Ant Colony Optimisation for E-Learning Applications Over a Secure Network

This work was initiated when Paraschool, the French leading e-learning company contacted the INRIA research center to conceive an automatic algorithm that would allow the relatively rigid albeit functional existing Paraschool software to behave differently depending on user specificities. After several brainstorming sessions where neural networks, evolutionary algorithms and other artificially intelligent techniques were considered, it appeared that swarm-like algorithms could be used, thanks to the great number of actual users (more than 10000) and more especially ant-based probabilistic optimisation that could easily be grafted on the existing pedagogical graph constituted by the Paraschool software.

Moreover, Ant Colony systems present the interesting property of exhibiting emergent behaviour that allow individuals to benefit from the dynamic experience acquired by the collectivity, which means, in pedagogic terms that a student could benefit from the pedagogic lessons drawn out of his peers’ successes and failures.

The implementation of these algorithms yields results that go beyond the requirements of the Paraschool company which will soon be experimenting in real size the automatic dynamic optimisation of the pedagogic graph (their set of interconnected lessons and exercises) implemented by their software. This paper successively presents a concise description of human-learning concepts and their software implementation, a short description of the technical implementation of the Ant-Colony based optimisation algorithm and a discussion on the use of various selection operators. A set of experiments is then conducted, showing that erroneous arc probabilities can be automatically corrected by the system.

II. ELEMENTS ON THE PHILOSOPHY OF LEARNING

The main concepts of teaching and learning used nowadays are still very old. The two main currents are Constructivism, that was elaborated by Kant and Behaviourism: a theory that came from Pavlov’s experiments.

A. Constructivism

In 1781, Kant tried to synthesize rationalist and empiricist viewpoints. Kant sees the mind as an active agent, that organizes and coordinates experiences. Along these lines, Piaget states that knowledge is not simply “acquired,” by children bit by bit, but constructed into coherent, robust frameworks called
“knowledge structures.” Children are not passive absorbers of experience and information, but active theory builders. Papert, a mathematician, and one of the early pioneers of Artificial Intelligence (he founded the Artificial Intelligence Laboratory at MIT), worked with Piaget at the University of Geneva

IV. IMPLEMENTATION OF THE ANT COLONY:

ALGORITHMIC OVERVIEW

All nodes (html pages) of the new Paraschool software now contain a new ACO-powered NEXT button that leads the user along an arc chosen by a selection algorithm (see section V), based on the probability associated with the arc. This probability is computed by taking several factors into account in the design of a weighted fitness function described in the next section. These factors are the following and play at both
the individual and collective levels:

A. Pedagogic Weights: W

This pedagogical weight is the main value of each arc. It is implemented as a static (i.e. “global”) variable (W), accessible to all ants. (W) is set by the Paraschool teachers and reflects the relative importance of the arcs that come out of a particular node. In other words, the teachers encourage the students to go toward such or such exercise after such or such lesson by giving the corresponding arc a higher weight. This valuation of the graph describes the pedagogic structure that will be optimized by the ACO algorithm

B. Pheromones: S and F

There are two kinds of pheromones that can be released on arcs to reflect students’ activity:

S: success pheromone.
This floating point value is incremented by ants/students on the adequate incoming arcs when
they are successful in completing the corresponding exercise.

F: failure pheromone.
This last value is S’s counterpart for failure. These pheromones are released not only on the arc that
led the ant to that node but also on previous ones in the ant’s history with decreasing amplitude.

This is meant to reflect the fact that the outcome of a particular node (exercise) is influenced by all the nodes (lessons, exercises) the ant went through before but with an influence that, of course, diminishes with time. For obvious pragmatical reasons, this “back propagation” of pheromone release is limited in scope (atypical value of 4 has been agreed upon). To illustrate this, let us consider an ant that went through nodes A,B,C,D,E,F and that reaches node G. When it validates node G with success, 1 unit of success pheromone is dropped on arc (F,G), 1/2 unit on arc (E,F), 1/3 of a unit on arc (D,E) and 1/4 on arc (C,D). In addition, to allow for dynamic adaptability of these pheromone amounts (S and F), evaporation is performed on a regular basis, usually every day, by reducing S and F in a given proportion _ typically around 0.999.

CONCLUSIONS AND PERSPECTIVE

Paraschool wanted a smart automatic system that could adapt to different users without manual intervention, which would be totally unrealistic to envisage on 10000 students. The ant-based system described in this paper not only offers such automatic features by gradually modifying pedagogic paths suggested by teachers using collective experience and by making the structure individual-specific thanks to variables such as H but also comes up with emergent informations that can be used as a refined auditing tool to help the pedagogical team identify the strengths and weaknesses of the software and pedagogic material.

From a more theoretical standpoint, this work can be seen as a new take on Interactive Evolutionary Computation where the solution to a problem is gradually constructed and modified by multiple interacting entities with different and possibly opposite goals. A creative and robust compromise can be reached that balances all the influences and constraints, which allows all participating entities to benefit from an emergent culture and to enhance their decision making processes accordingly. This suggest a great deal of new and exciting applications in the field of Collective Cognition Modelling and Collective Evolutionary Design.

Tips for Securing Your Network

When computer networks were isolated within the walls of offices, an Internet connection was a luxury and not a critical component of business functions. That has now completely changed for businesses that rely on computers to acquire and deliver services. Customers, business partners, remote office locations, and mobile workers expect connectivity to your office network. This interconnected nature of networks opens doors to new levels of productivity; and to threats that can disrupt business.

Securing your network should not be an afterthought; it just makes business sense. The benefits of a secure network are numerous:

It is more reliable, has fewer problems, and consequently costs less to maintain.
It improves productivity across all your stakeholders: customers, partners, and employees.
It protects your investment in bandwidth by controlling abusive use and unwitting hosting.
It lowers your exposure to legal and regulatory action.

In this article I highlight numerous tips for securing networks. This information was gleaned from research of published industry best practices and tips from government sites, such as the FCC, and from our own experience in supporting business networks.

The tips presented here can significantly enhance your computer network security. Do note, however, that no one can guarantee absolute security. You need to carefully balance the requirements for implementing security with proper investments in time and money, while keeping business objectives squarely in mind. These tips are organized into a few key strategies.

Employee Education and Policy Strategy

Provide Security Training: All employees, includes managers and executives, should be educated on basic security practices and how to protect sensitive business information. Establish policies and rules, including penalties for violating them, on how to protect sensitive data and make training available on a regular basis. Topics include: whether and when to use Web for personal use on office computers, instant messaging, social networking sites, streaming video and music, if and how company monitors Web usage, prohibited activities, tips for safe browsing, common techniques used by hackers and how to avoid falling prey.

Use Strong Passwords: Passwords are the most common method for gaining access to network resources. Unfortunately, they are also easy to hack through the use of automated tools. Train staff to use their passwords as they would their home keys: don’t leave them lying around and don’t share them. Strong passwords typically use a combination of letters, numbers and symbols, are at least 8-characters long, are changed every quarter, and differ significantly from previous passwords.

Regulate Access to Information: You probably don’t want to give everyone full access to everything. The judicious use of network user groups and permissions ensure network resources and data are available on a business need basis and that the Administrator account is only provided to trusted resources and executives and used only when necessary. Many line-of-business applications support roles, such as Sales, Operations, Accounts Payables, etc. to provide access to data they maintain on a business need basis.

Internal Network Strategy

Implement Backup and Disaster Recovery Procedures: Core business data is the lifeblood of any business. Implementing a multi-level backup procedure; image, file and folder, and offsite, is a simple way to protect critical data. Backup and Disaster Recovery (BDR) appliances take this a step further by helping you quicken server recovery in case of failure. Testing your backups periodically is an important component of any backup strategy.

Implement Desktop and Server Virus Protection: These software solutions have been around for a long time and they continue to evolve as threats evolve. Keep your anti-malware software current and its definitions current.

Patch Desktops and Servers Regularly: Security vulnerabilities in the operating system and in applications are regularly addressed by reputable software vendors. Take advantage of them. Keeping security patches current from your software vendors protects your computer from known attacks and vulnerabilities. Again, there are centralized patch management tools that make the process less time consuming.

Centralize Computer Administration: By implementing a server and applying a group policy across computers, you can standardize the process and save each user the time it takes to implement configurations one computer at a time. There are tools to centrally manage virus updates, security patches, desktop firewall, permission groups, and other security features.

Secure Physical Access: Do not overlook the physical location of your critical network infrastructure. These should be accessible to trained and trusted employees. Keeping this infrastructure secure in a locked room or server closet will reduce inadvertent or fraudulent access or change to network.

Secure WiFi Access: WiFi access to the network enables even mobile employees to be productive. Data, as it travels over the air is typically less secure than when it travels over wired networks. Information traveling over the air is at risk of interception. Use wireless data encryption protocols to ensure that data is encrypted during transit from source to destination to protect against risk or interception. Also, setup wireless access point for guests on a separate subnet so they can access the Internet but not your network.

External Network and Perimeter Strategy

Consider Outsourcing Email Services: Corporate email has become mission critical for businesses of all sizes. If you do not have a mission-critical application support infrastructure internally, consider outsourcing your email infrastructure. The widespread availability of such solutions from key industry vendors makes these affordable. And you can leave the worry of securing and maintaining such infrastructure in the hands of those that do it 24×7.

Secure the Perimeter: Connecting your network to the Internet allows you and your employees to gain access to valuable data and be productive even when on the run, but it also exposes your network to attack from intruders. Most small businesses use consumer grade routers/firewalls to protect the edge of their network that is right behind the broadband modem. Though these devices have grown in functionality, they aren’t equipped to handle the perimeter security needs of a business. With business grade routers/firewalls/UTM (Universal Threat Management) appliances, you gain a powerful hardware platform that provides ability to filter malicious traffic and spam from the outside, receive regular security updates, provide secure remote access, implement intrusion detection and prevention services, and prevent infectious code from executing from trusted but compromised sites.

Stay Informed and Vigilant: There are numerous industry and government sites dedicated to network security. Stay informed as data and practices continue to evolve. Business-grade UTM appliances are designed to be monitored remotely from security operations centers and to send reports and alerts that may need attention.

Request Links to Related Resources

If you found this topic of interest, I encourage you to request a list of additional resources you can download at no cost. Simply email: info@rcare-solutions.com with the words “Network Security Tips” in the Subject line.

Secure, Network Compliant BYOD Solutions Are NOT a Myth

In a recent article featured on Forbes.com, Bring Your Own Device (BYOD) is described as an inevitable component of the evolving office ecosystem. In the same article, a statistic borrowed from an IBM study & reveals that 81% of organizations reported their employees are using their personal mobile devices to connect to “company resources”. If you are an AV integrator or the head of IT, this statistic probably conjures fears of rampant network security risks.

But BYOD doesn’t necessarily equate to network security problems. Based on the current trend of using mobile devices in the workplace – secure, network compliant BYOD solutions are almost certain to arrive in the very near future. It is up to technology innovators to meet the market demand by developing, testing, vetting, and integrating the products to keep up with the trends we see around us. In short, embracing the changing workplace dynamics – and the products that support them – is likely the only way forward.

Like any other disruptive trend in technology, there are growing pains in the adoption phase. One of the biggest growing pains for BYOD in the workplace is security. So what does a secure BYOD solution look like?

We have identified 3 key criteria for secure, network compliant BYOD solutions.

1. Routable TCP/IP Traffic with Adjustable Base Ports

The complexity of many corporate and campus networks is often matched only by their uniqueness. After all, the many subnets and VLANs included on the enterprise network were set up to serve the unique requirements of the specific organization. Therefore the likelihood of any other enterprise having the same network setup is infinitesimally small. This is why it’s so important that BYOD solutions that hit the network feature routable TCP/IP traffic with adjustable base ports – so the solution can be configured flexibly to fit the network without creating additional, unnecessary work for the IT department. This is also important in order to avoid violating IT policy, which could prohibit the deployment altogether.

2. Controlling Access from all those Devices

Another security risk associated with BYOD revolves around the regulation of access in the workplace once these devices are supported on the network. To use a common use case as an example, if a wireless BYOD presentation is taking place in the conference room, how do you prevent uninvited users from sharing content to from their device and disrupting the meeting?

For this reason, access control is our second criteria for BYOD solutions. A solution to this challenge would be to offer multiple access modes that can be set in-room or remotely. Access could then also be locked by an admin or left up to users in the room to determine when beginning a session. Additionally, access control options could be dynamic, which means they could be changed during a meeting without interrupting the flow of information posted to the shared display.

In addition to these modes, it would be ideal if any session could be closed once all in attendance have joined. This combination of access control options creates secure access for nearly every type of meeting and use case.

3. Remote/Centralized Management

It’s a hard truth that nearly all technology crashes at some point or another, and those crashes can lead to big issues for the IT department and the network. That’s why remote/centralized control is such an important factor for BYOD solutions, especially large deployments.

Not having the ability to monitor, configure, and update BYOD solutions on your network from a remote/centralized work station makes larger, more complex deployments difficult to manage. Ideally, there would be a way to support remote/centralized management of every instance across the network. Network administrators could then monitor, configure, and update settings for any/all instances from their workstation anywhere on the network.

With BYOD becoming a standard in work spaces, security is and will remain a paramount concern and consideration for evaluating new solutions. The best solutions with work with your existing network and make it (relatively) easy for your IT department to securely deploy, monitor, and manage the system. BYOD presents many inherent risks, but many of these risks can and should be addressed by solutions that work within secure network environments.