See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/324569418

A Hybrid Architecture to Enrich Context Awareness through Data Correlation

Conference Paper · April 2018

DOI: 10.1145/3167132.3167405

CITATIONS READS

0 42

7 authors, including:

Roger Machado Tiago Thompsen Primo

Universidade Federal de Pelotas Universidade Federal de Pelotas
7 PUBLICATIONS   2 CITATIONS    71 PUBLICATIONS   153 CITATIONS   

SEE PROFILE SEE PROFILE

Maurício L. Pilla Ana Marilza Pernas

Universidade Federal de Pelotas Universidade Federal de Pelotas
80 PUBLICATIONS   118 CITATIONS    54 PUBLICATIONS   142 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Ecosystem for Digital Education View project

SCALE - Smart Context Aware Learning Environments View project

All content following this page was uploaded by Maurício L. Pilla on 17 April 2018.

The user has requested enhancement of the downloaded file.

 A Hybrid Architecture to Enrich Context Awareness through
Data Correlation
Roger Machado Felipe Rosa Ricardo Almeida
Federal University of Pelotas Federal University of Pelotas Federal University of Pelotas
rdsmachado@inf.ufpel.edu.br fldrosa@inf.ufpel.edu.br rbalmeida@inf.ufpel.edu.br

Tiago Primo Mauricio Pilla Ana Pernas

Federal University of Pelotas Federal University of Pelotas Federal University of Pelotas
tiago.primo@inf.ufpel.edu.br pilla@inf.ufpel.edu.br marilza@inf.ufpel.edu.br

Adenauer Yamin
Federal University of Pelotas
adenauer@inf.ufpel.edu.br

ABSTRACT
Context awareness brings new challenges, and an important one is
how applications can manipulate the contextual data stored in more
than one model. In this research, we propose HACCD, a context-
aware architecture to process information based on hybrid models.
HACCD is designed to provide context awareness considering dif-
ferent stages: (i) acquisition of context; (ii) preprocessing stage;
(iii) context processing with a hybrid reasoning strategy; (iv) data
storage with the support of three database models; (v) repository
communication that enable access to contextual information; and,
(vi) correlation approach based on compositional rules that allow
the combination of data stored in distinct models. To validate our
architecture we designed and tested within some scenarios based on
information security. The obtained results showed that the possibil-
ity of correlating data from different natures could help to identify
richer situations, thus improving decision-making.
CCS CONCEPTS
• Human-centered computing → Ubiquitous and mobile com-
puting;
KEYWORDS
Context Awareness; Hybrid Reasoning; Context Correlation
ACM Reference Format:
Roger Machado, Felipe Rosa, Ricardo Almeida, Tiago Primo, Mauricio Pilla,
Ana Pernas, and Adenauer Yamin. 2018. A Hybrid Architecture to Enrich
Context Awareness through Data Correlation. In SAC 2018: SAC 2018: Sym-
posium on Applied Computing , April 9–13, 2018, Pau, France. ACM, New
York, NY, USA, 3 pages. https://doi.org/10.1145/3167132.3167405
Permission to make digital or hard copies of part or all of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for profit or commercial advantage and that copies bear this notice and the full citation
on the first page. Copyrights for third-party components of this work must be honored.
For all other uses, contact the owner/author(s).
SAC 2018, April 9–13, 2018, Pau, France
© 2018 Copyright held by the owner/author(s).
ACM ISBN 978-1-4503-5191-1/18/04.
https://doi.org/10.1145/3167132.3167405
1 INTRODUCTION
Ubiquitous computing or UbiComp is a concept in computer science
where computers are made available to human needs, following
the premise of having minimum involvement between the user and
the management of the computational infrastructure [7].
Due to the fast grown of ubiquitous computing in our everyday
life an increasing number of contextual data is continuously gener-
ated from different sources, formats, or semantics (i.e. ontologies,
relational data, rules,...) which is needed to be evaluated together
in order to identify situations of interest to the context-aware ap-
plications [3].
In this aspect, context awareness stands out as a resource to be
used by ubiquitous computing, which needs to deal appropriately
with modeling, storage, and processing of the various context data
provided by the applications. Context-aware applications can adapt
their behaviors to the changing environment with minimal human
intervention, but they introduce new challenges for application
developers [2].
Recently, several context modeling and reasoning strategies have
been developed, but these strategies can not, in their solution, deal
with the diversity of data acquired, and this adequate manipulation
can help on decision-making. Therefore, it is necessary to change
the approach used to one that combines the different representa-
tion models and the context reasoning strategies, called hybrid
approaches [3].
Context data stored in a single model may lead to problems
related to performance and disk usage [5]. Besides, it causes con-
cerns related to data processing, since it often becomes necessary to
utilize data correlation between different storage models. The moti-
vation of this paper emerges from the use of hybrid context models,
that is, the need to use different models to manage contextual data.
The main objective this work is treated these three research ques-
tions through of the conception of an architecture entitled “HACCD
(Hybrid Architecture to Correlate Contextual Data)”, which aims
to supply the use of hybrid context modeling in a more integrated
and convenient way.
To accomplish this, HACCD provides: (i) a preprocessing stage
to perform the normalization and contextualization of the collected
data; (ii) a processing Layer that offers multiple reasoning strate-
gies, which can be used either individually or in a combined form
SAC 2018, April 9–13, 2018, Pau, France
to perform the context processing; (iii) a Storage Layer which pro-
vides persistence with three different database models; (iv) a repos-
itory communication manager that enables access to contextual
information from the context-aware applications; (v) a context com-
positional correlation strategy, which allows the application to
combine information from different models, integrating contextual
information to offer a richer situation detection, thus improving
decision-making.
2 ARCHITECTURE PROPOSAL
The conception of the HACCD stands out in the following points:
(i) the creation of a preprocessing stage that uses a strategy for
performing the normalization and contextualization of collected
data; (ii) the conception of a hybrid context processing, offering
multiple reasoning strategies, that can be used either individually
or in a combined form; (iii) the design of a hybrid repository to store
contextual information, which provides the specific characteristics
of each database model used; (iv) the proposal of a strategy for
context correlation based on compositional rules, that can combine
the in a single rule information stored in different databases.
Figure 1 shows the proposed HACCD, demonstrating the dis-
tinct components contained in its architecture. In the following
subsections said components are briefly explained.
Figure 1: HACCD: Architecture Proposed
2.1 Medium Access Layer
The Medium Access Layer is responsible send and receive infor-
mation to the applications. This layer has two components: the
Collector and the Actuator. The Collector performs the acquisition
of events from different types of sensors, such as events about the
use of operating system resources and log files internal to the sys-
tem. Furthermore, this component can receive events from different
devices.
R. Machado et al.
2.2 Preprocessing Layer
The Preprocessing Layer performs the separation of the event in
different fields, later adding contextual information to help the pro-
cessing step. This component was designed due to normalization
and contextualization of the collected events. For the use in Pre-
processing Layer, grammars were developed based on predefined
context formats. As a consequence, the collected data is automati-
cally separated into fields. Furthermore, new contextual data can
be added, such as data related to IP address geolocation.
2.3 Processing Layer
In the design of the Processing Layer, we propose the use of three
of the main strategies for context reasoning [6]: (i) rules - which
perform the correlation of events in search of patterns described
in an easy to interpret syntax; (ii) ontology - can be used in two
forms, in the first, internal axioms in the ontology are used to
infer knowledge about the classes represented in the ontology, in
the second, external rules written in a language such as SWRL
(Semantic Web Rule Language) can be applied, allowing the system
to infer new context information about the ontology instances; (iii)
supervised learning - for this strategy, we decided to use decision
trees, because they are one of the main techniques utilized to classify
events [1].
The strategies used in the Processing Layer can be selected ac-
cording to the demand, being able to be used individually or com-
bined, reinforcing the flexibility of the solution.
2.4 Repository Communication Manager
The Repository Communication Manager is responsible for pro-
viding methods that enable the search, insertion, and deletion of
contextual information in the Storage Layer. For context-aware
applications using the Storage Layer, an interoperation interface
was designed to allow data manipulation, as well as to facilitate
this access regardless of the storage model used.
2.5 Storage Layer
With the conception of the Storage Layer with three storage mod-
els the HACCD can offer: (i) a relational model, which it has a
satisfactory behavior in many situations, being used to store the
relationship between application and the monitored sensor, provid-
ing easy access to the information and facilitating it’s modification
if necessary; (ii) a non-relational model, that makes better use of
disk space when storing semi-structured data in comparison to the
relational model; (iii) a triple model, which allows the manipulation
of ontological data more efficiently compared to its manipulation
in memory or using a relational model, strategies commonly seen
in other works.
In the proposed approach, the responsibility to determine which
model should be used to store contextual data is delegated to the
application.
2.6 Correlation Layer
The Correlation Layer performs the correlation of contextual infor-
mation using a strategy based on compositional rules. To allow the
use of data from different models in the same rule, it is necessary
to use markup tags that start with the symbol “#”. The tags will
 A Hybrid Architecture to Enrich Context Awareness through Data Correlation
be replaced by the specified return of the query responsible for
seeking this information in the Storage Layer. As for the return of
the auxiliary queries, one of the attributes that have been solicited
can be used. Alternatively, the method that verifies if the query
found some result can be used, returning “true” if this occurs, and
“false” otherwise.
3 PROPOSAL EVALUATION
This section describes a usage scenario that explores the proposed
HACCD. In this scenario, the use of rule-based reasoning and on-
tology is contemplated in the Processing Layer, an example of the
utilization of supervised learning can be seen in [4]. In the Stor-
age Layer, the non-relational and the triple model are used, the
information contained in these two models is combined with the
application using the proposed Correlation Layer.
This usage scenario explores the ISO 27002, which contains
a practice code for the management of information security, an
ontology was used for mapping the structure of ISO 27002, including
its controls, assets, threats, and vulnerabilities. New classes were
added in the ontology, aiming to facilitate access to information of
interest. The ontology was stored in the Triple Store.
As a source for context acquisition, we explored the monitor-
ing of the ModSecurity Web Application Firewall logs, which has
been correctly configured to identify breaks in the Web applica-
tions password policy. After that, the collection is handled by the
Preprocessing Layer, which performs the division of the collected
log into fields.
Next, the identification of the situation of interest is performed
by the Processing Layer using rule-based reasoning. The rule used is
responsible to detect the complexity requirements situation, which
is a situation related to password policy. Said rule verifies if any of
the collected logs have the phrase “password does meet complexity
Requirements” as the value of the “message” field. After that, the
records related to the password policy violation are sorted, as an
example, "Password does meet complexity requirements" is clas-
sified as "category = security policy", "subcategory = passwords
policy" and "situation = ComplexityRequirements". The identified
situations are stored in the non-relational model of the Storage
Layer since the situations have a semi-structured format.
Following the identification of the situation and its storage in the
Storage Layer, the Correlation Layer can be used with the execution
of the rule if(#1 && #2) “a”. The tag # 1 is replaced by the
query responsible for seeking the situations where the attribute
“subcategory” has the value equal to “ComplexityRequirements” in
the non-relational model.
The tag #2 is replaced by the SPARQL query which searches the
controls related to “ComplexityRequirements” according to the ISO
27002 ontology and the properties “controlStatement”, “implemen-
tationGuidance”, “otherInformation”.
The method that verifies if the query has encountered some re-
sult was used as a condition in the compositional rule. When the
situation is detected, the Medium Access Layer receives a requi-
sition and the Actuator component performs the pre-configured
View publication stats
SAC 2018, April 9–13, 2018, Pau, France
action represented by “a”. In this case, said action refers to sending
an e-mail to security information analysts. This e-mail is composed
of an incident notification message, along with controls established
in the ISO 27002 that will serve as suggestions for improvements
to be performed, the analysts are then responsible for evaluating
the need of taking actions to reinforce the password policy.
4 CONCLUSION
Considering the challenges faced by context-aware applications
with the use of hybrid models, the following contributions have
been achieved with the development of this work: (i) the design
of an architecture that supports hybrid context modeling; (ii) the
proposal of a Preprocessing Layer to perform the normalization
and contextualization of the collected data; (iii) the conception of a
Processing Layer that provides multiple reasoning strategies, which
can be used individually or in a combined way; (iv) the proposal of a
Storage Layer which provides persistence in three different models;
(v) the conception of a Repository Communication Manager that
enable access to contextual information from the context-aware
applications; and (vi) the design of a correlation strategy, which
has as its differential the possibility of combining data stored in
different database models.
Among the issues raised for the continuation of this work, we
can be mention the following: (i) develop interfaces that use data
visualization techniques in order to facilitate the interpretation
of the stored contextual information and identified situations; (ii)
use the HACCD in different use cases, for example, in educational
environments, which often use models based on ontologies along
with relational models.
5 ACKNOWLEDGMENTS
This work was supported by CAPES/Brasil (Programa Nacional de
Cooperação Acadêmica da Coordenação de Aperfeiçoamento de
Pessoal de Nível Superior - PROCAD)
REFERENCES
[1] A. Ammar. Apr. 2015. A Decision Tree Classifier for Intrusion Detection Priority
Tagging. Journal of Computer and Communications, Riyadh 3 (Apr. 2015), 52–58.
[2] Asad Masood Khattak, Noman Akbar, Mohammad Aazam, Taqdir Ali,
Adil Mehmood Khan, Seokhee Jeon, Myunggwon Hwang, and Sungyoung Lee.
2014. Context Representation and Fusion: Advancements and Opportunities.
Sensors 14, 6 (2014), 9628–9668. https://doi.org/10.3390/s140609628
[3] Xin Li, Martina Eckert, José-Fernán Martinez, and Gregorio Rubio. 2015. Context
Aware Middleware Architectures: Survey and Challenges. Sensors 15, 8 (2015),
20570. https://doi.org/10.3390/s150820570
[4] R. S. Machado, R. B. Almeida, A. C Yamin, and A. M. Pernas. 2015. LogA-DM: An
Approach of Dynamic Log Analysis. IEEE Latin America Transactions 13, 9 (Sept
2015), 3096–3102. https://doi.org/10.1109/TLA.2015.7350064
[5] J. Maowa, A. H. M.S. Hoque, R. Mustafa, and M. O. Rahman. 2017. A COMPAR-
ATIVE STUDY ON BIG DATA HANDLING USING RELATIONAL AND NON-
RELATIONAL DATA MODEL. (IJDKP) 7, 3 (May 2017). https://doi.org/10.5121/
ijdkp.2017.7302
[6] C. Perera, A. Zaslavsky, P. Christen, and D. Georgakopoulos. 2014. Context
Aware Computing for The Internet of Things: A Survey. Communications Surveys
Tutorials, IEEE 16, 1 (First 2014), 414–454. https://doi.org/10.1109/SURV.2013.
042313.00197
[7] M.A. Razzaque, M. Milojevic-Jevric, A. Palade, and S. Clarke. 2016. Middleware
for Internet of Things: A Survey. Internet of Things Journal, IEEE 3, 1 (2016), 70–95.
https://doi.org/10.1109/JIOT.2015.2498900