ABSTRACT. NewsStand is an example application of a general framework to enable people to search for information using a map query interface, where the information results from monitoring the output of over 10,000 RSS newssources and is available for retrieval within minutes of publication. The advantage of doing so is that a map, coupled with an ability to vary the zoom level at which it is viewed, provides an inherent granularity to the search process that facilitates an approximate search thereby permitting the use of spatial synonyms instead of being limited to an exact match of a query string. This is predicated on the use of a textual specification of locations rather than a geometric one, which means that one must deal with the potential for ambiguity. The issues that arise in the design of a system like NewsStand, including the identification of words that correspond to geographic locations, are discussed, and examples are provided of its utility. More details can be found in the video at http://vimeo.com/106352925 which accompanies the "cover article'' of the October 2014 issue of the Communications of the ACM about NewsStand at http://tinyurl.com newsstand-cacm or a cached version at http://www.cs.umd.edu/~hjs/pubs/cacm-newsstand.pdf.

ABSTRACT. Over the past two decades, digital information collected by corporations, organisations and governments have created huge amount of datasets, and the speed of such data collection has increased exponentially over the last few years because of the pervasiveness of computing devices. However, most of the collected datasets are personally related and contain private or sensitive information. Even though curators can apply several simple anonymization techniques, there is still a high probability that the sensitive information of individuals will be disclosed. New legislations on privacy have come into effect recently, so enhancing privacy-preserving has become a critical issue that needs to be addressed in the digital age.

Differential privacy is one of the most prevalent privacy models as it provides a rigorous and provable privacy notion that can be implemented in various research areas. In this presentation, we will start with privacy breaches and privacy models, and introduce the basic concept of differential privacy. We then will focus on the applications of differential privacy in various scenarios in which we have been working on, including Location privacy, Recommender systems, Tagging systems, and Correlated datasets. We will then finalise the talk by outlining the privacy challenges in the era of big data.

ABSTRACT. Multi-cloud management is a critical requirement in the cloud industry today, when enterprises are certaintly using computing resources from more than one cloud service provider. Migrating cloud services between different cloud platforms is one of the most important missions that enterpsies are interested in in their multi-cloud management strategy. Migrating cloud applications to modern cloud platforms consists of: (1) Enabling them to run on current & supported operating platforms, middleware, and databases; (2) Redeploying them to the target cloud using a deployment pattern providing targeted performance. Each application is assessed in detail to determine changes that need to be made to ready it for the new platform. Using model engineering techniques is a primising approach to accelerate the migration execution through cloud orchestration tools and other automation toolset to help enterprises migrate their applications more efficienty in multi-cloud environment.

ABSTRACT. Website defacements have long been considered one of major threats to websites and web portals of enterprises and government organizations. Defacement attacks can bring in serious consequences to website owners, including immediate interruption of website operations and damage of the owner reputation, which may lead huge financial losses. Many solutions have been researched and deployed for monitoring and detection of defacement attacks, such as those based on checksum comparison, diff comparison, DOM tree analysis and advanced methods. However, some solutions only work on static web pages and some others demand extensive computing resources. This paper proposes a multi-layer model for website defacement detection. The proposed model is based on three layers of machine learning-based detection for web text content and a layer for checking the integrity of embedded images in the web pages. Our experiments show that the proposed model produces the overall detection accuracy of more than 98.8% and the false positive rate of less than 1.04% for all tested cases.

ABSTRACT. Legal and regulatory texts are ubiquitous and important in our life. Automated processing of such documents using natural language processing and information retrieval techniques is desired. Many legal text processing problems require information extraction as a base component. In this paper, we address the task of extracting references from law and regulatory documents, which are necessary for recognition of the relations between documents and document parts, and other problems. We formulate the task as a sequence labeling problem and introduce several extraction models, consisting of both traditional (conditional random fields) and more advanced (deep neural networks) methods. In addition to features learned by deep networks, we investigate various types of manually engineered features that reflect the characteristics of legal documents. Our best model that combines bidirectional long short-term memory networks and conditional random fields achieves 95.35% in the F1 score on a corpus consisting of more than 11 thousand sentences from Vietnamese law and regulatory documents.

ABSTRACT. Outsourced database service helps data owners save initial investment in hardware, software and they are always supported by experienced staff. However, because the database is stored in the service provider’s server and retrieves data through the Internet environment, the owner’s data may not be secure. A good way to protect their data is that data always are encrypted before storing. This leads to when data is queried, the owner must make sure returned data is valid. To do that, the returned results have to be verified . In this paper, we propose a batch verification scheme based on multiple hard problems, and offer that scheme to verify the outsourced encrypted database. Analysis and experimental results present the effectiveness of the proposed method in the case of dynamic database.

ABSTRACT. The most efficient way of securing Web applications is searchingand eliminating threats therein (from both malwares and vulner-abilities). In case of having Web application source codes, Websecurity can be improved by performing the task to detecting mali-cious codes, such as Web shells. In this paper, we proposed a modelused a deep learning approach to detect and identify the maliciouscodes inside PHP source files. Our method relies on (i) using patternmatching techniques by applying Yara rules to build a malicious andbenign datasets, (ii) converting the PHP source codes to a numeri-cal sequence of PHP opcodes and (iii) applying the ConvolutionalNeural Network model to predict a PHP file whether embedding amalicious code such as a webshell. Thus, we validate our approachwith different webshell collections from reliable source publishedin Github. The experiment results show that the proposed methodachieved the accuracy of 99.02% with 0.85% false positive rate.

ABSTRACT. In the traditional digital signature scheme, anyone can check the validity of a signer's signature. However, in some practical applications, such as e-Voting, e-Health, e-Payment, e-Bidding where the privacy of the signer is required, it is necessary that there is only one responsible person who is able to check the validity of the signer's signature. There exists a few solutions for this problem such as combining the traditional digital signature scheme with an encryption scheme or using the strong designated verifier signature scheme with judgment. In this paper, we propose another solution for this problem, we name \emph{one-verifier signature} scheme. Compare among three solutions, our proposed solution is the best one in term of efficiency.

ABSTRACT. This paper aims to detect and analyse some problems existed in the architectural framework for Vietnamese e-government published by Ministry of Information and Communication in 2015. To resolve that problems, some suitable solutions have been proposed.