessed a massive DDoS attack, the largest in Github's history till date. In this incident, browsers and users were used as vectors to launch the attack. In this paper, we analyse such browser-based DDoS attacks and simulate them in a lab environment. Existing browser security policies like Same Origin Policy (SOP), Content Security Policy (CSP) do not mitigate these attacks by design. In this paper we observe that CORP (Cross Origin Request Policy), a browser security policy, can be used to mitigate these attacks. CORP enables a server to control cross-origin interactions initiated by a browser. The browser intercepts the cross-origin requests and blocks unwanted requests by the server. This takes the load off the server to mitigate the attack.

Abstract

This document describes a web security model to analyse cross origin requests and block them using CORP, a browser security policy proposed for mitigating Cross Origin Request Attacks (CORA) such as CSRF, Clickjacking, Web application timing, etc. CORP is configured by website administrators and sent as an HTTP response header to the browser. A browser which is CORP-enabled will interpret the policy and enforce it on all cross-origin HTTP requests originating from other tabs of the browser, thus preventing malicious crossorigin requests. In this document we use Alloy, a finite state model finder, to formalize a web security model to analyse malicious cross-origin attacks and verify that CORP can be used to mitigate such attacks.

Abstract

Many aspects of program analysis are related to CFL (context-free language) constrained path problems on graphs. A path is constrained by requiring its list of edge labels to form a string that is a member of the associated CFL. Constrained shortest path problems give O(n3/ log n)-bottlenecks for program analysis, where n is the number of nodes. Labeled path problems also have many other applications. Assume two terminals (parenthesis) in a Dyck CFL. Given any two vertices s and t and the output of Nykanen and Ukkonen's exact integer path length algorithm. then this paper finds a minimal-cost point-to-point Dyck path cost in such edge-labeled digraphs in O(n2 log n) additional operations. This paper is on the DAG (directed acyclic graph) case. Our result depends on a special case of the exact integer path length problem of Nykanen and Ukkonen that costs O(n3). A new algorithm is introduced that joins …

Abstract

Software is finding place in deeply embedded systems to large scale distributed systems of cloud service providers such as Amazon and Google. Due to the concurrent and distributed nature of this software, it is hard to test for correctness of such systems in a foolproof manner. Explicit state model checking is an approach in which we build a model of the system and specify the properties it should hold. Then we construct a state transition system from the model and check if it satisfies the specified properties. There are two kinds of properties of interest: safety and liveness. In this paper, we focus our attention on safety verification, which involves checking if the states that are generated in the transition system satisfy some predicate formulae specified in the form of assertions. The main problem here is that the number of states in the transition system grows exponentially with the number of bits required to store the …

Abstract

Generation of problem sets and quizzes forms an important part of education technologies. Although some systems have been built for quiz generation, they mostly focus on abstract logic and mathematical constructs. Knowledge in other domains is relational rather than propositional, and many systems use dedicated knowledge databases. We present a method to present this knowledge in the form of objective question sets and drills. We implement a four-fold approach - ontologies, propositional logic, similarity finding, and hierarchies - as a way to generate quizzes as well as to solve human generated problems of a similar nature. The architecture of this system is such that any knowledgebase can be turned into a vast number of diverse, complex questions. We build this system for an ontology of North Indian Ragas, and also test it on a smaller ontology of animals. We demonstrate an approach to solving human