Klieme, E., Wilke, J., van Dornick, N., Meinel, C.: FIDOnuous: A FIDO2/WebAuthn Extension to Support Continuous Web Authentication.2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). pp. 1857-1867 (2020).
Grüner, A., Mühle, A., Meinel, C.: A Taxonomy of Trust Models for Attribute Assurance in Identity Management.Proceedings of the Workshops of the International 34th Conference on Advanced Information Networking and Applications. Springer, Caserta, Italy (2020).
Attribute providers are trusted third parties in decentralized and federated identity management patterns. Service providers evaluate trust in delivered attributes with attribute assurance techniques because user properties are highly important for service provisioning. Levels of assurance define verification measures forming common ground for trust in attributes delivered by a particular provider. Beyond that, trust models that are tailored to attribute assurance in identity management enable flexible trust decisions that consider multiple attribute providers. Over time, various trust schemes for attribute assurance that address different characteristics have been proposed. We present existing models in this domain and analyze them with regard to trust scale, trust applicability, attribute aggregation, trust composition and centralization of trust. Based on the results, we create a taxonomy to arrange the trust models. Supported by this classification scheme, we devise gaps in the model coverage and propose associated future research directions.
Sauder, J., Hu, T., Che, X., Mordido, G., Yang, H., Meinel, C.: Best student forcing: A simple training mechanism in adversarial language generation.Proceedings of The 12th Language Resources and Evaluation Conference. p. 4680--4688. ELRA, Marseille, France (2020).
Sukmana, M.I.H., Torkura, K.A., Prasetyo, S.D.S., Cheng, F., Meinel, C.: A Brokerage Approach for Secure Multi-Cloud Storage Resource Management.Proceedings of the 16th EAI International Conference Security and Privacy in Communication Networks (SecureComm 2020). Springer (2020).
Hu, T., Meinel, C.: Text Generation in Discrete Space.Proceedings of ICANN 2020. p. 721--732. Springer LNCS, Bratislava, Slovakia (2020).
Bartz, C., Seidel, L., Nguyen, D.-H., Bethge, J., Yang, H., Meinel, C.: Synthetic Data for the Analysis of Archival Documents: Handwriting Determination.Proceedings of the Digital Image Computing: Technqiues and Applications (DICTA) 2020. , Melbourne, Australia (2020).
Eslami, S., Adorján, P., Meinel, C.: SehMIC: Semi-hierarchical Multi-label ICD Code Classification.CEUR Workshop Proceedings (2020).
Automatic ICD code assignment to clinical notes is a benefi-cial, but challenging task due to the large number of possible ICD codesand a small number of available data. It becomes even more challeng-ing in multilingual settings with resource-poor languages, in which thenumber of available annotatedtextualdata is generally very small. Inthis work, we presentSehMIC, a semi-hierarchical multi-label classifica-tion approach which leverages the knowledge about the structure of ICDcodes to assign them to Spanish discharge letters. This approach classifiesdifferent sections of the ICD code separately for a given letter. It achievesthe final ICD code by concatenation of the predicted code sections andpruning the unlikely combinations by using an empirical a priori distribu-tion. Moreover, we utilize a transfer learning approach using pre-trainedmultilingual BERT to achieve contextual document representations forSpanish discharge letters. Data augmentation is also performed in orderto exploit more data in the learning process. SehMIC achieves 0.1 and0.004 MAP scores on the dev and test datasets, respectively. This workis done by our nlp4life team at CLEF eHealth 2020 Task 1 challenge onMultilingual Information Extraction.
Bin Tareaf, R., Alhosseini, S.A., Meinel, C.: Does Personality Evolve? A Ten-Years Longitudinal Study from Social Media Platforms.2020 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking, ISPA/BDCloud/SocialCom/SustainCom 2020, Exeter, UK, December 17-20, 2020. IEEE (2020).
Tietz, C., Klieme, E., Brabender, R., Lasarow, T., Rambold, L., Meinel, C.: Under Pressure: Pushing Down on Me - Touch Sensitive Door Handle to Identify Users at Room Entry. In: Samarati, P., di Vimercati, S.D.C., Obaidat, M.S., and Ben-Othman, J. (eds.) Proceedings of the 17th International Joint Conference on e-Business and Telecommunications, ICETE 2020 - Volume 2: SECRYPT, Lieusaint, Paris, France, July 8-10, 2020. p. 565--571. ScitePress (2020).
Staubitz, T., Meinel, C.: A Systematic Quantitative and Qualitative Analysis of Participants’ Opinions on Peer Assessment in Surveys and Course Forum Discussions of MOOCs.2020 IEEE Global Engineering Education Conference (EDUCON). pp. 962-971 (2020).
Bothe, M., Renz, J., Meinel, C.: On the Acceptance and Effects of Recapping Self-Test Questions in MOOCs.2020 IEEE Global Engineering Education Conference (EDUCON). pp. 264-272 (2020).
Learners in Massive Open Online Courses (MOOCs) are reiterating over the provided course material - especially self-tests - to consolidate their knowledge. This is a manual and often cumbersome process as MOOC platforms do not provide personalized revision opportunities. This paper introduces the design and concept of a flashcard-like recap tool based on spaced repetition learning techniques. The recap material is derived from existing self-test questions. The usage rates of the recap tool were observed in three courses and peaked before graded assignments, primarily before the final exam. When choosing the question quantity, learners preferred either the smallest option or wanted to revise all of the available questions, whereas the average number of questions per recap session increases over time. Recap tool users who completed a recap session showed smaller error rates than those who stopped a recap session abruptly, while learners who skipped questions performed worst. Course participants who used the recap tool throughout the course achieved on average more of the available points. Statistically highly significant differences were detected for all observed courses. An additional survey (N=79) gathered qualitative feedback and impressions from the learning community.
Bothe, M., Meinel, C.: When Do Learners Rewatch Videos in MOOCs?2020 IEEE Learning With MOOCS (LWMOOCS). pp. 148-151 (2020).
Mobile applications for MOOCs (Massive Open Online Courses) offer the possibility to download learning material to enable network independent learning sessions. The management of downloaded content on mobile devices is a manual process for the learner, which has the potential for automation. This includes the deletion of learning material that is likely to be no longer consumed. In this paper, a metric was defined to quantify learners’ references to previous videos based on the order in which the videos were viewed. In an observational study involving three MOOCs in the field of computer science and IT systems engineering, learners referred to previous video content only a single time on average. Outliers made use of earlier content up to 44 times during a course. Referenced videos belonged in most cases to the current or previous course section. The learners referred more often to previous videos during the course period compared to when participating in self-paced mode, while learners who earned a record of achievement referred to previous videos significantly more frequently than those who did not.
Bothe, M., Meinel, C.: On the Potential of Automated Downloads for MOOC Content on Mobile Devices.2020 IEEE Learning With MOOCS (LWMOOCS). pp. 58-63 (2020).
Mobile applications for MOOC platforms often can download learning material—namely videos—for later usage without the need for an Internet connection. As learners want to perform such data-intensive tasks with a WiFi connection, manual planning is required. By automating the download management, learners can be supported by always having video material available independent of the current Internet connection. This work examines the current download behavior shown in three MOOC courses. Hereby, influencing factors like the dependence on time and date, as well as the network state were analyzed. The results show that learners are already aware of data-intensive learning activities. They mostly download videos when connected to a WiFi network and consume pre-downloaded video content when using a cellular connection. An estimate of the potential for automated downloads using a simplified approach revealed the possibility of making an additional 19% of the video consumption network independent. The download behavior in the three courses examined differed noticeably so that automated downloads should be seen as an additional feature that can be activated per course.
Rohloff, T., von Schmieden, K., Meinel, C.: Students’ Satisfaction of a Design Thinking MOOC with Personalized Learning Objectives.IEEE Learning With MOOCs (LWMOOCS 2020). p. 37--41. IEEE (2020).
Due to their openness and low barriers to enroll, most Massive Open Online Courses (MOOCs) offer free access to knowledge for almost everyone. This attracts a large number of learners, each with their own individual intentions and motivations to join a course. However, personal support and guidance can almost never be provided at this scale. All learners have to follow the same usually weekly structured content and the learning success is only measured by the achievement of a certificate. To overcome this one-size-fits-all approach with technical means, we introduced a tool for Personalized Learning Objectives. This enables learners to achieve more individual objectives in courses, follow different learning paths, and link their motivations and intentions to the definition of learning success. Previous studies have already examined, among other aspects, the usefulness, acceptance, and achievement rates of learning objectives in MOOCs. In this complimentary research, the satisfaction of students with and without a selected learning objective is compared in a course on topics from the field of Design Thinking.
Bethge, J., Bartz, C., Yang, H., Meinel, C.: BMXNet 2: An Open Source Framework for Low-bit Networks-Reproducing, Understanding, Designing and Showcasing.Proceedings of the 28th ACM International Conference on Multimedia. p. 4469--4472 (2020).
Serth, S., Teusner, R., Meinel, C.: Digitale Arbeitsblätter mit interaktiven Programmieraufgaben im Informatik-Unterricht. In: Zender, R., Ifenthaler, D., Leonhardt, T., and Schumacher, C. (eds.) Lecture Notes in Informatics (LNI) - Proceedings: DELFI 2020 – Die 18. Fachtagung Bildungstechnologien der Gesellschaft für Informatik e.V. pp. 235-246. Gesellschaft für Informatik e.V. (GI), Bonn, Germany (2020).
Moderner Informatikunterricht umfasst das Erlernen von Grundlagen des Programmierens. Dabei verwenden Lehrer häufig bereits vorhandene Videos, Quizfragen und praktische Programmieraufgaben aus Massive Open Online Courses (MOOCs), obwohl derzeit die Möglichkeiten zur Anpassung der Inhalte und dem Hinzufügen eigener Materialien für Lehrer begrenzt sind. Unsere Software ermöglicht es Lehrern, ihre eigenen interaktiven Arbeitsblätter mit angepassten und eigenen Übungen zu erstellen. Im Rahmen einer praktischen Evaluierung wurde das Konzept von Schülern und Lehrern gleichermaßen gut angenommen: Lehrer hatten mehr Zeit für die Beantwortung individueller Fragen und Schüler konnten in ihrem eigenen Tempo mithilfe automatisierter Rückmeldungen lernen. Für die Vorbereitung zukünftiger Unterrichtsstunden schätzten Lehrer die Möglichkeit, häufige Fehler auszuwerten, um so zuvor unerkannte Probleme besprechen zu können. Interaktive Arbeitsblätter fördern individualisierte Lernprozesse, unterstützen Lehrer in der Unterrichtsgestaltung und sind somit ein wichtiger Bestandteil digitaler Bildung an Schulen.
Staubitz, T., Traifeh, H., Chujfi, S., Meinel, C.: Have Your Tickets Ready! Impede Free Riding in Large Scale Team Assignments.Proceedings of the Seventh ACM Conference on Learning @ Scale. pp. 349–352. Association for Computing Machinery, Virtual Event, USA (2020).
Teamwork and graded team assignments in MOOCs are still largely under-researched. Nevertheless, the topic is enormously important as the ability to work and solve problems in teams is becoming increasingly common in modern work environments. The paper at hand discusses the reliability of a system to detect free-riders in peer assessed team tasks.
Rohloff, T., Sauer, D., Meinel, C.: Students’ Achievement of Personalized Learning Objectives in MOOCs.Proceedings of the Seventh ACM Conference on Learning at Scale (L@S 2020). p. 147--156. Association for Computing Machinery (2020).
Massive Open Online Courses (MOOCs) provide the opportunity to offer free and open education at scale. Thousands of students with different social and cultural backgrounds from all over the world can enroll for a course. This diverse audience comes with varying motivations and intentions from their personal or professional life. However, course instructors cannot offer individual support and guidance at this scale and therefore usually provide a one-size-fits-all approach. Students have to follow weekly-structured courses and their success is measured with the achievement of a certificate at the end. To better address the varying learning needs, technical support for goal-oriented and self-regulated learning is desired but very limited to date. Both learning strategies are proven to be key factors for students' achievement in large-scale online learning environments. Therefore, this paper presents a continuative study of personalized learning objectives in MOOCs to encourage goal-oriented and self-regulated learning. Based on the previously well-perceived acceptance and usefulness of the concept of personalized learning objectives, this study examines which learners select an objective and how successful they complete objectives. Concerning the learners' socio-demographic and geographical background, we could not identify any practical significant difference between students with selected learning objectives and the total course population. However, we have identified promising objective achievement rates, and we have observed a practical significant improvement of the certification rates comparing the total course population and students who selected an objective that included a graded certificate. This has also demonstrated a method for calculating more reasonable completion rates in MOOCs.
Rohloff, T., Schwerer, F., Schenk, N., Meinel, C.: openSAP: Learner Behavior and Activity in Self-Paced Enterprise MOOCs.Proceedings of the 13th International Conference on E-Learning in the Workplace (ICELW 2020). ICELW (2020).
Massive Open Online Courses (MOOCs) have been a subject of research since 2012, especially in the context of professional development and workplace learning due to their flexible schedule and format, which is a prerequisite for on the job learning. But MOOCs often do not fulfill the promise of flexible learning as it is only possible to achieve a certificate during the course runtime. An unpredictable workload and thus a lack of time often results in not showing up to a course or dropping out during the course runtime. Therefore, some platform content remains accessible even after the course runtime in self-paced mode. These courses differ from live courses as participants still can access all of the content and the discussion forum in read-only mode, but are not able to take the graded assignments and exams which are a prerequisite to achieving a certificate at the end of a course. Even though it is only possible by paying a fee to earn a graded certificate for these self-paced courses, we identified a high share of additional enrollments after the course end that suggests there is still interest from participants. Nevertheless, learning behavior in self-paced courses has not been a major subject of research, yet. This work contributes to closing this research gap by exploring the learner behavior in self-paced courses. The results show tendencies of more time-efficiency and engagement of self-paced learners under certain conditions and pave the way for further research and practical applications.
Alhosseini, S.A., Bin Tareaf, R., Meinel, C.: Engaging with Tweets: The Missing Dataset On Social Media.RecSys Challenge '20: Proceedings of the Recommender Systems Challenge 2020, Virtual Event Brazil, September, 2020. p. 34--37. ACM (2020).
von Schmieden, K., Mayer, L., Taheri, M., Meinel, C.: Iterative Course Design in MOOCs: Evaluating a protoMOOC.Proceedings of the Design Society: International Conference on Engineering Design. pp. 539-548. Cambridge University Press (2019).
von Schmieden, K., Staubitz, T., Mayer, L., Meinel, C.: Skill Confidence Ratings in a MOOC: Examining the Link between Skill Confidence and Learner Development.CSEDU (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Identifying Data Exposure Across Distributed High-Dimensional Health Data Silos through Bayesian Networks Optimised by Multigrid and Manifold.2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). p. 556--563. IEEE (2019).
Bartz, C., Yang, H., Bethge, J., Meinel, C.: LoANs: Weakly Supervised Object Detection with Localizer Assessor Networks. In: Carneiro, G. and You, S. (eds.) Computer Vision -- ACCV 2018 Workshops. p. 341--356. Springer International Publishing, Perth, Australia (2019).
Recently, deep neural networks have achieved remarkable performance on the task of object detection and recognition. The reason for this success is mainly grounded in the availability of large scale, fully annotated datasets, but the creation of such a dataset is a complicated and costly task. In this paper, we propose a novel method for weakly supervised object detection that simplifies the process of gathering data for training an object detector. We train an ensemble of two models that work together in a student-teacher fashion. Our student (localizer) is a model that learns to localize an object, the teacher (assessor) assesses the quality of the localization and provides feedback to the student. The student uses this feedback to learn how to localize objects and is thus entirely supervised by the teacher, as we are using no labels for training the localizer. In our experiments, we show that our model is very robust to noise and reaches competitive performance compared to a state-of-the-art fully supervised approach. We also show the simplicity of creating a new dataset, based on a few videos (e.g. downloaded from YouTube) and artificially generated data.
Tietz, C., Klieme, E., Behrendt, L., Böning, P., Marschke, L., Meinel, C.: Verification of Keyboard Acoustics Authentication on Laptops and Smartphones Using WebRTC.2019 3rd Cyber Security in Networking Conference (CSNet). pp. 130-137 (2019).
Bothe, M., Rohloff, T., Meinel, C.: A Quantitative Study on the Effects of Learning with Mobile Devices in MOOCs.2019 IEEE International Conference on Engineering, Technology and Education (TALE). pp. 1-7 (2019).
Massive Open Online Course (MOOC) platforms were initially designed for a desktop learning experience delivered via the Internet. With the increasing acceptance of mobile devices, learners started accessing the MOOC platforms through the browser application on their smartphones and tablets. However, native mobile applications offer better system integration and enhance the learning experience. As the concept of mobile-assisted seamless learning emphasizes the ubiquitous access to learning material, the relevance of mobile devices in the learning process will increase further. This paper investigates the different learning behaviors when using mobile devices on the HPI MOOC platform. For this, influencing aspects, that can not always be controlled by the learner, are examined for native applications and mobile websites-such as the size of the screen and the current network state of the mobile device. The results of a quantitative study show highly significant differences between the usage of native applications, mobile websites, and the overall average of the HPI MOOC platform. It was proven that the size of the screen has a large practical effect when using native applications. Furthermore, course items and videos are more often consumed when the device is connected to a WiFi network. This study creates the basis for future research to improve the support of mobile-assisted seamless learning methods for MOOCs.
Rohloff, T., Sauer, D., Meinel, C.: Student Perception of a Learner Dashboard in MOOCs to Encourage Self-Regulated Learning.IEEE International Conference on Engineering, Technology and Education (TALE 2019). IEEE (2019).
In online learning environments like Massive Open Online Courses (MOOCs), where teachers cannot provide individual support and guidance for thousands of students, self-regulated learning (SRL) is a critical metacognitive skillset for students’ achievement. However, not every student intuitively self-regulates its learning and therefore technical solutions can help to apply SRL strategies. Learner dashboards with visualizations about the learner’s progress and behavior are able to create awareness, encourage self-reflection, and perhaps motivate students to plan and adjust their learning behavior to achieve their learning objectives. Hence, such Learning Analytics tools can support the SRL strategies self-evaluation and strategic planning. To examine this potential, a learner dashboard was integrated into the HPI MOOC platform. This work presents the design process, the concept, and an evaluation of the first dashboard iteration. The perceived usefulness and usability are investigated, and in addition, the question will be considered whether the dashboard encourages students to apply self-regulated learning. The positive results pave the way for future research and a next iteration of the learner dashboard.
Grüner, A., Mühle, A., Meinel, C.: Using Probabilistic Attribute Aggregation for Increasing Trust in Attribute Assurance.Proceedings of the 2019 IEEE Symposium Series on Computational Intelligence in Cyber Security. IEEE, Xiamen, China (2019).
Identity management is an essential cornerstone of securing online services. Service provisioning relies on correct and valid attributes of a digital identity. Therefore, the identity provider is a trusted third party with a specific trust requirement towards a verified attribute supply. This trust demand implies a significant dependency on users and service providers. We propose a novel attribute aggregation method to reduce the reliance on one identity provider. Trust in an attribute is modelled as a combined assurance of several identity providers based on probability distributions. We formally describe the proposed aggregation model. The resulting trust model is implemented in a gateway that is used for authentication with self-sovereign identity solutions. Thereby, we devise a service provider specific web of trust that constitutes an intermediate approach bridging a global hierarchical model and a locally decentralized peer to peer scheme.
Bin Tareaf, R., Alhosseini, S.A., Berger, P., Hennig, P., Meinel, C.: Towards Automatic Personality Prediction Using Facebook Likes Metadata. In: 14th International Conference on Intelligent Systems, I.E.E.E. and Knowledge Engineering, D. (eds.) The 14th IEEE International Conference on Intelligent Systems and Knowledge Engineering. IEEE, Dalian, China (2019).
Alhosseini, S.A., Bin Tareaf, R., Najafi, P., Meinel, C.: Detect Me If You Can: Spam Bot Detection Using Inductive Representation Learning.WWW19, World Wide Web Conference. ACM, San Francisco, USA (2019).
Graupner, H., Torkura, K.A., Sukmana, M.I.H., Meinel, C.: Secure Deduplication on Public Cloud Storage.Proceedings of the 2019 4th International Conference on Big Data and Computing. p. 34--41. ACM (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Towards Identifying De-anonymisation Risks in Distributed Health Data Silos.International Conference on Database and Expert Systems Applications. p. 33--43. Springer (2019).
Staubitz, T., Teusner, R., Meinel, C.: MOOCs in Secondary Education - Experiments and Observations from German Classrooms.2019 IEEE Global Engineering Education Conference (EDUCON). pp. 173-182 (2019).
Computer science education in German schools is often less than optimal. It is only mandatory in a few of the federal states and there is a lack of qualified teachers. As a MOOC (Massive Open Online Course) provider with a German background, we developed the idea to implement a MOOC addressing pupils in secondary schools to fill this gap. The course targeted high school pupils and enabled them to learn the Python programming language. In 2014, we successfully conducted the first iteration of this MOOC with more than 7000 participants. However, the share of pupils in the course was not quite satisfactory. So we conducted several workshops with teachers to find out why they had not used the course to the extent that we had imagined. The paper at hand explores and discusses the steps we have taken in the following years as a result of these workshops.
Bethge, J., Yang, H., Bornstein, M., Meinel, C.: BinaryDenseNet: Developing an Architecture for Binary Neural Networks.The IEEE International Conference on Computer Vision (ICCV) Workshops (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Attribute Compartmentation and Greedy UCC Discovery for High-Dimensional Data Anonymization.Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy. p. 109--119. ACM (2019).
Bin Tareaf, R., Alhosseini, S.A., Meinel, C.: Facial-Based Personality Prediction Models For Estimating Individuals Private Traits.The 12th IEEE International Conference on Social Computing and Networking ( IEEE SocialCom)). IEEE, Xiamen, China (2019).
John, C.T., Staubitz, T., Meinel, C.: Took a MOOC. Got a Certificate. What now?2019 IEEE Frontiers in Education Conference (FIE) (2019).
John, C.T., Staubitz, T., Meinel, C.: Performance of Men and Women in Graded Team Assignments in MOOCs.2019 Learning With MOOCS (LWMOOCS) (2019).
Traifeh, H., Staubitz, T., Meinel, C.: Improving learner experience and participation in MOOCs: A design thinking approach.2019 Learning With MOOCS (LWMOOCS) (2019).
Staubitz, T., Meinel, C.: Graded Team Assignments in MOOCs: Effects of Team Composition and Further Factors on Team Dropout Rates and Performance.Proceedings of the Sixth (2019) ACM Conference on Learning @ Scale. p. 5:1--5:10. ACM, Chicago, IL, USA (2019).
The ability to work in teams is an important skill in today's work environments. In MOOCs, however, team work, team tasks, and graded team-based assignments play only a marginal role. To close this gap, we have been exploring ways to integrate graded team-based assignments in MOOCs. Some goals of our work are to determine simple criteria to match teams in a volatile environment and to enable a frictionless online collaboration for the participants within our MOOC platform. The high dropout rates in MOOCs pose particular challenges for team work in this context. By now, we have conducted 15 MOOCs containing graded team-based assignments in a variety of topics. The paper at hand presents a study that aims to establish a solid understanding of the participants in the team tasks. Furthermore, we attempt to determine which team compositions are particularly successful. Finally, we examine how several modifications to our platform's collaborative toolset have affected the dropout rates and performance of the teams.
Bin Tareaf, R., Alhosseini, S.A., Meinel, C.: Cross-Platform Personality Exploration System for Online Social Networks: Facebook vs. Twitter.Journal of Web Intelligence Consortium (WIC). (2019).
Najafi, P., Mühle, A., Pünter, W., Cheng, F., Meinel, C.: MalRank: A Measure of Maliciousness in SIEM-based Knowledge Graphs.Proceedings of the 35th Annual Computer Security Applications Conference. p. 417--429. ACM (2019).
In this paper, we formulate threat detection in SIEM environments as a large-scale graph inference problem. We introduce a SIEM- based knowledge graph which models global associations among entities observed in proxy and DNS logs, enriched with related open-source intelligence (OSINT) and cyber threat intelligence (CTI). Next, we propose MalRank, a graph-based inference algorithm designed to infer a node maliciousness score based on its associations to other entities presented in the knowledge graph, e.g., shared IP ranges or name servers. After a series of experiments on real-world data captured from a global enterprise’s SIEM (spanning over 3TB of disk space), we show that MalRank maintains a high detection rate (AUC = 96%) outperforming its predecessor, Belief Propagation, both in terms of accuracy and efficiency. Furthermore, we show that this approach is effective in identifying previously unknown malicious entities such as malicious domain names and IP addresses. The system proposed in this research can be implemented in conjunction with an organization’s SIEM, providing a maliciousness score for all observed entities, hence aiding SOC investigations.
von Schmieden, K., Meinel, C.: Utilizing Warm-Up Games in MOOC Discussion Forums.EMOOCs-WiP. pp. 218-223 (2019).
von Schmieden, K., Mayer, L., Meinel, C.: Learner Response to Brainstorming Techniques in a Design Thinking MOOC.Cumulus Conference Proceedings. pp. 443-455. Cumulus Design Conference (2019).
Pelchen, C., Jaeger, D., Cheng, F., Meinel, C.: The (Persistent) Threat of Weak Passwords: Implementation of a Semi-automatic Password-Cracking Algorithm.Proceedings of the 15th International Conference on Information Security Practice and Experience. Springer (2019).
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: A Comparative Analysis of Trust Requirements in Decentralized Identity Management.Proceedings of the 33rd. International Conference on Advanced Information Networking and Applications. Springer, Matsue, Japan (2019).
Identity management is a fundamental component in securing online services. Isolated and centralized identity models have been applied within organizations. Moreover, identity federations connect digital identities across trust domain boundaries. These traditional models have been thoroughly studied with regard to trust requirements. The recently emerging blockchain technology enables a novel decentralized identity management model that targets user-centricity and eliminates the identity provider as a trusted third party. The result is a substantially different set of entities with mutual trust requirements. In this paper, we analyze decentralized identity management based on blockchain through defining topology patterns. These patterns depict schematically the decentralized setting and its main actors. We study trust requirements for the devised patterns and, finally, compare the result to traditional models. Our contribution enables a clear view of differences in trust requirements within the various models.
Sukmana, M.I.H., Torkura, K.A., Graupner, H., Chauhan, A., Cheng, F., Meinel, C.: Supporting Internet-Based Location for Location-Based Access Control in Enterprise Cloud Storage Solution.International Conference on Advanced Information Networking and Applications. p. 1240--1253. Springer (2019).
Sukmana, M.I.H., Petzolt, M., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Secure and Scalable Multi-Company Management in Enterprise Cloud Storage Broker System. Presented at the (2019).
Grüner, A., Mühle, A., Meinel, C.: An Integration Architecture to Enable Service Providers for Self-sovereign Identity.Proceedings of the 18th. International Symposium on Network Computing and Applications. IEEE, Boston, MA (2019).
The self-sovereign identity management model emerged with the rise of blockchain technology. This paradigm focuses on user-centricity and strives to place the user in full control of the digital identity. Numerous implementations embrace the self-sovereign identity concept, leading to a fragmented landscape of solutions. At the same time, traditional identity and access management protocols are largely disregarded and facilities to issue verifiable claims as attributes are not available. Therefore, service providers barely adopt these solutions. We propose a component-based architecture for integrating selfsovereign identity solutions into web applications to foster their adoption by service providers. Furthermore, we outline a sample implementation as a gateway that enables uPort and Jolocom for authentication, via the OpenID Connect protocol, as well as the retrieval of email address attestations for these solutions.
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: Security Chaos Engineering for Cloud Services.The Proceedings of 18th IEEE International Symposium on Network Computing and Applications (NCA 2019). IEEE (2019).
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: SlingShot: Automated Threat Detection and Incident Response in Multi-Cloud Storage Systems.The Proceedings of 18th IEEE International Symposium on Network Computing and Applications (NCA 2019). IEEE (2019).
Bethge, J., Yang, H., Meinel, C.: Training Accurate Binary Neural Networks from Scratch.2019 26th IEEE International Conference on Image Processing (ICIP) (2019).
Binary neural networks are a promising approach to execute convolutional neural networks on devices with low computational power. Previous work on this subject often quantizes pretrained full-precision models and uses complex training strategies. In our work, we focus on increasing the performance of binary neural networks by training from scratch with a simple training strategy. In our experiments we show that we are able to achieve state-of-the-art results on standard benchmark datasets. Further, we analyze how full-precision network structures can be adapted for efficient binary networks and adopt a network architecture based on a DenseNet for binary networks, which lets us improve the state-of-the-art even further. Our source code can be found online: https://github.com/hpi-xnor/BMXNet-v2
Rohloff, T., Sauer, D., Meinel, C.: On the Acceptance and Usefulness of Personalized Learning Objectives in MOOCs.Proceedings of the Sixth ACM Conference on Learning at Scale (L@S 2019). p. 4:1--4:10. Association for Computing Machinery (2019).
With Massive Open Online Courses (MOOCs) the number of people having access to higher education increased rapidly. The intentions to enroll for a specific course vary significantly and depend on one's professional or personal learning needs and interests. All learners have in common that they pursue their individual learning objectives. However, predominant MOOC platforms follow a one-size-fits-all approach and primarily aim for completion with certification. Specifically, technical support for goal-oriented and self-regulated learning to date is very limited in this context although both learning strategies are proven to be key factors for students' achievement in large-scale online learning environments. In this first investigation, a concept for the application and technical integration of personalized learning objectives in a MOOC platform is realized and assessed. It is evaluated with a mixed-method approach. First, the learners' acceptance is examined with a multivariate A/B test in two courses. Second, a survey was conducted to gather further feedback about the perceived usefulness, next to the acceptance. The results show a positive perception by the learners, which paves the way for future research.
Rohloff, T., Oldag, S., Renz, J., Meinel, C.: Utilizing Web Analytics in the Context of Learning Analytics for Large-Scale Online Learning.IEEE Global Engineering Education Conference (EDUCON 2019). p. 296--305. IEEE (2019).
Today, Web Analytics (WA) is commonly used to obtain key information about users and their behavior on websites. Besides, with the rise of online learning, Learning Analytics (LA) emerged as a separate research field for collecting and analyzing learners’ interactions on online learning platforms. Although the foundation of both methods is similar, WA has not been profoundly used for LA purposes. However, especially large-scale online learning environments may benefit from WA as it is more sophisticated and well-established in comparison to LA. Therefore, this paper aims to examine to what extent WA can be utilized in this context, without compromising the learners’ data privacy. For this purpose, Google Analytics was integrated into the Massive Open Online Course platform of the Hasso Plattner Institute as a proof of concept. It was tested with two deployments of the platform: openHPI and openSAP, where thousands of learners gain academic and industry knowledge about engineering education. Besides capturing behavioral data, the platforms’ existing LA dashboards were extended by WA metrics. The evaluation of the integration showed that WA covers a large part of the relevant metrics and is particularly suitable for obtaining an overview of the platform’s global activity, but reaches its limitations when it comes to learner-specific metrics.
Bothe, M., Renz, J., Rohloff, T., Meinel, C.: From MOOCs to Micro Learning Activities.2019 IEEE Global Engineering Education Conference (EDUCON). pp. 280-288 (2019).
Mobile devices are omnipresent in our daily lives. They are utilized for a variety of tasks and used multiple times for short periods throughout the day. MOOC providers optimized their platforms for these devices in order to support ubiquitous learning. While a combination of desktop and mobile learning yields improved course performances, standalone learning on mobile devices does not perform in the same manner. One indicator for this is the mismatch between the average usage pattern of mobile devices and the time to consume one content item in a MOOC. Micro learning builds on bite-sized learning material and focusses on short-term learning sessions. This work examines the potential of micro learning activities in the context of MOOCs. Therefore, a framework for video-based micro learning is presented, which features a personalized curriculum. Videos are suggested to the user in a non-linear order that is determined by content dependencies, users’ preferences and watched videos, as well as explicit and implicit user feedback. A mobile application was implemented to test the approach with restructured MOOC content resulting in 58 connected short videos about engineering education – e.g. web technologies and programming languages. The usage data indicates initial curiosity by the users. To improve retention rates, more user motivation will be required for future studies. A survey gathered additional qualitative feedback. While the content suggestions were seen as a vital feature for such an approach, the results showed good interest and acceptance rates to create a better learning experience for MOOCs on mobile devices.
Sukmana, M.I.H., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Unified Cloud Access Control Model for Cloud Storage Broker.2019 International Conference on Information Networking (ICOIN). p. 60--65. IEEE (2019).
Seidel, F., Krentz, K.-F., Meinel, C.: Deep En-Route Filtering of Constrained Application Protocol (CoAP) Messages on 6LoWPAN Border Routers.Proceedings of the IEEE 5th World Forum on Internet of Things (WF-IoT). IEEE, Limerick, Ireland (2019).
Devices on the IoT are usually battery-powered and have limited resources. Hence, energy-efficient and lightweight protocols were designed for IoT devices, such as the popular CoAP. Yet, CoAP itself does not include any defenses against denial-of-sleep attacks, which are attacks that aim at depriving victim devices of entering low-power sleep modes. For example, a denial-of-sleep attack against an IoT device that runs a CoAP server is to send plenty of CoAP messages to it, thereby forcing the IoT device to expend energy for receiving and processing these CoAP messages. All current security solutions for CoAP, namely DTLS, IPsec, and OSCORE, fail to prevent such attacks. To fill this gap, Seitz et al. proposed a method for filtering out inauthentic and replayed CoAP messages "en-route" on 6LoWPAN border routers. In this paper, we expand on Seitz et al.'s proposal in two ways. First, we revise Seitz et al.'s software architecture so that 6LoWPAN border routers can not only check the authenticity and freshness of CoAP messages, but can also perform a wide range of further checks. Second, we propose a couple of such further checks, which, as compared to Seitz et al.'s original checks, more reliably protect IoT devices that run CoAP servers from remote denial-of-sleep attacks, as well as from remote exploits. We prototyped our solution and successfully tested its compatibility with Contiki-NG's CoAP implementation.
Bothe, M., Meinel, C.: Applied Mobile-Assisted Seamless Learning Techniques in MOOCs. In: Calise, M., Delgado Kloos, C., Reich, J., Ruiperez-Valiente, J.A., and Wirsing, M. (eds.) Digital Education: At the MOOC Crossroads Where the Interests of Academia and Business Converge. p. 21--30. Springer International Publishing, Cham (2019).
As Massive Open Online Courses (MOOCs) are nowadays used in an increasingly ubiquitous manner, the learning process gets disrupted every time learners change context. Mobile-Assisted Seamless Learning (MSL) techniques have been identified to reduce unwanted overhead for learners and streamline their learning process. However, technical implementations vary across the industry. This paper examines existing MSL research and applied techniques in the context of MOOCs. Therefore, we discussed related MSL research topics. Afterward, eleven characteristic MSL features were selected and compared their implementations across five major MOOC platforms. While web applications provide a bigger feature set, mobile clients offer advanced offline capabilities. Based on the findings, a concept outlines how MSL features can enhance the learning experience on MOOC platforms while considering the technical feasibility.
Rohloff, T., Renz, J., Suarez, G.N., Meinel, C.: A Ubiquitous Learning Analytics Architecture for a Service-Oriented MOOC Platform. In: Calise, M., Delgado Kloos, C., Reich, J., Ruiperez-Valiente, J.A., and Wirsing, M. (eds.) Digital Education: At the MOOC Crossroads Where the Interests of Academia and Business Converge (EMOOCs 2019). p. 162--171. Springer International Publishing (2019).
As Massive Open Online Courses (MOOCs) generate a huge amount of learning activity data through its thousands of users, great potential is provided to use this data to understand and optimize the learning experience and outcome, which is the goal of Learning Analytics. But first, the data needs to be collected, processed, analyzed and reported in order to gain actionable insights. Technical concepts and implementations are rarely accessible and therefore this work presents an architecture how Learning Analytics can be implemented in a service-oriented MOOC platform. To achieve that, a service based on extensible schema-agnostic processing pipelines is introduced for the HPI MOOC platform. The approach was evaluated regarding its scalability, extensibility, and versatility with real-world use cases. Also, data privacy was taken into account. Based on five years of running the service in production on several platform deployments, six design recommendations are presented which can be utilized as best practices for platform vendors and researchers when implementing Learning Analytics in MOOCs.
Rohloff, T., Bothe, M., Meinel, C.: Visualizing Content Exploration Traces of MOOC Students.Companion Proceedings of the 9th International Conference on Learning Analytics & Knowledge (LAK 2019). p. 754--758. SoLAR (2019).
This workshop paper introduces a novel approach to visualize content exploration traces of students who navigate through the learning material of Massive Open Online Courses (MOOCs). This can help teachers to identify trends and anomalies in their provided learning material in order to improve the learning experience. The difficulty lies in the complexity of data: MOOCs are structured into multiple sections consisting of different learning items and students can navigate freely between them. Therefore, it is challenging to find a meaningful and comprehensible visualization that provides a complete overview for teachers. We utilized a Sankey diagram which shows the students' transitions between course sections by grouping them into different buckets, based on the percentage of visited items in the corresponding section. Three preceding data processing steps are explained as well as the data visualization with an example course. This is followed by pedagogical considerations how MOOC teachers can utilize and interpret the visualization, to gain meaningful insights and execute informed actions. At last, an evaluation concept is outlined.
Meinig, M., Sukmana, M.I.H., Torkura, K.A., Meinel, C.: Holistic Strategy-Based Threat Model for Organizations.Proceedings of the 10th International Conference on Ambient Systems, Networks and Technologies (ANT 2019). Elsevier Science, Leuven, Belgium (2019).
Data breaches, privacy violations and cyber-attacks are growing problems for companies and governmental organizations. Threat modelling serves as a heuristic procedure of methodological validation of organizations, system designs, software architectures to identify threats. The earlier this happens in the design process, the more cost-effective it is to identify and fix security vulnerabilities and therefore it reduces the possibility of risk happening. Classical literature sources and Internet sources offer different representations of attacker strategies and threat classifications. It is often difficult to apply these schemes to one’s own organization and often the size of them is comprehensible only for experts. In order to improve the understanding of security threats, particularly in the management levels, we provide a structured overview of the most common threat classification schemes and propose a classification model focusing on threats that first considers the specific organization and in a further step presents the courses of action of an attacker in this organization.
Meinig, M., Tröger, P., Meinel, C.: Rough Logs - A Data Reduction Approach for Log Files.Proceedings of the 21st International Conference on Enterprise Information Systems (ICEIS 2019). SCITEPRESS – Science and Technology Publications, Lda, Heraklion, Crete - Greece (2019).
Modern scalable information systems produce a constant stream of log records to describe their activities and current state. This data is increasingly used for online anomaly analysis, so that dependability problems such as security incidents can be detected while the system is running. Due to the constant scaling of many such systems, the amount of processed log data is a significant aspect to be considered in the choice of any anomaly detection approach. We therefore present a new idea for log data reduction called ‘rough logs’. It utilizes rough set theory for reducing the number of attributes being collected in log data for representing events in the system. We tested the approach in a large case study - the experiments showed that data reduction possibilities proposed by our approach remain valid even when the log information is modified due to anomalies happening in the system.
Rezaei, M., Yang, H., Meinel, C.: Learning Imbalanced Semantic Segmentation through Cross-Domain Relations of Multi-Agent Generative Adversarial Networks.SPIE Medical Imaging - Computer Aided Diagnosis (SPIE 2019) (2019).
Bock, B., Matysik, J.-T., Krentz, K.-F., Meinel, C.: Link Layer Key Revocation and Rekeying for the Adaptive Key Establishment Scheme.Proceedings of the IEEE 5th World Forum on Internet of Things (WF-IoT). IEEE, Limerick, Ireland (2019).
While the IEEE 802.15.4 radio standard has many features that meet the requirements of Internet of things (IoT) applications, IEEE 802.15.4 leaves the whole issue of key management unstandardized. To address this gap, Krentz et al. proposed the Adaptive Key Establishment Scheme (AKES), which establishes session keys for use in IEEE 802.15.4 security. Yet, AKES does not cover all aspects of key management. In particular, AKES comprises no means for key revocation and rekeying. Moreover, existing protocols for key revocation and rekeying seem limited in various ways. In this paper, we hence propose a key revocation and rekeying protocol, which is designed to overcome various limitations of current protocols for key revocation and rekeying. For example, our protocol seems unique in that it routes around IEEE 802.15.4 nodes whose keys are being revoked. We succesfully implemented and evaluated our protocol using the Contiki-NG operating system and aiocoap.
Meinig, M., Tröger, P., Meinel, C.: Finding Classification Zone Violations with Anonymized Message Flow Analysis.Proceedings of the 5th Conference on Information Systems Security and Privacy (ICISSP 2019). SCITEPRESS – Science and Technology Publications, Lda, Prague, Czech Republic (2019).
Modern information infrastructures and organizations increasingly face the problem of data breaches and cyber-attacks. A traditional method for dealing with this problem are classification zones, such as ‘top secret’, ‘confidential’, and ‘unclassified’, which regulate the access of persons, hardware, and software to data records. In this paper, we present an approach that finds classification zone violations through automated message flow analysis. Our approach considers the problem of anonymization for the source event logs, which makes the resulting data flow model sharable with experts and the public. We discuss practical implications from applying the approach to a large governmental organization data set and discuss how the anonymity of our concept can be formally validated.
von Schmieden, K., Staubitz, T., Mayer, L., Meinel, C.: Skill Confidence Ratings in a MOOC: Examining the Link Between Skill Confidence and Learner Development.Proceedings of the 11th International Conference on Computer Supported Education. pp. 533-40 (2019).
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: Personality Exploration System for Online Social Networks: Facebook Brands As a Use Case.IEEE/WIC/ACM International Conference on Web Intelligence. IEEE Press, Santiago, Chile (2019).
User-generated content on social media platforms is a rich source of latent information about individual variables. Crawling and analyzing this content provides a new approach for enterprises to personalize services and put forward product recommendations. In the past few years, brands made a gradual appearance on social media platforms for advertisement, customers support and public relation purposes and by now it became a necessity throughout all branches. This online identity can be represented as a brand personality that reflects how a brand is perceived by its customers. We exploited recent research in text analysis and personality detection to build an automatic brand personality prediction model on top of the (Five-Factor Model) and (Linguistic Inquiry and Word Count) features extracted from publicly available benchmarks. The proposed model reported significant accuracy in predicting specific personality traits form brands. For evaluating our prediction results on actual brands, we crawled the Facebook API for 100k posts from the most valuable brands’ pages in the USA and we visualize exemplars of comparison results and present suggestions for future directions.
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C., Jungmann, S.: How Data Anonymisation Techniques influence Disease Triage in Digital Health: A Study on Base Rate Neglect.Proceedings of the 9th International Conference on Digital Public Health. p. 55--62. ACM (2019).
Sianipar, J., Sukmana, M., Meinel, C.: Moving Sensitive Data Against Live Memory Dumping, Spectre and Meltdown Attacks. Presented at the (2018).
The emergence of cloud computing allows users to easily host their Virtual Machines with no up-front investment and the guarantee of always available anytime anywhere. But with the Virtual Machine (VM) is hosted outside of user’s premise, the user loses the physical control of the VM as it could be running on untrusted host machines in the cloud. Malicious host administrator could launch live memory dumping, Spectre, or Meltdown attacks in order to extract sensitive information from the VM’s memory, e.g. passwords or cryptographic keys of applications running in the VM. In this paper, inspired by the moving target defense (MTD) scheme, we propose a novel approach to increase the security of application’s sensitive data in the VM by continuously moving the sensitive data among several memory allocations (blocks) in Random Access Memory (RAM). A movement function is added into the application source code in order for the function to be running concurrently with the application’s main function. Our approach could reduce the possibility of VM’s sensitive data in the memory to be leaked into memory dump file by 25% and secure the sensitive data from Spectre and Meltdown attacks. Our approach’s overhead depends on the number and the size of the sensitive data.
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: Malicious Behaviour Identification in Online Social Networks.Springer - IFIP International Conference on Distributed Applications and Interoperable Systems. p. 18. Springer LNCS, Madrid, Spain (2018).
This paper outlines work on the detection of anomalous behaviour in Online Social Networks (OSNs). We present various automated techniques for identifying a ‘prodigious’ segment within a tweet, and consider tweets which are unusual because of writing style, posting sequence, or engagement level. We evaluate the mechanism by running extensive experiments over large artificially constructed tweets corpus, crawled to include randomly interpolated and abnormal Tweets. In order to successfully identify anomalies in a tweet, we aggregate more than 21 features to characterize users’ behavioural pattern. Using these features with each of our methods, we examine the effect of the total number of tweets on our ability to detect an anomaly, allowing segments of size 50 tweets 100 tweets and 200 tweets. We show indispensable improvements over a baseline in all circumstances for each method, and identify the method variant which performs persistently better than others.
Klieme, E., Tietz, C., Meinel, C.: Beware of SMOMBIES: Verification of Users Based on Activities While Walking.2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). pp. 651-660 (2018).
Rezaei, M., Yang, H., Meinel, C.: Conditional Generative Refinement Adversarial Networks for Unbalanced Medical Image Semantic Segmentation.2019 IEEE Winter Application Computer Vision (2018).
Bartz, C., Yang, H., Meinel, C.: SEE: towards semi-supervised end-to-end scene text recognition.Thirty-Second AAAI Conference on Artificial Intelligence (2018).
Torkura, K. .A., Sukmana, M.I.H., Tim, S., Cheng, F., Graupner, H., Meinel, C.: Defeating Malicious Intrusions in Multi-Cloud Storage Systems.Proceedings of the 6th HPI Cloud Symposium “Operating the Cloud” 2018. Hasso Plattner Institute, Potsdam, Germany (2018).
Traifeh, H., Bin Tareaf, R., Meinel, C.: Challenges and Opportunities in Digital Learning: Perspectives from the Arab World.British Association for International & Comparative Education, BAICE 2018. BAICE UK, University of York, UK (2018).
The plethora of challenges facing the education sector in the Arab World is resulting in significant gaps in outcome and quality between the region and countries with similar levels of economic development. However, the past few years witnessed a gradual trend of improvement propelled by an increasing adoption of digital learning. The widespread of the Internet, the increased number of mobile devices (especially smartphones) among Arab youth and the improvement of some educational institutions’ technical infrastructure, led to a thriving online education landscape. This paper provides a systematic review of Arab digital learning and MOOCs platforms, and highlights the current challenges and issues faced by learners and providers. The paper reports the results of a survey of Arab students and life-long learners about their digital learning experiences. Analysis of the survey data shows that despite its growing adoption, digital learning is still in its early stages compared to that of the developed countries. The paper discusses the identified opportunities for improvement and the potential benefits and advantages for both learners and digital learning providers. The paper concludes with a discussion of future research directions.
Shams, A., Bin Tareaf, R., Renz, J., Meinel, C.: Smart MOOC-Social Computing for Learning and Knowledge Sharing.Proceedings of the 10th International Conference on Computer Supported Education, CSEDU 2018, Funchal, Madeira, Portugal, March 15-17, 2018, Volume 2. p. 391--396. , Capr Town, South Africa (2018).
Massive Open Online Courses(MOOCs) make use of educational technologies to deliver learning materials, supposedly open for everyone, usually with a capacity to serve a substantial number of learners regardless of their geographical locations. A recent advancement in mobile technologies and wireless communications in Africa has produced a conducive digital environment enough to support mobile learning. However, only a handful of learners from Africa participates in online learning compared to their massive engagement in online social networking. Internet-based Social media programs make most of the connections with students for social purposes and yet far less with educational intentions. Participation in mobile learning is still small in the region particular to the Social media who already possess necessary resources for e-learning. Therefore it remains unclear though in which ways, Social media may help to boost mobile learning through its utilization of programs and computation power. This paper argues the best possible approaches aiming to increase the involvement of MOOCs to Africa via a Social network.
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: ASEDS: Towards Automatic Social Emotion Detection System Using Facebook Reactions.2018 IEEE 20th International Conference on High Performance Computing and Communications. p. 860--866. IEEE Press, Exeter, UK (2018).
The Massive adoption of social media has provided new ways for individuals to express their opinion and emotion online. In 2016, Facebook introduced a new reactions feature that allows users to express their psychological emotions regarding published contents using so-called Facebook reactions. In this paper, a framework for predicting the distribution of Facebook post reactions is presented. For this purpose, we collected an enormous amount of Facebook posts associated with their reactions labels using the proposed scalable Facebook crawler. The training process utilizes 3 million labeled posts for more than 64,000 unique Facebook pages from diverse categories. The evaluation on standard benchmarks using the proposed features shows promising results compared to previous research. The final model is able to predict the reaction distribution on Facebook posts with a recall score of 0.90 for “Joy” emotion.
Rezaei, M., Yang, H., Meinel, C.: Instance Tumor Segmentation using Multitask Convolutional Neural Network.2018 International Joint Conference on Neural Networks (IJCNN). p. 1--8. IEEE (2018).
Staubitz, T., Traifeh, H., Meinel, C.: Team-Based Assignments in MOOCs - User Feedback.2018 Learning With MOOCS (LWMOOCS). pp. 39-42 (2018).
With the increasing use of graded team-based assignments on our MOOC platforms-openHPI, openSAP, and mooc.house-we see the need to consult the opinion of our course participants about their perception of these tasks and the sufficiency of the platform support. Since we introduced the feature in May 2016, seven courses that included team-based assignments have been conducted on our platforms. In four of these courses, we have conducted qualitative and quantitative surveys among the participants. The paper at hand presents and discusses the results of these surveys.
Bartz, C., Yang, H., Bethge, J., Meinel, C.: LoANs: Weakly Supervised Object Detection with Localizer Assessor Networks.Asian Conference on Computer Vision. p. 341--356. Springer (2018).
Rezaei, M., Yang, H., Meinel, C.: Generative Adversarial Framework for Learning Multiple Clinical Tasks.Digital Image Computing: Techniques and Applications (DICTA-2018) (2018).
Rezaei, M., Yang, H., Meinel, C.: Automatic Cardiac MRI Segmentation via Context-aware Recurrent Generative Adversarial Neural Network.Computer Assisted Radiology and Surgery (CARS 2018) (2018).
Mordido, G., Yang, H., Meinel, C.: Dropout-GAN: Learning from a Dynamic Ensemble of Discriminators.KDD2018 (2018).
Sukmana, M.I.H., Torkura, K.A., Cheng, F., Meinel, C., Graupner, H.: Unified logging system for monitoring multiple cloud storage providers in cloud storage broker.Information Networking (ICOIN), 2018 International Conference on. p. 44--49. IEEE (2018).
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: Towards a Blockchain-based Identity Provider.Proceedings of the 12th. International Conference on Emerging Security Information, Systems and Technologies. IARIA, Venice, Italy (2018).
The emerging technology blockchain is under way to revolutionize various fields. One significant domain to apply blockchain is identity management. In traditional identity management, a centralized identity provider, representing a trusted third party, supplies digital identities and their attributes. The identity provider controls and owns digital identities instead of the associated subjects and therefore, constitutes a single point of failure and compromise. To overcome the need for this trusted third party, blockchain enables the creation of a decentralized identity provider serving digital identities that are under full control of the associated subject. In this paper, we outline the design and implementation of a decentralized identity provider using an unpermissioned blockchain. Digital identities are partially stored on the blockchain and their attributes are modelled as verifiable claims, consisting of claims and attestations. In addition to that, the identity provider implements the OpenID Connect protocol to promote seamless integration into existing application landscapes. We provide a sample authentication workflow for a user at an online shop to show practical feasibility.
Rezaei, M., Yang, H., Meinel, C.: voxel-GAN: Adversarial Framework for Learning Imbalanced Brain Tumor Segmentation.Brainlesion: Glioma, Multiple Sclerosis, Stroke and Traumatic Brain Injuries - Fourth International Workshop, BrainLes 2018, Held in Conjunction with MICCAI 2018, Granada, Spain, September 14, 2018, Revised Selected Papers. Springer (2018).
Sianipar, J., Willems, C., Meinel, C.: Virtual Machine Integrity Verification in Crowd-Resourcing Virtual Laboratory. Presented at the (2018).
In cloud computing, users are able to use their own operating system (OS) image to run a virtual machine (VM) on a remote host. The virtual machine OS is started by the user using some interfaces provided by a cloud provider in public or private cloud. In peer to peer cloud, the VM is started by the host admin. After the VM is running, the user could get a remote access to the VM to install, configure, and run services. For the security reasons, the user needs to verify the integrity of the running VM, because a malicious host admin could modify the image or even replace the image with a similar image, to be able to get sensitive data from the VM. We propose an approach to verify the integrity of a running VM on a remote host, without using any specific hardware such as Trusted Platform Module (TPM). Our approach is implemented on a Linux platform where the kernel files (vmlinuz and initrd) could be replaced with new files, while the VM is running. kexec is used to reboot the VM with the new kernel files. The new kernel has secret codes that will be used to verify whether the VM was started using the new kernel files. The new kernel is used to further measuring the integrity of the running VM.
Rohloff, T., Bothe, M., Renz, J., Meinel, C.: Towards a Better Understanding of Mobile Learning in MOOCs.IEEE Learning with MOOCs Conference (LWMOOCs 2018). IEEE (2018).
The pervasive presence of mobile devices and growing trends like ubiquitous learning make new demands on Massive Open Online Courses (MOOCs). Users learn increasingly on the go and with multiple devices, instead of being tied to a fixed workstation. However, there is a lack of research how the usage of mobile devices influences the learning behavior and outcome in MOOCs. Thus, this paper presents a first quantitative study to examine this question. To enable a statistical analysis, a proof-of-concept implementation outline is presented, which enhances the Learning Analytics capabilities of the openHPI MOOC platform with contextual data to process various learning behavior metrics. Based on an analysis of four courses, it was found that users who additionally learnt with mobile applications showed a higher engagement with the learning material and completed the course more often. Nevertheless, the reasoning must be addressed with qualitative analyses in future, to better support their learning process and success on mobile and stationary devices.
Rezaei, M., Harmuth, K., Gierke, W., Kellermeier, T., Fischer, M., Yang, H., Meinel, C.: A Conditional Adversarial Network for Semantic Segmentation of Brain Tumor.Springer (2018).
Meinig, M., Meinel, C.: Securing the Flow - Data Flow Analysis with Operational Node Structures.Proceedings of the 4th Conference on Information Systems Security and Privacy (ICISSP 2018). pp. 241-250. SCITEPRESS – Science and Technology Publications, Lda, Madeira, Portugal (2018).
After land, sea, air and space, cyberspace has become the fifth domain of warfare. Organizations recognize the need for protecting confidential, secret - classified – information. Competitors and adversaries turn to illegal methods to obtain classified information. They try to gain a competitive advantage or close a technological gap as well as reduce dependencies on others. Classified information involves facts, subject matters or knowledge needing to be kept secret, regardless of the way in which the information is depicted. In networks with different security classifications a direct physical connection is not allowed. Consequently the possibility of coupling different security domains in affected organizations must be checked comprehensively under security aspects. In this paper we present a new security approach that helps to identify threats at transitions and security zones on valid data flow paths. It can be used to display security challenges within organizations using classified information such as governmental or military organizations. The methodology also incorporates new attributes for data flows in connected systems or processes.
Staubitz, T., Meinel, C.: Collaborative Learning in MOOCs - Approaches and Experiments.2018 IEEE Frontiers in Education Conference (FIE). IEEE (2018).
This Research-to-Practice paper examines the practical application of various forms of collaborative learning in MOOCs. Since 2012, about 60 MOOCs in the wider context of Information Technology and Computer Science have been conducted on our self-developed MOOC platform. The platform is also used by several customers, who either run their own platform instances or use our white label platform. We, as well as some of our partners, have experimented with different approaches in collaborative learning in these courses. Based on the results of early experiments, surveys amongst our participants, and requests by our business partners we have integrated several options to offer forms of collaborative learning to the system. The results of our experiments are directly fed back to the platform development, allowing to fine tune existing and to add new tools where necessary. In the paper at hand, we discuss the benefits and disadvantages of decisions in the design of a MOOC with regard to the various forms of collaborative learning. While the focus of the paper at hand is on forms of large group collaboration, two types of small group collaboration on our platforms are briefly introduced.
Staubitz, T., Meinel, C.: Team based assignments in MOOCs: results and observations.Proceedings of the Fifth Annual ACM Conference on Learning at Scale, London, UK, June 26-28, 2018. p. 47:1--47:4 (2018).
Teamwork and collaborative learning are considered superior to learning individually by many instructors and didactical theories. Particularly, in the context of e-learning and Massive Open Online Courses (MOOCs) we see great benefits but also great challenges for both, learners and instructors. We discuss our experience with six team based assignments on the openHPI and openSAP1 MOOC platforms.
Shaabani, N., Meinel, C.: Improving the Efficiency of Inclusion Dependency Detection.Proceedings of the 27th ACM International Conference on Information and Knowledge Management, CIKM 2018. pp. 207-216. ACM (2018).
The detection of all inclusion dependencies (INDs) in an unknown dataset is at the core of any data profiling effort. Apart from the discovery of foreign key relationships, INDs can help perform data integration, integrity checking, schema (re-)design, and query optimization. With the advent of Big Data, the demand increases for efficient INDs discovery algorithms that can scale with the input data size. To this end, we propose S-indd++ as a scalable system for detecting unary INDs in large datasets. S-indd++ applies a new stepwise partitioning technique that helps discard a large number of attributes in early phases of the detection by processing the first partitions of smaller sizes. S-indd++ also extends the concept of the attribute clustering to decide which attributes to be discarded based on the clustering result of each partition. Moreover, in contrast to the state-of-the-art, S-indd++ does not require the partition to fit into the main memory- which is a highly appreciable property in the face of the ever growing datasets. We conducted an exhaustive evaluation of S-indd ++ by applying it to large datasets with thousands attributes and more than 266 million tuples. The results show the high superiority of S-indd++ over the state-of-the-art. S-indd++ reduced up to 50~% of the runtime in comparison with Binder, and up to 98~% in comparison with S-indd.
Rohloff, T., Utunen, H., Renz, J., Zhao, Y., Gamhewage, G., Meinel, C.: OpenWHO: Integrating Online Knowledge Transfer into Health Emergency Response. In: Dimitrova, V., Praharaj, S., Fominykh, M., and Drachsler, H. (eds.) Practitioner Proceedings of the 13th European Conference On Technology Enhanced Learning (EC-TEL 2018). CEUR-WS.org (2018).
The platform OpenWHO was developed in 2017 in a cooperation between the World Health Organization (WHO) and the Hasso Plattner Institute (HPI). The Department of Infectious Hazard Management, under the WHO Health Emergencies Programme, worked together with the HPI to create a new interactive, web-based, knowledge-transfer platform offering online courses to improve the response to health emergencies. The platform was newly launched as there was an identified need of an open and scalable solution for fast distribution of life-saving content in disease outbreaks for frontline responders. The platform provides adjusted versions of the massive open online learning resources that are self-paced and at ease formats for the frontline and low-bandwidth use. The HPI already developed know-how in previous Massive Open Online Course (MOOC) projects like openHPI and openSAP. OpenWHO is based on the same technology as the aforementioned projects. This paper will provide insights into the practical deployment, the adaption of the MOOC concept, and lessons learnt within the first year of this platform.
Torkura, K. .A., Sukmana, M.I.H., Kayem, A.V.D.M., Cheng, F., Meinel, C.: A Cyber Risk Based Moving Target Defense Mechanism for Microservice Architectures.32nd IEEE International Symposium on Parallel and Distributed Processing with Applications. IEEE (2018).
Rezaei, M., Yang, H., Meinel, C.: Multi-Task Generative Adversarial Network for Handling Imbalanced Clinical Data.arXiv preprint arXiv:1811.10419 (2018).
We propose a new generative adversarial architecture to mitigate imbalance data problem for the task of medical image semantic segmentation where the majority of pixels belong to a healthy region and few belong to lesion or non-health region. A model trained with imbalanced data tends to bias towards healthy data which is not desired in clinical applications. We design a new conditional GAN with two components: a generative model and a discriminative model to mitigate imbalanced data problem through selective weighted loss. While the generator is trained on sequential magnetic resonance images (MRI) to learn semantic segmentation and disease classification, the discriminator classifies whether a generated output is real or fake. The proposed architecture achieved state-of-the-art results on ACDC-2017 for cardiac segmentation and diseases classification. We have achieved competitive results on BraTS-2017 for brain tumor segmentation and brain diseases classification.
Torkura, K. .A., Sukmana, M.I.H., Tim, S., Cheng, F., Graupner, H., Meinel, C.: CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems.The Proceedings of 17th IEEE International Symposium on Network Computing and Applications (NCA 2018). IEEE (2018).
Rohloff, T., Meinel, C.: Towards Personalized Learning Objectives in MOOCs. In: Pammer-Schindler, V., Pérez-Sanagustín, M., Drachsler, H., Elferink, R., and Scheffel, M. (eds.) Lifelong Technology-Enhanced Learning (EC-TEL 2018). p. 202--215. Springer International Publishing (2018).
Instead of measuring success in Massive Open Online Courses (MOOCs) based on certification and completion-rates, researchers started to define success with alternative metrics recently, for example by evaluating the intention-behavior gap and goal achievement. Especially self-regulated and goal-oriented learning have been identified as critical skills to be successful in online learning environments with low guidance like MOOCs, but technical support is rare. Therefore, this paper examines the current technical capabilities and limitations of goal-oriented learning in MOOCs. An observational study to explore how well learners in five MOOCs achieved their initial learning objectives was conducted, and the results are compared with similar studies. Afterwards, a concept with a focus on technical feasibility and automation outlines how personalized learning objectives can be supported and implemented on a MOOC platform.
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: CAVAS: Neutralizing Application and Container Security Vulnerabilities in the Cloud Native Era.14th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2018). Springer (2018).
Rezaei, M., Yang, H., Meinel, C.: Whole Heart and Great Vessel Segmentation with Context-aware of Generative Adversarial Networks. In: Maier, A.K., Deserno, and T.M., Handels, and H., and Klaus Hermann Maier-Hein,, Palm, and C., and Tolxdorff, and T. (eds.) Bildverarbeitung für die Medizin 2018. p. 353--358. Springer (2018).
Torkura, K.A., Sukmana, M.I.H., Meinig, M., Graupner, H., Cheng, F., Meinel, C.: A Threat Modeling Approach for Cloud Storage Brokerage and File Sharing Systems.16th IEEE/IFIP Network Operations and Management Symposium (NOMS 2018). IEEE/IFIP (2018).
Cloud storage brokerage systems abstract cloud storage complexities by mediating technical and business relationships between Cloud Service Providers(CSP) and cloud users, while providing value-added services e.g. increased security, identity management and file sharing/syncing. However, CSBs face several security challenges including enlarged attack surfaces due to integration of disparate components e.g. on-premise and cloud APIs/services. Therefore, appropriate security risk assessment methods are required to identify and evaluate these security issues, and examine the efficiency of countermeasures. A possible approach for satisfying these requirements is employment of threat modeling concepts, which have been successfully applied in traditional paradigms. In this work, we employ threat models including attack trees, attack graphs and Data Flow Diagrams against a representative, real Cloud Storage Broker (CSB) and analyze these security threats and risks. We also propose a technique for combining Common Vulnerability Scoring System (CVSS) and Common Configuration Scoring System (CCSS) base scores in probabilistic attack graphs in order to cater for configuration-based vulnerabilities which are typically leveraged to compromise cloud storage systems. This effort is necessary since existing schemes do not provide sufficient security metrics, imperative for comprehensive risk assessments. We demonstrate the efficiency of our proposal by devising CCSS base scores for two common attacks against cloud storage: Cloud Storage Enumeration Attack and Cloud Storage Exploitation Attack. These metrics are then used in Attack Graph Metric-based risk assessment. Therefore, our approach can be employed by CSBs and CSPs to improve cloud security.
Torkura, K. .A., Sukmana, M.I.H., Meinig, M., Kayem, A., Cheng, F., Graupner, H., Meinel, C.: Securing Cloud Storage Brokerage Systems through Threat Models.The 32nd IEEE International Conference on Advanced Information Networking and Applications (AINA 2018). IEEE (2018).
Krentz, K.-F., Meinel, C., Graupner, H.: Denial-of-Sleep-Resilient Session Key Establishment for IEEE 802.15.4 Security: From Adaptive to Responsive.Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2018). Junction, Madrid, Spain (2018).
Battery-powered and energy-harvesting IEEE 802.15.4 nodes are subject to so-called denial-of-sleep attacks. Such attacks generally aim at draining the energy of a victim device. Especially, session key establishment schemes for IEEE 802.15.4 security are susceptible to denial-of-sleep attacks since injected requests for session key establishment typically trigger energy-consuming processing and communication. Nevertheless, Krentz et al.’s Adaptive Key Establishment Scheme (AKES) for IEEE 802.15.4 security is deemed to be resilient to denial-of-sleep attacks thanks to its energy-efficient design and special defenses. However, thus far, AKES’ resilience to denial-of-sleep attacks was presumably never evaluated. In this paper, we make two contributions. First, we evaluate AKES’ resilience to denial-of-sleep attacks both theoretically and empirically. We particularly consider two kinds of denial-of-sleep attacks, namely HELLO flood attacks, as well as what we introduce in this paper as “yo-yo attacks”. Our key finding is that AKES’ denial-of-sleep defenses require trade-offs between denial-of-sleep resilience and the speed at which AKES adapts to topology changes. Second, to alleviate these trade-offs, we devise and evaluate new denial-of-sleep defenses. Indeed, our newly-devised denial-of-sleep defenses turn out to significantly accelerate AKES’ reaction to topology changes, without incurring much overhead nor sacrificing on security.
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: A Quantifiable Trust Model for Blockchain-Based Identity Management.Proceedings of the 2018 International Conference on Blockchain. IEEE, Halifax, Canada (2018).
Removing the need for a trusted third party, blockchain technology revolutionizes the field of identity management. Service providers rely on digital identities to securely identify, authenticate and authorize users to their services. Traditionally, these digital identities are offered by a central identity provider belonging to a specific organisation. Trust in the digital identity mainly originates from the identity provider’s reputation, organizational functioning and contractual obligations. Blockchain technology enables the creation of decentralized identity management without a central identity provider as trusted third party. Therefore, the derivation of trust in digital identities within this paradigm requires a distinct approach. In this paper we propose a novel general quantifiable trust model and a specific implementation variant for blockchainbased identity management. Applying the model, trust is deduced in a decentralized manner from attestations of claims and applied to the associated digital identity. This concept replaces trust with a central identity provider by aggregated trust into attestation issuers. Thus, promoting self-sovereign identities to be fit for purpose. The calculated numerical trust metric serves as independent basis for the definition of assurance levels to simplify and automate reasoning about trust by service providers without requiring a dedicated evaluation of a trusted third party.
Staubitz, T., Willems, C., Hagedorn, C., Meinel, C.: The gamification of a MOOC platform.2017 IEEE Global Engineering Education Conference (EDUCON). pp. 883-892 (2017).
Massive Open Online Courses (MOOCs) have left their mark on the face of education during the recent couple of years. At the Hasso Plattner Institute (HPI) in Potsdam, Germany, we are actively developing a MOOC platform, which provides our research with a plethora of e-learning topics, such as learning analytics, automated assessment, peer assessment, team-work, online proctoring, and gamification. We run several instances of this platform. On openHPI, we provide our own courses from within the HPI context. Further instances are openSAP, openWHO, and mooc.HOUSE, which is the smallest of these platforms, targeting customers with a less extensive course portfolio. In 2013, we started to work on the gamification of our platform. By now, we have implemented about two thirds of the features that we initially have evaluated as useful for our purposes. About a year ago we activated the implemented gamification features on mooc.HOUSE. They have been employed actively in the course “Design for Non-Designers”. We plan to activate the features on openHPI in the beginning of 2017. The paper at hand recaps, examines, and re-evaluates our initial recommendations.
Meinel, C., Renz, J., Grella, C., Karn, N., Hagedorn, C.: Die Cloud für Schulen in Deutschland. Konzept und Pilotierung der Schul-Cloud.Technische Berichte des Hasso-Plattner-Instituts für Softwaresystemtechnik an der Universität Potsdam.56 (2017).
Die digitale Entwicklung durchdringt unser Bildungssystem, doch Schulen sind auf die Veränderungen kaum vorbereitet: Überforderte Lehrer/innen, infrastrukturell schwach ausgestattete Unterrichtsräume und unzureichend gewartete Computernetzwerke sind keine Seltenheit. Veraltete Hard- und Software erschweren digitale Bildung in Schulen eher, als dass sie diese ermöglichen: Ein zukunftssicherer Ansatz ist es, die Rechner weitgehend aus den Schulen zu entfernen und Bildungsinhalte in eine Cloud zu überführen. Zeitgemäßer Unterricht benötigt moderne Technologie und eine zukunftsorientierte Infrastruktur. Eine Schul-Cloud (https://hpi.de/schul-cloud) kann dabei helfen, die digitale Transformation in Schulen zu meistern und den fächerübergreifenden Unterricht mit digitalen Inhalten zu bereichern. Den Schüler/innen und Lehrkräften kann sie viele Möglichkeiten eröffnen: einen einfachen Zugang zu neuesten, professionell gewarteten Anwendungen, die Vernetzung verschiedener Lernorte, Erleichterung von Unterrichtsvorbereitung und Differenzierung
Rezaei, M., Yang, H., Meinel, C.: Deep Learning for Medical Image Analysis.arXiv preprint arXiv:1708.08987.10 (2017).
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language Identification Using Deep Convolutional Recurrent Neural Networks. In: Liu, D., Xie, S., Li, Y., Zhao, D., and El-Alfy, E.-S.M. (eds.) Neural Information Processing. p. 880--889. Springer International Publishing, Guangzhou, China (2017).
Language Identification (LID) systems are used to classify the spoken language from a given audio sample and are typically the first step for many spoken language processing tasks, such as Automatic Speech Recognition (ASR) systems. Without automatic language detection, speech utterances cannot be parsed correctly and grammar rules cannot be applied, causing subsequent speech recognition steps to fail. We propose a LID system that solves the problem in the image domain, rather than the audio domain. We use a hybrid Convolutional Recurrent Neural Network (CRNN) that operates on spectrogram images of the provided audio snippets. In extensive experiments we show, that our model is applicable to a range of noisy scenarios and can easily be extended to previously unknown languages, while maintaining its classification accuracy. We release our code and a large scale training set for LID systems to the community.
Torkura, K.A., Sukmana, M.I.H., Meinel, C.: Integrating Continuous Security Assessments in Microservices and Cloud Native Applications.Proceedings of the10th International Conference on Utility and Cloud Computing. p. 171--180. ACM (2017).
Cloud Native Applications (CNA) consists of multiple collaborating microservice instances working together towards common goals. These microservices leverage the underlying cloud infrastructure to enable several properties such as scalability and resiliency. CNA are complex distributed applications, vulnerable to several security issues affecting microservices and traditional cloud-based applications. For example, each microservice instance could be developed with different technologies e.g. programming languages and databases. This diversity of technologies increases the chances for security vulnerabilities in microservices. Moreover, the fast-paced development cycles of CNA increases the probability of insufficient security tests in the development pipelines, and consequent deployment of vulnerable microservices. Furthermore, cloud native environments are ephemeral, microservices are dynamically launched and de-registered, this factor creates a discoverability challenge for traditional security assessment techniques. Hence, security assessments in such environments require new approaches which are specifically adapted and integrated to CNA. In fact, such techniques are to be cloud native i.e. well integrated into the cloud’s fabric. In this paper, we tackle the above-mentioned challenges through the introduction of a novel Security Control concept - the Security Gateway. To support the Security Gateway concept, two other concepts are proposed: dynamic document store and security health endpoints.We have implemented these concepts using cloud native design patterns and integrated them into the CNA workflow. Our experimental evaluations validate the efficiency of our proposals, the time overhead due to the security gateway is minimal and the vulnerability detection rate surpasses that of traditional security assessment approaches. Our proposal can therefore be employed to secure CNA and microservice-based implementations.
Rohloff, T., Renz, J., Bothe, M., Meinel, C.: Supporting Multi-Device E-Learning Patterns with Second Screen Mobile Applications.Proceedings of the 16th World Conference on Mobile and Contextual Learning (mLearn 2017). p. 25:1--25:8. Association for Computing Machinery (2017).
Many providers of Massive Open Online Course (MOOC) platforms released mobile applications in the recent years to enable learning offline and on the go, for a more ubiquitous learning experience. However, mainly the MOOC content was optimized for small screens, but mobile devices provide the opportunity to enrich the MOOC experience even further by enabling new forms of learning. Based on a previous learning patterns evaluation and a user survey, this paper presents a second screen prototype for the MOOC platform of the Hasso Plattner Institute, whereby the mobile application can be used as a learning companion while using the web platform on a computer. Four different actions were implemented which can be done next to watching a video lecture. The evaluation showed that the prototype was helpful and made learning more efficient, as reported by users, and also ideas for further improvements were proposed.
Staubitz, T., Teusner, R., Meinel, C.: openHPI's Coding Tool Family: CodeOcean, CodeHarbor, CodePilot.Automatische Bewertung von Programmieraufgaben (ABP) (2017).
The Hasso Plattner Institute successfully runs a self-developed Massive Open Online Course (MOOC) platform—openHPI—since 2012. MOOCs, even more than classic classroom situations, depend on automated solutions to assess programming exercises. Manual evaluation is not an option due to the massive amount of users that participate in these courses. The paper at hand maps the landscape of tools that are used on openHPI in the context of automated grading of programming exercises. Furthermore, it provides a sneak preview to new features that will be integrated ion the near future. Particularly, we will introduce CodeHarbor, our platform to share auto-gradeable exercises between various online code execution platforms.
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Identifying Suspicious User Behavior with Neural Networks.Proceedings of the 4th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2017). p. 255--263. IEEE (2017).
Kayem, A., Meinel, C., Wolthusen, S.: A Smart Micro-Grid Architecture for Resource Constrained Environments.Proceedings, 31st International Conference on Advanced Information Networking and Applications (AINA 2017), Taipei, Taiwan. IEEE (2017).
Micro-grids offer a cost-effective approach to providing reliable power supply in isolated and disadvantaged communities. These communities present a special case where access to national power networks is either non-existent or intermittent due to load-shedding to provision urban areas and/or due to high interconnection costs. By necessity, such micro-grids rely on renewable energy sources that are variable and so only partly predictable. Ensuring reliable power provisioning and billing must therefore be supported by demand management and fair-billing policies. Furthermore, since trusted centralized grid management is not always possible, using a distributed model offers a viable solution approach. However, such a distributed system may be subject to subversion attacks aimed at power theft. In this paper, we present a novel and innovative distributed architecture for power distribution and billing on micro-grids. The architecture is designed to operate efficiently over a lossy communication network, which is an advantage for disadvantaged communities. Since lossy networks are undependable, differentiating system failures from adversarial manipulations is important because grid stability is to a large extent dependent on user participation. To this end, we provide a characterization of potential adversarial models to underline how these can be differentiated from failures.
Shaabani, N., Meinel, C.: Incremental Discovery of Inclusion Dependencies.Proceedings of the 29th International Conference on Scientific and Statistical Database Management (SSDBM'17). p. 2:1--2:12. ACM (2017).
Inclusion dependencies form one of the most fundamental classes of integrity constraints. Their importance in classical data management is reinforced by modern applications such as data profiling, data cleaning, entity resolution and schema matching. Their discovery in an unknown dataset is at the core of any data analysis effort. Therefore, several research approaches have focused on their efficient discovery in a given, static dataset. However, none of these approaches are appropriate for applications on dynamic datasets, such as transactional datasets, scientific applications, and social network. In these cases, discovery techniques should be able to efficiently update the inclusion dependencies after an update in the dataset, without reprocessing the entire dataset. We present the first approach for incrementally updating the unary inclusion dependencies. In particular, our approach is based on the concept of attribute clustering from which the unary inclusion dependencies are efficiently derivable. We incrementally update the clusters after each update of the dataset. Updating the clusters does not need to access the dataset because of special data structures designed to efficiently support the updating process. We perform an exhaustive analysis of our approach by applying it to large datasets with several hundred attributes and more than 116,200,000 million tuples. The results show that the incremental discovery significantly reduces the runtime needed by the static discovery. This reduction in the runtime is up to 99.9996 % for both the insert and the delete.
Bin Tareaf, R., Berger, P., Hennig, P., Jung, J., Meinel, C.: Identifying Audience Attributes - Predicting Age, Gender and Personality for Enhanced Article Writing.ACM - International Conference on Cloud and Big Data Computing. pp. 79-88. ACM Press, London, UK (2017).
In order to create an effective article, having great content is essential. However, to achieve this, the writer needs to target a specific audience. A target audience refers to a group of readers that a writer intends to reach with his content. Defining a target audience is substantial because it has a direct effect on adjusting writing style and content of the article. Nowadays, writers rely solely on annotated attributes of articles, such as location and language to understand his/her audience. The aim of this work is to identify the audience attributes of articles, especially not-annotated attributes. Among others, this work focuses on the detection of three key audience attributes of related articles: age, gender, and personality. We compare between multiple machine learning classifiers to detect these attributes. Finally, we demonstrate a prototypical application that enables writers to run existing algorithms such as trend detection and showing related articles that are specific to a defined target audience based on the newly detected attributes.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-Norm Unit for Brain Lesions Detection.Springer (2017).
Sukmana, M.I.H., Torkura, K.A., Meinel, C., Graupner, H.: Redesign cloudRAID for flexible and secure enterprise file sharing over public cloud storage.Proceedings of the 10th International Conference on Security of Information and Networks. p. 3--10. ACM (2017).
Sianipar, J., Willems, C., Meinel, C.: Team Placement in Crowd-Resourcing Virtual Laboratory for IT Security e-Learning.Proceedings of the 2017 International Conference on Cloud and Big Data Computing, ICCBDC 2017, London, United Kingdom, September 17 - 19, 2017. p. 60--66 (2017).
Perlich, A., Meinel, C.: Juggling Doctor and Patient Needs in Mental Health Record Design.Informatics Empowers Healthcare Transformation (2017).
Providing patients access to mental health records is a controversial topic that gains growing attention in research and practice. While it has great potential in increasing the patient engagement, skepticism is prevailing among therapists who fear detrimental effects and face a lack of feasibility when treatment notes are handwritten. We aim at empowering both therapists to new documentation approaches and patients to higher engagement, and develop the collaborative documentation system Tele-Board MED (TBM) as an adjunct to talk-based mental health interventions. We present an evaluation of TBM by comparing four prototypes and testing scenarios, reaching from early simulations to attempts of real-life implementations in clinical routines. This paper delivers a systematic need comparison of therapists as primary users and patients as secondary users, both during and beyond treatment sessions. While patient feedback is thoroughly positive, the therapist needs are only partially addressed; the benefits remain hidden behind the perceived effort.
Renz, J., Rohloff, T., Meinel, C.: Automatisierte Qualitätssicherung in MOOCs durch Learning Analytics. In: Ullrich, C. and Wessner, M. (eds.) Joint Proceedings of the Pre-Conference Workshops of DeLFI and GMW 2017. CEUR-WS.org (2017).
Dieser Beitrag beschreibt wie mithilfe von Learning Analytics Daten eine automatisierte Qualitätssicherung in MOOCs durchgeführt werden kann. Die Ergebnisse sind auch für andere skalierende E-Learning Systeme anwendbar. Hierfür wird zunächst beschrieben, wie in den untersuchten Systemen (die als verteilte Dienste in einer Microservice-Architektur implementiert sind) Learning Analytics Werkzeuge umgesetzt sind. Darauf aufbauend werden Konzept und Implementierung einer automatisierten Qualitätssicherung beschrieben. In einer ersten Evaluation wird die Nutzung der Funktion auf einer Instanz der am HPI entwickelten MOOC-Plattform untersucht. Anschließend wird ein Ausblick auf Erweiterungen und zukünftige Forschungsfragen gegeben.
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Embedded Smart Home - Remote Lab Grading in a MOOC with over 6000 Participants.2017 Annual IEEE Systems Conference (SysCon). IEEE (2017).
The popularity of MOOCs has increased considerably in the last years. A typical MOOC course consists of video content, self tests after a video and homework, which is normally in multiple choice format. After solving this homeworks for every week of a MOOC, the final exam certificate can be issued when the student has reached a sufficient score. There are also some attempts to include practical tasks, such as programming, in MOOCs for grading. Nevertheless, until now there is no known possibility to teach embedded system programming in a MOOC course where the programming can be done in a remote lab and where grading of the tasks is additionally possible. This embedded programming includes communication over GPIO pins to control LEDs and measure sensor values. We started a MOOC course called ``Embedded Smart Home'' as a pilot to prove the concept to teach real hardware programming in a MOOC environment under real life MOOC conditions with over 6000 students. Furthermore, also students with real hardware have the possibility to program on their own real hardware and grade their results in the MOOC course. Finally, we evaluate our approach and analyze the student acceptance of this approach to offer a course on embedded programming. We also analyze the hardware usage and working time of students solving tasks to find out if real hardware programming is an advantage and motivating achievement to support students learning success.
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States.Proceedings of the 22nd IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
Sianipar, J., Willems, C., Meinel, C.: Signed URL for an Isolated Web Server in a Virtual Laboratory.Proceedings of the 9th International Conference on Education Technology and Computers, ICETC 2017, Barcelona, Spain, December 20-22, 2017. p. 218--222 (2017).
Krentz, K.-F., Meinel, C., Graupner, H.: More Lightweight, yet Stronger 802.15.4 Security through an Intra-Layer Optimization.Proceedings of the 10th International Symposium on Foundations & Practice of Security (FPS 2017). Springer, Nancy, France (2017).
802.15.4 security protects against the replay, injection, and eavesdropping of 802.15.4 frames. A core concept of 802.15.4 security is the use of frame counters for both nonce generation and anti-replay protection. While being functional, frame counters (i) cause an increased energy consumption as they incur a per-frame overhead of 4 bytes and (ii) only provide sequential freshness. The Last Bits (LB) optimization does reduce the per-frame overhead of frame counters, yet at the cost of an increased RAM consumption and occasional energy- and time-consuming resynchronization actions. Alternatively, the timeslotted channel hopping (TSCH) media access control (MAC) protocol of 802.15.4 avoids the drawbacks of frame counters by replacing them with timeslot indices, but findings of Yang et al. question the security of TSCH in general. In this paper, we assume the use of ContikiMAC, which is a popular asynchronous MAC protocol for 802.15.4 networks. Under this assumption, we propose an Intra-Layer Optimization for 802.15.4 Security (ILOS), which intertwines 802.15.4 security and ContikiMAC. In effect, ILOS reduces the security-related per-frame overhead even more than the LB optimization, as well as achieves strong freshness. Furthermore, unlike the LB optimization, ILOS neither incurs an increased RAM consumption nor requires resynchronization actions. Beyond that, ILOS integrates with and advances other security supplements to ContikiMAC. We implemented ILOS using OpenMotes and the Contiki operating system.
Renz, J., Shams, A., Meinel, C.: Offline-Enabled Web-based E-Learning for Improved User Experience in Africa.In Proceedings of the 2017 IEEE AFRICON Conference. pp. '759-764'. IEEE (2017).
Web-based E-Learning uses Internet technologies and digital media to deliver education content to learners. Many universities in recent years apply their capacity in producing Massive Open Online Courses (MOOCs). They have been offering MOOCs with an expectation of rendering a comprehensive online apprenticeship. Typically, an online content delivery process requires an Internet connection. However, access to the broadband has never been a readily available resource in many regions. In Africa, poor and no networks are yet predominantly experienced by Internet users, frequently causing offline each moment a digital device disconnect from a network. As a result, a learning process is always disrupted, delayed and terminated in such regions. This paper raises the concern of E-Learning in poor and low bandwidths, in fact, it highlights the needs for an Offline-Enabled mode. The paper also explores technical approaches beamed to enhance the user experience in Web-based E-Learning, particular in Africa.
Mayer, L., von Schmieden, K., Taheri, M., Meinel, C.: Supporting Design Thinking Education in Organizations With Digital Learning Units – A Testing Set-Up. Presented at the (2017).
This research note addresses the design and testing set-up of a prototype learning unit (protoLU). We explain the advantages of adapting Massive Open Online Courses (MOOCs) to digital learning units for professional working environments and introduce the use case for vocational design thinking trainings. Consequently, we describe the case of a protoLU created to support a physical, two-phase design thinking workshop. The protoLU aimed at refreshing participant knowledge, fostering skill transfer and to inspire through behavioral modeling. With our research set-up we intend to gather results for iterating the protoLU and learn more about the needs of design thinking learner teams in independent teamwork phases.
Staubitz, T., Teusner, R., Meinel, C.: Towards a Repository for Open Auto-Gradable Programming Exercises.2017 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE) (2017).
Auto-gradable hands-on programming exercises are a key element for scalable programming courses. A variety of auto-graders already exist, however, creating suitable high- quality exercises in a sufficient amount is a very time-consuming and tedious task. One way to approach this problem is to enable sharing auto-gradable exercises between several interested parties. School-teachers, MOOC1 instructors, workshop providers, and university level teachers need programming exercises to provide their students with hands-on experience. Auto-gradability of these exercises is an important requirement. The paper at hand introduces a tool that enables the sharing of such exercises and addresses the various needs and requirements of the different stakeholders.
Najafi, P., Sapegin, A., Cheng, F., Meinel, C.: Guilt-by-Association: Detecting Malicious Entities via Graph Mining.International Conference on Security and Privacy in Communication Systems. p. 88--107. Springer (2017).
In this paper, we tackle the problem of detecting malicious domains and IP addresses using graph inference. In this regard, we mine proxy and DNS logs to construct an undirected graph in which vertices represent domain and IP address nodes, and the edges represent relationships describing an association between those nodes. More specifically, we investigate three main relationships: subdomainOf, referredTo, andresolvedTo. We show that by providing minimal ground truth information, it is possible to estimate the marginal probability of a domain or IP node being malicious based on its association with other malicious nodes. This is achieved by adopting belief propagation, i.e., an efficient and popular inference algorithm used in probabilistic graphical models. We have implemented our system in Apache Spark and evaluated using one day of proxy and DNS logs collected from a global enterprise spanning over 2 terabytes of disk space. In this regard, we show that our approach is not only efficient but also capable of achieving high detection rate (96% TPR) with reasonably low false positive rates (8% FPR). Furthermore, it is also capable of fixing errors in the ground truth as well as identifying previously unknown malicious domains and IP addresses. Our proposal can be adopted by enterprises to increase both the quality and the quantity of their threat intelligence and blacklists using only proxy and DNS logs.
Gawron, M., Cheng, F., Meinel, C.: Automatic Vulnerability Classification using Machine Learning.Proceedings of the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS 2017). Springer (2017).
Seitz, K., Serth, S., Krentz, K.-F., Meinel, C.: Demo: Enabling En-Route Filtering for End-to-End Encrypted CoAP Messages.Proceedings of the 15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017). ACM Press, New York, NY, USA (2017).
IoT devices usually are battery-powered and directly connected to the Internet. This makes them vulnerable to so-called path-based denial-of-service (PDoS) attacks. For example, in a PDoS attack an adversary sends multiple Constrained Application Protocol (CoAP) messages towards an IoT device, thereby causing each IoT device along the path to expend energy for forwarding this message. Current end-to-end security solutions, such as DTLS or IPsec, fail to prevent such attacks since they only filter out inauthentic CoAP messages at their destination. This demonstration shows an approach to allow en-route filtering where a trusted gateway has all necessary information to check the integrity, decrypt and, if necessary, drop a message before forwarding it to the constrained mote. Our approach preserves precious resources of IoT devices in the face of path-based denial-of-service attacks by remote attackers.
Grella, C.T., Staubitz, T., Teusner, R., Meinel, C.: Can MOOCs Support Secondary Education in Computer Science? In: Auer, M.E., Guralnick, D., and Uhomoibhi, J. (eds.) Interactive Collaborative Learning. p. 478--493. Springer International Publishing, Cham (2017).
Despite the importance of competencies in computer science for participation in the digital transformation of nearly all sectors, there is still a lack of learning material and technically experienced teachers in German schools. In the paper at hand, we investigate the potential of Massive Open Online Courses (MOOCs) for secondary education. Schools can profit from this learning content and format provided by well-known institutions. However, German schools provide some challenging conditions, which have to be taken into account for a meaningful integration of e-learning elements. Our statistical and qualitative results are based on the representative data of the National Educational Panel Study (NEPS), the learning data of more than 100,000 online learners from over 150 countries, and the outcomes of several workshops with teachers and school administrators.
Amirkhanyan, A., Meinel, C.: The Framework for Spatiotemporal Sequential Rule Mining: Crime Data Case Study.The 2017 International Conference on Knowledge Engineering and Applications (ICKEA2017, IEEE) (2017).
Amirkhanyan, A., Meinel, C.: Density and Intensity-Based Spatiotemporal Clustering with Fixed Distance and Time Radius. In: Kar, A.K., Ilavarasan, P.V., Gupta, M.P., Dwivedi, Y.K., Mäntymäki, M., Janssen, M., Simintiras, A., and Al-Sharhan, S. (eds.) Digital Nations -- Smart Cities, Innovation, and Sustainability: 16th IFIP WG 6.11 Conference on e-Business, e-Services, and e-Society, I3E 2017, Delhi, India, November 21--23, 2017, Proceedings. p. 313--324. Springer International Publishing, Cham (2017).
Nowadays, social networks produce a huge amount of spatial and spatiotemporal data that provide interesting knowledge. This knowledge can be discovered by clustering algorithms and the result of that can be used for different applications. One of such applications is the geospatial event detection based on data from social networks. Many of such detection methods rely on clustering algorithms that should provide clusters with the high level of density in space and intensity in time. Meanwhile, traditional clustering methods are not always practical for spatial and spatiotemporal data because of the specific of such data. Therefore, in this paper, we present the density and intensity-based spatiotemporal clustering algorithm with fixed distance and time radius. This approach produces the clusters that have the density-based center in space and intensity-based center in time. In the paper, we provide the description of the method from the perspective of 2 aspects: spatial and temporal. We complete the paper with the full description of the algorithm methods and detailed explanation of the pseudo code.
Amirkhanyan, A., Meinel, C.: Analysis of data from the Twitter account of the Berlin Police for public safety awareness.2017 IEEE 21st International Conference on Computer Supported Cooperative Work in Design (CSCWD). pp. 209-214 (2017).
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform: A Toolset.Proceedings of the Fourth (2017) ACM Conference on Learning @ Scale. p. 165--168. ACM, Cambridge, Massachusetts, USA (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course.Furthermore, today's jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the courses' teaching teams.
Seitz, K., Serth, S., Krentz, K.-F., Meinel, C.: Demo: Enabling En-Route Filtering for End-to-End Encrypted CoAP Messages.15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017). ACM, Delft, The Netherlands (2017).
IoT devices usually are battery-powered and directly connected to the Internet. This makes them vulnerable to so-called path-based denial-of-service (PDoS) attacks. For example, in a PDoS attack an adversary sends multiple Constrained Application Protocol (CoAP) messages towards an IoT device, thereby causing each IoT device along the path to expend energy for forwarding this message. Current end-to-end security solutions, such as DTLS or IPsec, fail to prevent such attacks since they only filter out inauthentic CoAP messages at their destination. This demonstration shows an approach to allow en-route filtering where a trusted gateway has all necessary information to check the integrity, decrypt and, if necessary, drop a message before forwarding it to the constrained mote. Our approach preserves precious resources of IoT devices in the face of path-based denial-of-service attacks by remote attackers.
Bin Tareaf, R., Berger, P., Hennig, P., Koall, S., Kohstall, J., Meinel, C.: Information Propagation Speed and Patterns in Social Networks: a Case Study Analysis of German Tweets.JCP 2018. pp. 761-770. ACM & Journal of Computer (ISSN: 1796-203X), Jeju Island, South Korea (2017).
In this paper, we present our experiences in analyzing Twitter data. The analysis has shown that information diffuses over time through the Twitter network in certain patterns. Furthermore, it has shown those friend relationships significantly influence the information propagation speed on Twitter. Since it was launched in 2006, the microblogging service grew tremendously. Tweets are sent by users all around the world. Results show that there are two major patterns. While these patterns accommodate us to understand the diffusion of information through Twitter in an even better plan, the analysis of friend networks provides information on who influences the network, concerning the number of re-tweets and the time between a tweet and its re-tweets. The approaches have been evaluated both technically, based on how certain a topic matches one of the patterns and how prominent friends are compared to other users, and conceptually, based on existing, well-known approaches in measuring the speed and scale of information diffusion on Twitter.
Ussath, M., Cheng, F., Meinel, C.: Enhanced Sinkhole System: Collecting System Details to Support Investigations.Proceedings of the 3rd International Conference on Mobile, Secure, and Programmable Networking (MSPN 2017). p. 18--33. Springer (2017).
Torkura, K.A., Sukmana, M.I.H., Cheng, F., Meinel, C.: Leveraging Cloud Native Design Patterns for Security-as-a-Service Applications.Proceedings of the 2nd IEEE International Conference on Smart Cloud (SmartCloud). IEEE (2017).
This paper discusses a new approach for designing and deploying Security-as-a-Service (SecaaS) applications using cloud native design patterns. Current SecaaS approaches do not efficiently handle the increasing threats to computer systems and applications. For example, requests for security assessments drastically increase after a high-risk security vulnerability is disclosed. In such scenarios, SecaaS applications are unable to dynamically scale to serve requests. A root cause of this challenge is employment of architectures not specifically fitted to cloud environments. Cloud native design patterns resolve this challenge by enabling certain properties e.g. massive scalability and resiliency via the combination of microservice patterns and cloud-focused design patterns. However adopting these patterns is a complex process, during which several security issues are introduced. In this work, we investigate these security issues, we redesign and deploy a monolithic SecaaS application using cloud native design patterns while considering appropriate, layered security counter-measures i.e. at the application and cloud networking layer. Our prototype implementation out-performs traditional, monolithic applications with an average Scanner Time of 6 minutes, without compromising security. Our approach can be employed for designing secure, scalable and performant SecaaS applications that effectively handle unexpected increase in security assessment requests.
Gawron, M., Cheng, F., Meinel, C.: PVD: Passive vulnerability detection.Proceedings of the 8th International Conference on Information and Communication Systems (ICICS 2017). pp. 322-327. IEEE (2017).
Krentz, K.-F., Meinel, C., Graupner, H.: Countering Three Denial-of-Sleep Attacks on ContikiMAC.Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2017). Junction, Uppsala, Sweden (2017).
Like virtually all media access control (MAC) protocols for 802.15.4 networks, also ContikiMAC is vulnerable to various denial-of-sleep attacks. The focus of this paper is on countering three specific denial-of-sleep attacks on ContikiMAC, namely ding-dong ditching, pulse-delay attacks, and collision attacks. Ding-dong ditching is when attackers emit interference, inject frames, or replay frames so as to mislead ContikiMAC into staying in receive mode for extended periods of time and hence consuming much energy. Pulse-delay attacks are actually attacks on time synchronization, but can also be launched against ContikiMAC’s phase-lock optimization to cause an increased energy consumption. Lastly, in collision attacks, an attacker provokes retransmissions via jamming. In this paper, to counter these three kinds of denial-of-sleep attacks, we propose two optimizations to ContikiMAC. The dozing optimization, on the one hand, significantly reduces the energy consumption under ding-dong ditching. Beyond that, the dozing optimization helps during normal operation as it reduces the energy consumption of true wake ups, too. The secure phase-lock optimization, on the other hand, is a version of ContikiMAC’s phase-lock optimization that resists pulse-delay attacks. Additionally, the secure phase-lock optimization makes ContikiMAC resilient to collision attacks, as well as more energy efficient. We implemented and evaluated both optimizations using the Contiki operating system and OpenMotes.
Yang, H., Fritzsche, M., Bartz, C., Meinel, C.: BMXNet: An Open-Source Binary Neural Network Implementation Based on MXNet.Proceedings of the 2017 ACM on Multimedia Conference. ACM, New York, NY, USA (2017).
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States.IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-norm Unit for Brain Lesions Detection.International Conference on Neural Information Processing. Springer (2017).
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language Identification Using Deep Convolutional Recurrent Neural Networks.International Conference on Neural Information Processing. Springer (2017).
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform - A Toolset.In Proceedings of ACM Learning at Scale Conference (L@S2017)(ACM), accepted as WIP. ACM (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course. Furthermore, today’s jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the platform’s OPS-team, which prepares the courses in accordance with the requirements of the teaching teams. The evaluation is based on the analysis of data, which has been collected in five courses that have been conducted on one of our platforms during 2015 and 2016 and interviews with the platform’s OPS-team.
Bauer, M., Malchow, M., Staubitz, T., Meinel, C.: Improving Collaborative Learning With Video Lectures.INTED2016 Proceedings. 10th International Technology, Education and Development Conference Valencia, Spain. 7-9 March, 2016. pp. 5511-5517. IATED (2016).
We have addressed the problems of independent e-lecture learning with an approach involving collaborative learning with lecture recordings. In order to make this type of learning possible, we have prototypically enhanced the video player of a lecture video platform with functionality that allows simultaneous viewing of a lecture on two or more computers. While watching the video, synchronization of the playback and every click event, such as play, pause, seek, and playback speed adjustment can be carried out. We have also added the option of annotating slides. With this approach, it is possible for learners to watch a lecture together, even though they are in different places. In this way, the benefits of collaborative learning can also be used when learning online. Now, it is more likely that learners stay focused on the lecture for a longer time (as the collaboration creates an additional obligation not to leave early and desert a friend). Furthermore, the learning outcome is higher because learners can ask their friends questions and explain things to each other as well as mark important points in the lecture video.
Staubitz, T., Teusner, R., Renz, J., Meinel, C.: First Steps in Automated Proctoring.Proceedings of the Fourth MOOC European Stakeholders Summit (EMOOCs 2016). P.A.U (2016).
Staubitz, T., Petrick, D., Bauer, M., Renz, J., Meinel, C.: Improving the Peer Assessment Experience on MOOC Platforms.Proceedings of ACM Learning at Scale Conference (L@S2016). ACM (2016).
Massive Open Online Courses (MOOCs) have revolutionized higher education by offering university-like courses for a large amount of learners via the Internet. The paper at hand takes a closer look on peer assessment as a tool for delivering individualized feedback and engaging assignments to MOOC participants. Benefits, such as scalability for MOOCs and higher order learning, and challenges, such as grading accuracy and rogue reviewers, are described. Common practices and the state-of-the-art to counteract challenges are highlighted. Based on this research, the paper at hand describes a peer assessment workflow and its implementation on the openHPI and openSAP MOOC platforms. This workflow combines the best practices of existing peer assessment tools and introduces some small but crucial improvements.
Wang, C., Yang, H., Bartz, C., Meinel, C.: Image Captioning with Deep Bidirectional LSTMs.Proceedings of the 2016 ACM on Multimedia Conference. p. 988--997. ACM, Amsterdam, The Netherlands (2016).
Renz, J., Hoffmann, D., Staubitz, T., Meinel, C.: Using A/B Testing in MOOC Environments.Proceedings of the 6th International Conference on Learning Analytics and Knowledge (LAK2016). SOLAR (2016).
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Advanced Persistent Threats: Behind the Scenes.Proceedings of the 50th Annual Conference on Information Sciences and Systems (CISS 2016). p. 181--186. IEEE (2016).
Staubitz, T., Teusner, R., Prakash, N., Meinel, C.: Cellular Automata as Basis for Programming Exercises in a MOOC on Testdriven Development.IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE2016). IEEE (2016).
Programming tasks are an important part of teaching computer programming as they foster students to develop essential programming skills and techniques through practice. The design of educational problems plays a crucial role in the extent to which the experiential knowledge is imparted to the learner both in terms of quality and quantity. Badly designed tasks have been known to put-off students from practicing programming. Hence, there is a need for carefully designed problems. Cellular Automata programming lends itself as a very suitable candidate among problems designed for programming practice. In this paper we describe how various types of problems can be designed using concepts from Cellular Automata and discuss the features which make them good practice problems with regard to instructional pedagogy. We also present a case study on a Cellular Automata programming exercise used in a MOOC on Test Driven Development using JUnit, and discuss the automated evaluation of code submissions and the feedback about the reception of this exercise by participants in this course.
Ussath, M., Cheng, F., Meinel, C.: Event Attribute Tainting: A New Approach for Attack Tracing and Event Correlation.Proceedings of the 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS 2016). p. 509--515. IEEE (2016).
Staubitz, T., Teusner, R., Renz, J., Meinel, C.: Automatisierte Online-Aufsicht im Kontext der Wertigkeit von Zertifikaten einer MOOC Plattform.DeLFI 2016 - Die 14. E-Learning Fachtagung Informatik, 11.-14. September 2016, Potsdam. p. 125--136 (2016).
Die Glaubwürdigkeit und Überprüfbarkeit der Zertifikate ist ein wesentlicher Bestandteil von jeglicher Form von zertifiziertem Training. Diese Aussage gilt natürlich auch für MOOCs. In diesem Kontext kommt allerdings erschwerend hinzu, dass eine individuelle, persönliche Beaufsichtigung der Prüfungen tausender TeilnehmerInnen offline nur schwer zu realisieren ist. Es wird daher eine Technik benötigt, diese Beaufsichtigung online durchzuführen, um die Vertrauenswürdigkeit oder Wertigkeit dieser Zertifikate zu erhöhen. In dieser Studie vergleichen wir verschiedene Spielarten der Online-Aufsicht. Wir stellen die Ergebnisse einiger Umfragen unter unseren TeilnehmerInnen, die sich mit deren Sicht bezüglich der Wertigkeit der Zertifikate befassen, vor und bewerten die Aussagen in unserem Kontext. Schließlich stellen wir ein Experiment vor, das wir mit einer neuen Variante der Online-Aufsicht durchgeführt haben. Anstatt sich auf menschliche Augen zu verlassen, wird ein automatisierter Abgleich des Gesichts vor der Kamera mit einem hinterlegten Bild durchgeführt, um zu überprüfen ob die angemeldete TeilnehmerIn auch die ist, die die Prüfung ablegt.
Ussath, M., Cheng, F., Meinel, C.: Automatic Multi-Step Signature Derivation from Taint Graphs.Proceedings of the 2016 IEEE Symposium Series on Computational Intelligence (SSCI 2016). p. 1--8. IEEE (2016).
Che, X., Staubitz, T., Yang, H., Meinel, C.: Pre-Course Key Segment Analysis of Online Lecture Videos.Proceedings of The 16th IEEE International Conference on Advanced Learning Technology (ICALT2016). , Austin, Texas, USA (2016).
In this paper we propose a method to evaluate the importance of lecture video segments in online courses. The video will be first segmented based on the slide transition. Then we evaluate the importance of each segment based on our analysis of the teacher’s focus. This focus is mainly identified by exploring features in the slide and the speech. Since the whole analysis process is based on multimedia materials, it could be done before the official start of the course. By setting survey questions and collecting forum statistics in the MOOC “Web Technologies”, the proposed method is evaluated. Both the general trend and the high accuracy of selected key segments (over 70%) prove the effectiveness of the proposed method.
Rezaei, M., Yang, H., Meinel, C.: Brain Abnormality Detection by Deep Convolutional Neural Network.arXiv preprint arXiv:1708.05206. (2016).
Kayem, A.V.D.M., Vester, C.T., Meinel, C.: Automated k-Anonymization and l-Diversity for Shared Data Privacy.In Proceedings, 27th International Conference on Database and Expert Systems Applications, DEXA 2016, Porto, Portugal, September 5-8, 2016, Part I. p. 105--120. Springer (2016).
Analyzing data is a cost-intensive process, particularly for organizations lacking the necessary in-house human and computational capital. Data analytics outsourcing offers a cost-effective solution, but data sensitivity and query response time requirements, make data protection a necessary pre-processing step. For performance and privacy reasons, anonymization is preferred over encryption. Yet, manual anonymization is time-intensive and error-prone. Automated anonymization is a better alternative but requires satisfying the conflicting objectives of utility and privacy. In this paper, we present an automated anonymization scheme that extends the standard k-anonymization and l-diversity algorithms to satisfy the dual objectives of data utility and privacy. We use a multi-objective optimization scheme that employs a weighting mechanism, to minimise information loss and maximize privacy. Our results show that automating l-diversity results in an added average information loss of 7 % over automated k-anonymization, but in a diversity of between 9–14 % in comparison to 10–30 % in k-anonymised datasets. The lesson that emerges is that automated l-diversity offers better privacy than k-anonymization and with negligible information loss.
Krentz, K.-F., Meinel, C., Schnjakin, M.: POTR: Practical On-the-fly Rejection of Injected and Replayed 802.15.4 Frames.Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE, Salzburg, Austria (2016).
The practice of rejecting injected and replayed 802.15.4 frames only after they were received leaves 802.15.4 nodes vulnerable to broadcast and droplet attacks. Basically, in broadcast and droplet attacks, an attacker injects or replays plenty of 802.15.4 frames. As a result, victim 802.15.4 nodes stay in receive mode for extended periods of time and expend their limited energy. He et al. considered embedding one-time passwords in the synchronization headers of 802.15.4 frames so as to avoid that 802.15.4 nodes detect injected and replayed 802.15.4 frames in the first place. However, He et al.’s, as well as similar proposals lack support for broadcast frames and depend on special hardware. In this paper, we propose Practical On-the-fly Rejection (POTR) to reject injected and replayed 802.15.4 frames early during receipt. Unlike previous proposals, POTR supports broadcast frames and can be implemented with many off-the-shelf 802.15.4 transceivers. In fact, we implemented POTR with CC2538 transceivers, as well as integrated POTR into the Contiki operating system. Furthermore, we demonstrate that, compared to using no defense, POTR reduces the time that 802.15.4 nodes stay in receive mode upon receiving an injected or replayed 802.15.4 frame by a factor of up to 16. Beyond that, POTR has a small processing and memory overhead, and incurs no communication overhead.
Ussath, M., Cheng, F., Meinel, C.: Insights into Encrypted Network Connections: Analyzing Remote Desktop Protocol Traffic.Proceedings of the 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP 2016). p. 585--589. IEEE (2016).
Bauer, M., Malchow, M., Staubitz, T., Meinel, C.: Improving Collaborative Learning With Video Lectures.INTED2016 Proceedings. 10th International Technology, Education and Development ConferenceValencia, Spain. 7-9 March, 2016. pp. 5511-5517. IATED (2016).
We have addressed the problems of independent e-lecture learning with an approach involving collaborative learning with lecture recordings. In order to make this type of learning possible, we have prototypically enhanced the video player of a lecture video platform with functionality that allows simultaneous viewing of a lecture on two or more computers. While watching the video, synchronization of the playback and every click event, such as play, pause, seek, and playback speed adjustment can be carried out. We have also added the option of annotating slides. With this approach, it is possible for learners to watch a lecture together, even though they are in different places. In this way, the benefits of collaborative learning can also be used when learning online. Now, it is more likely that learners stay focused on the lecture for a longer time (as the collaboration creates an additional obligation not to leave early and desert a friend). Furthermore, the learning outcome is higher because learners can ask their friends questions and explain things to each other as well as mark important points in the lecture video.
Yang, H., Wang, C., Bartz, C., Meinel, C.: SceneTextReg: A Real-Time Video OCR System.Proceedings of the 2016 ACM on Multimedia Conference. p. 698--700. ACM, Amsterdam, The Netherlands (2016).
Wang, C., Yang, H., Meinel, C.: Exploring multimodal video representation for action recognition.2016 International Joint Conference on Neural Networks (IJCNN). pp. 1924-1931 (2016).
Rantzsch, H., Yang, H., Meinel, C.: Signature Embedding: Writer Independent Offline Signature Verification with Deep Metric Learning. In: Bebis, G., Boyle, R., Parvin, B., Koracin, D., Porikli, F., Skaff, S., Entezari, A., Min, J., Iwai, D., Sadagic, A., Scheidegger, C., and Isenberg, T. (eds.) Advances in Visual Computing: 12th International Symposium, ISVC 2016, Las Vegas, NV, USA, December 12-14, 2016, Proceedings, Part II. p. 616--625. Springer International Publishing, Cham (2016).
The handwritten signature is widely employed and accepted as a proof of a person's identity. In our everyday life, it is often verified manually, yet only casually. As a result, the need for automatic signature verification arises. In this paper, we propose a new approach to the writer independent verification of offline signatures. Our approach, named Signature Embedding, is based on deep metric learning. Comparing triplets of two genuine and one forged signature, our system learns to embed signatures into a high-dimensional space, in which the Euclidean distance functions as a metric of their similarity. Our system ranks best in nearly all evaluation metrics from the ICDAR SigWiComp 2013 challenge. The evaluation shows a high generality of our system: being trained exclusively on Latin script signatures, it outperforms the other systems even for signatures in Japanese script.
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Pushing the Limits of Cyber Threat Intelligence: Extending STIX to Support Complex Patterns.Information Technology: New Generations: 13th International Conference on Information Technology. p. 213--225. Springer (2016).
Staubitz, T., Klement, H., Teusner, R., Renz, J., Meinel, C.: CodeOcean - A Versatile Platform for Practical Programming Excercises in Online Environments.Proceedings of IEEE Global Engineering Education Conference (EDUCON2016). IEEE (2016).
Sianipar, J., Willems, C., Meinel, C.: A Container based Virtual Laboratory for Internet Security e-Learning.International Journal of Learning and Teaching. IJLT. p. 121--128 (2016).
Staubitz, T., Brehm, M., Jasper, J., Werkmeister, T., Teusner, R., Willems, C., Renz, J., Meinel, C.: Vagrant Virtual Machines for Hands-On Exercises in Massive Open Online Courses.Smart Education and e-Learning 2016. p. 363--373. Springer International Publishing (2016).
In many MOOCs hands-on exercises are a key component. Their format must be deliberately planned to satisfy the needs of a more and more heterogeneous student body. At the same time, costs have to be kept low for maintenance and support on the course provider’s side. The paper at hand reports about our experiments with a tool called Vagrant in this context. It has been successfully employed for use cases similar to ours and thus promises to be an option for achieving our goals.
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Enhance Embedded System E-learning Experience with Sensors.2016 IEEE Global Engineering Education Conference (EDUCON). pp. 175-183. IEEE (2016).
Earlier research shows that using an embedded LED system motivates students to learn programming languages in massive open online courses (MOOCs) efficiently. Since this earlier approach was very successful the system should be improved to increase the learning experience for students during programming exercises. The problem of the current system is that only a static image was shown on the LED matrix controlled by students’ array programming over the embedded system. The idea of this paper to change this static behavior into a dynamic display of information on the LED matrix by the use of sensors which are connected with the embedded system. For this approach a light sensor and a temperature sensor are connected to an analog-to-digital converter (ADC) port of the embedded system. These sensors' values can be read by the students to compute the correct output for the LED matrix. The result is captured and sent back to the students for direct feedback. Furthermore, unit tests can be used to automatically evaluate the programming results. The system was evaluated during a MOOC course about web technologies using JavaScript. Evaluation results are taken from the student’s feedback and an evaluation of the students’ code executions on the system. The positive feedback and the evaluation of the students’ executions, which shows a higher amount of code executions compared to standard programming tasks and the fact that students solving these tasks have overall better course results, highlight the advantage of the approach. Due to the evaluation results, this approach should be used in e-learning e.g. MOOCs teaching programming languages to increase the learning experience and motivate students to learn programming.
Bauer, M., Malchow, M., Meinel, C.: Schrittweiser Umbau einer Lernvideo-Plattform zur Unterstützung von HTML5 und HTTP-Videostreaming.Tagungsband GML². p. 320 ff. (2016).
Luo, S., Yang, H., Wang, C., Che, X., Meinel, C.: Action Recognition in Surveillance Video Using ConvNets and Motion History Image.Artificial Neural Networks and Machine Learning – ICANN 2016. pp. 187-195. Springer (2016).
With significant increasing of surveillance cameras, the amount of surveillance videos is growing rapidly. Thereby how to automatically and efficiently recognize semantic actions and events in surveillance videos becomes an important problem to be addressed. In this paper, we investigate the state-of-the-art Deep Learning (DL) approaches for human action recognition, and propose an improved two-stream ConvNets architecture for this task. In particular, we propose to use Motion History Image (MHI) as motion expression for training the temporal ConvNet, which achieved impressive results in both accuracy and recognition speed. In our experiment, we conducted an in-depth study to investigate important network options and compared to the latest deep network for action recognition. The detailed evaluation results show the superior ability of our proposed approach, which achieves state-of-the-art in surveillance video context.
Che, X., Wang, C., Yang, H., Meinel, C.: Punctuation Prediction for Unsegmented Transcript Based on Word Vector.Proceedings of the Tenth International Conference on Language Resources and Evaluation (LREC 2016). pp. 654-658. , Portorož, Slovenia (2016).
In this paper we propose an approach to predict punctuation marks for unsegmented speech transcript. The approach is purely lexical, with pre-trained Word Vectors as the only input. A training model of Deep Neural Network (DNN) or Convolutional Neural Network (CNN) is applied to classify whether a punctuation mark should be inserted after the third word of a 5-words sequence and which kind of punctuation mark the inserted one should be. TED talks within IWSLT dataset are used in both training and evaluation phases. The proposed approach shows its effectiveness by achieving better result than the state-of-the-art lexical solution which works with same type of data, especially when predicting puncuation position only.
Amirkhanyan, A., Meinel, C.: Analysis of the Value of Public Geotagged Data from Twitter from the Perspective of Providing Situational Awareness.Proceedings of the 15th IFIP Conference on e-Business, e-Services and e-Society (I3E2016) - Social Media: The Good, the Bad, and the Ugly. Springer, Swansea, Wales, UK (2016).
In the era of social networks, we have a huge amount of social geotagged data that reflect the real world. These data can be used to provide or to enhance situational and public safety awareness. It can be reached by the way of analysis and visualization of geotagged data that can help to better understand the situation around and to detect local geo-spatial threats. One of the challenges in the way of reaching this goal is providing valuable statistics and advanced methods for filtering data. Therefore, in the scope of this paper, we collect sufficient amount of public social geotagged data from Twitter, build different valuable statistics and analyze them. Also, we try to find valuable parameters and propose the useful filters based on these parameters that can filter data from invaluable data and, by this way, support analysis of geotagged data from the perspective of providing situational awareness.
Renz, J., Schwerer, F., Meinel, C.: openSAP: Evaluating xMOOC Usage and Challenges for Scalable and Open Enterprise Education.Proceedings of the Eighth International Conference on E-Learning in the Workplace (2016).
Jaeger, D., Pelchen, C., Graupner, H., Cheng, F., Meinel, C.: Analysis of Publicly Leaked Credentials and the Long Story of Password (Re-)use.Proceedings of the 11th International Conference on Passwords (PASSWORDS2016). Springer, Bochum, Germany (2016).
Malchow, M., Bauer, M., Meinel, C.: Couch Learning Mode: Multiple-Video Lecture Playlist Selection out of a Lecture Video Archive for E-learning Students.Proceedings of the 2016 ACM on SIGUCCS Annual Conference. pp. 77-82. ACM (2016).
During a video recorded university class students have to watch several hours of video content. This can easily add up to several days of video content during a semester. Naturally, not all 90 minutes of a typical lecture are relevant for the exam. When the semester ends with a final exam students have to study more intensively the important parts of all the lectures. To simplify the learning process and design it to be more efficient we have introduced the Couch Learning Mode in our lecture video archive. With this approach students can create custom playlists out of the video lecture archive with a time frame for every selected video. Finally, students can lean back and watch all relevant video parts consecutively for the exam without being interrupted. Additionally, the students can share their playlists with other students or they can use the video search to watch all relevant lecture videos about a topic. This approach uses playlists and HTML5 technologies to realize the consecutive video playback. Furthermore, the powerful Lecture Butler search engine is used to find worthwhile video parts for certain topics. Our approach shows that we have more satisfied students using the manual playlist creation to view reasonable parts for an exam. Finally, students are keen on watching the top search results showing reasonable parts of lectures for a topic of interest. The Couch Learning Mode supports and motivates students to learn with video lectures for an exam and daily life.
Khazaei, A., Mohammad Ghasemzadeh, C.M.: Solution Prediction for Vulnerabilities using Textual Data.13th International Conference on Applied Computing , University of Mannheim, Germany. pp. 200-204 (2016).
This paper reports an in progress research project. Each year many software vulnerabilities are discovered and reported. These vulnerabilities can lead to system exploitations and consequently finance and information losses. Soon after detection of vulnerabilities, requests for solutions arise. Usually it takes some time and effort until an effective solution is provided. Therefore it is very desirable to have an automated vulnerability solution predictor. In this paper we introduce an effective approach to achieve such a predictive system. In the first step, by using text mining techniques, we extract some features from the available textual data concerning vulnerabilities. Due to the pattern of the existing overlap between different categories of vulnerabilities and their solutions, we found the overlapping clustering algorithm to be the most suitable method to cluster them. After that, we attempt to find the existing relationship among the obtained clusters. In the last step, we benefit from machine learning methods to construct the requested solution predictor. In our approach we propose an automated quick workaround solution, in workaround solutions, users do not need to wait for a patch or a new version of software but they bypass a problem caused by vulnerability with additional effort to avoid its damages.
Wenzel, M., Klinger, A., Meinel, C.: Tele-Board Prototyper - Distributed 3D Modeling in a Web-Based Real-Time Collaboration System.2016 International Conference on Collaboration Technologies and Systems. pp. 447-453. IEEE (2016).
Prototypes help people to externalize their ideas and are a basic element for gathering feedback on an early product design. Prototyping is oftentimes a team-based method traditionally involving physical and analog tools. At the same time, collaboration among geographically dispersed team members becomes more and more standard practice for companies and research teams. Therefore, a growing need arises for collaborative prototyping environments. We present a standards compliant, web browser-based real-time remote 3D modeling system. We utilize cross-platform WebGL rendering API for hardware accelerated visualization of 3D models. Synchronization relies on WebSocket-based message interchange over a centralized Node.js real-time collaboration server. In a first co-located user test, participants were able to rebuild physical prototypes without having prior knowledge of the system. This way, the provided system design and its implementation can serve as a basis for visual real-time collaboration systems available across a multitude of hardware devices.
Luo, S., Yang, H., Wang, C., Che, X., Meinel, C.: Real-time action recognition in surveillance videos using ConvNets.International Conference on Neural Information Processing. pp. 529-537. Springer (2016).
The explosive growth of surveillance cameras and its 7 * 24 recording period brings massive surveillance videos data. Therefore how to efficiently retrieve the rare but important event information inside the videos is eager to be solved. Recently deep convolutinal networks shows its outstanding performance in event recognition on general videos. Hence we study the characteristic of surveillance video context and propose a very competitive ConvNets approach for real-time event recognition on surveillance videos. Our approach adopts two-steam ConvNets to respectively recognition spatial and temporal information of one action. In particular, we propose to use fast feature cascades and motion history image as the template of spatial and temporal stream. We conducted our experiments on UCF-ARG and UT-interaction dataset. The experimental results show that our approach acquires superior recognition accuracy and runs in real-time.
Sianipar, J., Willems, C., Meinel, C.: Crowdsourcing Virtual Laboratory Architecture on Hybrid Cloud.INTED2016 Proceedings. 10th International Technology, Education and Development Conference Valencia, Spain. 7-9 March, 2016. pp. 2940-2949. IATED (2016).
Virtual Laboratory is needed for practical, hands-on exercises in e-learning courses. The E-learning system needs to provide a specific laboratory environment for a specific learning unit. A Virtual laboratory system with a high requirements learning units, is struggling in serving a large number of users, because the available hardware resources are limited and the budget to provide more resources is low. The number of e-Learning users that simultaneously access the virtual laboratory is varied. In this paper, we propose an architecture of a virtual laboratory system for a large number of users. A person or a company can contribute in providing hardware resources in crowdsourcing manner. This system uses Hybrid cloud platform to be able to scale out and scale in rapidly. The architecture is able to expand by receiving more hardware resources from a person or a company that is willing to contribute. The resources can be anywhere but must be connected to the Internet. For example, if a user has a Virtual Machine (VM) in the cloud or in his own bare metal system connected to the Internet, he can integrate his VM into the Virtual laboratory system. Because the e-learning system is a non-profit system, we assumed that some users and companies are willing to contribute. We use Tele-lab architecture as a based to create the proposed architecture. The Tele-lab is a virtual laboratory for Internet Security e-learning. The Tele-lab uses a private cloud (openNebula) to provide VMs and Containers that are used to represent hosts in a Virtual laboratory. In our architecture as also in the Tele-Lab, there is a frontend and a backend. The frontend is providing an interface to the users. In our architecture, we focus on the backend to be able to provide a virtual laboratory that can serve a large number of users. In the architecture, we use a middleware to provide a communication between a private cloud and a public cloud and also communication between the Virtual laboratory system and the resources that belong to the crowd. This work is part of the continuous improvement on Tele-Lab to make it more reliable and more scalable. We are heading toward using Tele-Lab in the implementation of Massive Open Online Course (MOOC)
Shaabani, N., Meinel, C.: Detecting Maximum Inclusion Dependencies without Candidate Generation.Database and Expert Systems Applications: 27th International Conference, DEXA 2016, Porto, Portugal, September 5-8, 2016, Proceedings, Part II. p. 118--133 (2016).
Inclusion dependencies (INDs) within and across databases are an important relationship for many applications in data integration, schema (re-)design, integrity checking, or query optimization. Existing techniques for detecting all INDs need to generate IND candidates and test their validity in the given data instance. However, the major disadvantage of this approach is the exponentially growing number of data accesses in terms of the number of SQL queries as well as I/O operations. We introduce Mind2, a new approach for detecting n-ary INDs (n > 1) without any candidate generation. Mind2 implements a new characterization of the maximum INDs we developed in this paper. This characterization is based on set operations defined on certain metadata that Mind2generates by accessing the database only 2 x the number of valid unary INDs. Thus, Mind2 eliminates the exponential number of data accesses needed by existing approaches. Furthermore, the experiments show that Mind2 is significantly more scalable than hypergraph-based approaches.
Amirkhanyan, A., Meinel, C.: Visualization and Analysis of Public Social Geodata to Provide Situational Awareness.Proceedings of the 8th International Conference on Advanced Computational Intelligence (ICACI2016). IEEE, Chiang Mai, Thailand (2016).
Nowadays, social networks are an essential part of modern life. People posts everything what happens with them and what happens around them. The amount of data, producing by social networks, increases dramatically every year and users more often post geo-tagged messages. It gives us more possibilities for visualization and analysis of social data, since we can be interested not only in the content of the message but also in the location, from where this message was posted. We aimed to use public social data from location-based social networks to improve situational awareness. In the paper, we show our approach of handling in real-time geodata from Twitter and providing the advanced methods for visualization, analysis, searching and statistics, in order to improve situational awareness.
Torkura, K., Meinel, C.: Towards Vulnerability Assessment as a Service in OpenStack Clouds.Proceedings of the 41st IEEE Conference on Local Computer Networks (LCN). IEEE, Dubai, UAE (2016).
Efforts towards improving security in cloud infrastructures recommend regulatory compliance approaches such as HIPAA and PCI DSS. Similarly, vulnerability assessments are imperatives for fulfilling these regulatory compliance requirements. Nevertheless, conducting vulnerability assessments in cloud environments requires approaches different from those found in traditional computing. Factors such as multi-tenancy, elasticity, self-service and cloud-specific vulnerabilities must be considered. Furthermore, the Anything-as-a-Service model of the cloud stimulates security automation and user-intuitive services. In this paper, we tackle the challenge of efficient vulnerability assessments at the system level, in particular for core cloud applications.Within this scope, we focus on the use case of a cloud administrator. We believe the security of the underlying cloud software is crucial to the overall health of a cloud infrastructure since these are the foundations upon which other applications within the cloud function. We demonstrate our approach using OpenStack and through our experiments prove that our prototype implementation is effective at identifying “OpenStacknative” vulnerabilities. We also automate the process of identifying insecure configurations in the cloud and initiate steps for deploying Vulnerability Assessment-as-a-Service in OpenStack.
Musavi, S.M.B., Mohammad Ghasemzadeh, C.M.: Geometric Design by Interactive and Evolutionary Design Methods.VII European Congress of Methodology, Palma de Mallorca, Balearic Islands (Spain). p. 47 (2016).
Ambassa, P.L., Kayem, A.V.D.M., Wolthusen, S.D., Meinel, C.: Privacy Violations in Constrained Micro-Grids: Adversarial Cases.In Proceedings of the 30th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA 2016), March 23-25, 2016, Crans-Montana, Switzerland. p. 601-- 606 (2016).
Smart micro-grid architectures are small scale electricity provision networks composed of individual electricity providers and consumers. Supporting micro-grids with computationally limited devices, is a cost-effective approach to service provisioning in resource-limited settings. However, the limited availability of real time measurements and the unreliable communication network makes the use of Advanced Metering Infrastructure (AMI) for monitoring and control a challenging problem. Grid operation and stability are therefore reliant on inaccurate and incomplete information. Consequently, data gathering and analytics raise privacy concerns for grid users, which is undesirable. In this paper, we study adversarial scenarios for the privacy violations on micro-grids. We consider two types of privacy threats in constrained micro-grids, namely inferential and aggregation attacks. The reason is that both attacks capture scenarios that can be used to provoke energy theft and destabilize the grid. Grid destabilzation leads to distrust between suppliers and consumers. This work provides a roadmap towards a secure and resilient smart micro-grid energy networks.
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Improved E-learning Experience with Embedded LED System.2016 Annual IEEE Systems Conference (SysCon). IEEE (2016).
During the last years, e-learning has become more and more important. There are several approaches like teleteaching or MOOCs to delivers knowledge information to the students on different topics. But, a major problem most learning platforms have is, students often get demotivated fast. This is caused e.g. by solving similar tasks again and again, and learning alone on the personal computer. To avoid this situation in coding-based courses one possible way could be the use of embedded devices. This approach increases the practical programming part and should push motivation to the students. This paper presents a possibility to the use of embedded systems with an LED panel to motivate students to use programming languages and solve the course successfully. To analyze the successfulness of this approach, it was tested within a MOOC called "Java for beginners" with 11,712 participants. The result was evaluated by personal feedback of the students and user data was analyzed to measure the acceptance and motivation of students by solving the embedded system tasks. The result shows that the approach is well accepted by the students and they are more motivated by tasks with real hardware support.
Xiaoyin Che, S.L., Meinel, C.: An attempt at mooc localization for chinese-speaking users.International Journal of Information and Education Technology, Volume 6, Number 2. pp. 90-96 (2016).
Abstract—“Internetworking with TCP/IP” is a massive open online course (MOOC) provided by Germany-based MOOC platform “openHPI”, which has been offered in German, English and – recently – Chinese respectively, with similar content. In this paper, the authors, who worked jointly as a teacher (or as teaching assistants) in this course, want to share their ideas derived from daily teaching experiences, analysis of the statistics, comparison between the performance in different language offers and the feedback from user questionnaires. Additionally, the motivation, attempt and suggestion at MOOC localization will also be discussed.
Perlich, A., Meinel, C.: Patient-provider teamwork via cooperative note taking on Tele-Board MED.Exploring Complexity in Health: An Interdisciplinary Systems Approach (Proceedings of MIE2016 at HEC2016) (2016).
There is significant, unexploited potential to improve the patients’ engagement in psychotherapy treatment through technology use. We develop Tele-Board MED (TBM), a digital tool to support documentation and patient-provider collaboration in medical encounters. Our objective is the evaluation of TBM's practical effects on patient-provider relationships and patient empowerment in the domain of talk-based mental health interventions. We tested TBM in individual therapy sessions at a psychiatric ward using action research methods. The qualitative results in form of therapist observations and patient stories show an increased acceptance of diagnoses and patient-therapist bonding. We compare the observed effects to patient-provider relationship and patient empowerment models. We can conclude that the functions of TBM – namely that notes are shared and cooperatively taken with the patient, that diagnostics and treatment procedures are depicted via visuals and in plain language, and that patients get a copy of their file – lead to increased patient engagement and an improved collaboration, communication and integration in consultations.
Hemati, H.R., Mohammad Ghasemzadeh, C.M.: A Hybrid Machine Learning Method for Intrusion Detection.International Journal of Engineering (IJE). pp. 1242-1246. IJE (2016).
Data security is an important area of concern for every computer system owner. An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Already various techniques of artificial intelligence have been used for intrusion detection. The main challenge in this area is the running speed of the available implementations. In this research work, we present a hybrid approach which is based on the “linear discernment analysis” and the “extreme learning machine” to build a tool for intrusion detection. In the proposed method, the linear discernment analysis is used to reduce the dimensions of data and the extreme learning machine neural network is used for data classification. This idea allowed us to benefit from the advantages of both methods. We implemented the proposed method on a microcomputer with core i5 1.6 GHz processor by using machine learning toolbox. In order to evaluate the performance of the proposed method, we run it on a comprehensive data set concerning intrusion detection. The data set is called KDD, which is a version of the data set DARPA presented by MIT Lincoln Labs. The experimental results were organized in related tables and charts. Analysis of the results show meaningful improvements in intrusion detection. In general, compared to the existing methods, the proposed approach works faster with higher accuracy.
Che, X., Luo, S., Yang, H., Meinel, C.: Sentence Boundary Detection Based on Parallel Lexical and Acoustic Models.Proceedings of Interspeech 2016. pp. 257-261. , San Francisco, CA, USA (2016).
In this paper we propose a solution that detects sentence boundary from speech transcript. First we train a pure lexical model with deep neural network, which takes word vectors as the only input feature. Then a simple acoustic model is also prepared. Because the models work independently, they can be trained with different data. In next step, the posterior probabilities of both lexical and acoustic models will be involved in a heuristic 2-stage joint decision scheme to classify the sentence boundary positions. This approach ensures that the models can be updated or switched freely in actual use. Evaluation on TED Talks shows that the proposed lexical model can achieve good results: 75.5% accuracy on error-involved ASR transcripts and 82.4% on error-free manual references. The joint decision scheme can further improve the accuracy by 3�~10% when acoustic data is available.
Alibabaie, N., Mohammad Ghasemzadeh, C.M.: A variant of genetic algorithm for non-homogeneous population.International Conference on Applied Mathematics, Computational Science and Systems Engineering , Sapienza University, Italy-Rome (2016).
Selection of initial points, the number of clusters and finding proper clusters centers are still the main challenge in clustering processes. In this paper, we suggest genetic algorithm based method which searches several solution spaces simultaneously. The solution spaces are population groups consisting of elements with similar structure. Elements in a group have the same size, while elements in different groups are of different sizes. The proposed algorithm processes the population in groups of chromosomes with one gene, two genes to k genes. These genes hold corresponding information about the cluster centers. In the proposed method, the crossover and mutation operators can accept parents with different sizes, this can lead to versatility in population and information transfer among sub-populations. We implemented the proposed method and evaluated its performance against some random datasets and the Ruspini dataset as well. The experimental results show that the proposed method could effectively determine the appropriate number of clusters and recognize their centers. Overall this research implies that using heterogeneous population in the genetic algorithm can lead to better results.
Sukmana, M., Meinel, C.: e-Government and Security Evaluation Tools Comparison for Indonesian e-Government System.Proceedings of the 4th International Conference on Information and Network Security. p. 96--103. ACM (2016).
Ambassa, P.L., Wolthusen, S.D., Kayem, A.V.D.M., Meinel, C.: Physical Attestation and Authentication to Detect Cheating in Resource Constrained Smart Microgrids.In Proceedings, 2nd Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems (CyberICPS 2016), September 26-30, 2016, Heraklion, Greece (2016).
We present a physical attestation and authentication approach to detecting cheating in resource constrained smart micro-grids. A multi-user smart microgrid (SMG) architecture supported by a low cost and unreliable communications network, forms our application scenario. In this scenario, a malicious adversary can cheat by manipulating the measured power consumption/generation data. In doing so, the reward is access to more than the per user allocated power quota. Cheating discourages user participation and results in grid destabilisation and a breakdown of the grid in the worst case. Detecting cheating attacks is thus essential for secure and resilient SMG but also a challenging problem.We develop a cheating detection scheme that integrates the idea of physical attestation to assess whether the SMG system is under attack. Subsequently, we support our scheme with an authentication mechanism based on control signals to uniquely identify node subversion. A theoretical analysis demonstrates the efficiency and correctness of our proposed scheme for constrained SMGs.
Wenzel, M., Meinel, C.: Full-Body WebRTC Video Conferencing in a Web-Based Real-Time Collaboration System.Proceedings of the 2016 IEEE 20th International Conference on Computer Supported Cooperative Work in Design. pp. 334-339. IEEE (2016).
Remote collaboration systems are a necessity for geographically dispersed teams in achieving a common goal. Realtime groupware systems frequently provide a shared workspace where users interact with shared artifacts. However, a shared workspace is often not enough for maintaining the awareness of other users. Video conferencing can create a visual context simplifying the user’s communication and understanding. In addition, flexible working modes and modern communication systems allow users to work at any time at any location. It is therefore desirable that a groupware system can run on users’ everyday devices, such as smartphones and tablets, in the same way as on traditional desktop hardware. We present a standards compliant, web browser-based realtime remote collaboration system that includes WebRTC-based video conferencing. It allows a full-body video setup where everyone can see what other participants are doing and where they are pointing in the shared workspace. In contrast to standard WebRTC’s peer-to-peer architecture, our system implements a star topology WebRTC video conferencing. In this way, our solution improves network bandwidth efficiency from a linear to a constant network upstream consumption.
Renz, J., Navarro-Suarez, G., Sathi, R., Staubitz, T., Meinel, C.: Enabling Schema Agnostic Learning Analytics in a Service-Oriented MOOC Platform.Proceedings of ACM Learning at Scale Conference (L@S2016). ACM (2016).
Taheri, M., Meinel, C.: Pedagogical Evaluation of the Design Thinking MOOCs.Proceedings of the 3rd International Conference for Design Education Researchers (LearnXDesign2015). Aalto University, Chicago, Illinois, USA (2015).
Design Thinking and Massive Open Online Courses (MOOCs) have enjoyed a widespread attention and uptake by both institutes of higher education and media. These two increasingly popular phenomena have joined forces in the recent years with several reputable universities offering MOOCs on Design Thinking. However the MOOC model of learning and Design Thinking education seem very contradictory at the first glance: Design Thinking is taught in a learning-by-doing fashion in small teams and through various hands-on activities. In contrast, MOOCs are most often completed individually. Hence the seemingly unfitting characteristics of MOOCs and Design Thinking are worth further investigation. This paper presents the initial stage of a research project that explores the potential of teaching Design Thinking at scale. It offers a pedagogical evaluation of the existing Design Thinking MOOCs using the Taxonomy Table and the Seven Principles of Good Practice in Undergraduate Education. The results shed light on how Design Thinking is being taught today in a MOOC environment and the learning objectives that the course providers are expecting.
Che, X., Yang, H., Meinel, C.: Table Detection from Slide Images.Pacific-Rim Symposium on Image and Video Technology. pp. 762-774. , Auckland, New Zealand (2015).
In this paper we propose a solution to detect tables from slide images. Presentation slides are one type of document with growing importance. But the layout difference between slides and traditional documents makes many existing table detection methods less effective on slides. The proposed solution works with both high-resolution slide images from digital files and low-resolution slide screenshots from videos. By taking OCR (Optical Character Recognition) as initial step, a heuristic analysis on page layout focuses not only on the table structure but also the textual content. The evaluation result shows that the proposed solution achieves an approximate accuracy of 80 %. It is way better than the open-source academic solution Tesseract and also outperforms the commercial software ABBYY FineReader, which is supposed to be one of the best table detection tools.
Azodi, A., Jaeger, D., Cheng, F., Meinel, C.: Passive Network Monitoring using REAMS.Proceedings of the 6th International Conference on Information Science and Applications (ICISA 2015). pp. 205-215. Sprinter, Pattaya, Thailand (2015).
Graupner, H., Torkura, K., Berger, P., Schnjakin, M., Meinel, C.: Secure Access Control for Multi-Cloud Resources.Proceedings of the 40th IEEE Conference on Local Computer Networks (LCN). IEEE (2015).
Privacy, security, and trust concerns are continuously hindering the growth of cloud computing despite its attractive features. To mitigate these concerns, an emerging approach targets the use of multi-cloud architectures to achieve portability and reduce cost. Multi-cloud architectures however suffer several challenges including inadequate cross-provider APIs, insufficient support from cloud service providers, and especially non-unified access control mechanisms. Consequently, the available multicloud proposals are unhandy or insecure. This paper proposes two contributions. At first, we survey existing cloud storage provider interfaces. Following, we propose a novel technique that deals with the challenges of connecting modern authentication standards and multiple cloud authorization methods.
Torkura, K.A., Cheng, F., Meinel, C.: Application of Quantitative Security Metrics In Cloud Computing.Proceedings of the 10th International Conference for Internet Technology and Secured Transactions (ICITST2015). IEEE (2015).
Security issues are still prevalent in cloud computing particularly public cloud. Efforts by Cloud Service Providers to secure out-sourced resources are not sufficient to gain trust from customers. Service Level Agreements (SLAs) are currently used to guarantee security and privacy, however research into SLAs monitoring suggests levels of dissatisfaction from cloud users. Accordingly, enterprises favor private clouds such as OpenStack as they offer more control and security visibility. However, private clouds do not provide absolute security, they share some security challenges with public clouds and eliminate other challenges. Security metrics based approaches such as quantitative security assessments could be adopted to quantify security value of private and public clouds. Software quantitative security assessments provide extensive visibility into security postures and help assess whether or not security has improved or deteriorated. In this paper we focus on private cloud security using OpenStack as a case study, we conduct a quantitative assessment of OpenStack based on empirical data. Our analysis is multi-faceted, covering OpenStack major releases and services. We employ security metrics to determine the vulnerability density, vulnerability severity metrics and patching behavior. We show that OpenStack’s security has improved since inception, however concerted efforts are imperative for secure deployments, particularly in production environments.
Azodi, A., Gawron, M., Sapegin, A., Cheng, F., Meinel., C.: Leveraging Event Structure for Adaptive Machine Learning on Big Data Landscapes.Proceedings of the International Conference on Mobile, Secure and Programmable Networking (MSPN'15). Springer (2015).
Modern machine learning techniques have been applied to many aspects of network analytics in order to discover patterns that can clarify or better demonstrate the behavior of users and systems within a given network. Often the information to be processed has to be converted to a different type in order for machine learning algorithms to be able to process them. To accurately process the information generated by systems within a network, the true intention and meaning behind the information must be observed. In this paper we propose different approaches for mapping network information such as IP addresses to integer values that attempts to keep the relation present in the original format of the information intact. With one exception, all of the proposed mappings result in (at most) 64 bit long outputs in order to allow atomic operations using CPUs with 64 bit registers. The mapping output size is restricted in the interest of performance. Additionally we demonstrate the benefits of the new mappings for one specific machine learning algorithm (k-means) and compare the algorithm's results for datasets with and without the proposed transformations.
Berger, P., Hennig, P., Dummer, D., Ernst, A., Hille, T., Schulze, F., Meinel, C.: Extracting Image Context from Pinterest for Image Recommendation.Proceedings of the 8th IEEE International Conference on Social Computing and Networking (SocialCom2015). , Chengdu, China (2015).
Cheng, F., Sapegin, A., Gawron, M., Meinel, C.: Analyzing Boundary Device Logs on the In-Memory Platform.Proceedings of the IEEE International Symposium on Big Data Security on Cloud (BigDataSecurity‘15). IEEE (2015).
The boundary devices, such as routers, firewalls, proxies, and domain controllers, etc., are continuously generating logs showing the behaviors of the internal and external users, the working state of the network as well as the devices themselves. To rapidly and efficiently analyze these logs makes great sense in terms of security and reliability. However, it is a challenging task due to the fact that a huge amount of data might be generated for being analyzed in very short time. In this paper, we address this challenge by applying complex analytics and modern in-memory database technology on the large amount of log data. Logs from different kinds of devices are collected, normalized, and stored in the In-Memory database. Machine learning approaches are then implemented to analyze the centralized big data to identify attacks and anomalies which are not easy to be detected from the individual log event. The proposed method is implemented on the In-Memory platform, i.e., SAP HANA Platform, and the experimental results show that it has the expected capabilities as well as the high performance.
Torkura, K.A., Cheng, F., Meinel, C.: Aggregating Vulnerability Information for Proactive Cloud Vulnerability Assessment.Journal of Internet Technology and Secured Transactions.4, (2015).
The current increase in software vulnerabilities necessitates concerted research in vulnerability lifecycles and how effective mitigative approaches could be implemented. This is especially imperative in cloud infrastructures considering the novel attack vectors introduced by this emerging computing paradigm. By conducting a quantitative security assessment of OpenStack’s vulnerability lifecycle, we discovered severe risk levels resulting from prolonged gap between vulnerability discovery and patch release. We also observed an additional time lag between patch release and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actors to develop zero-days exploits and other types of malicious software. Mitigating these concerns requires systems with current knowledge on events within the vulnerability lifecycle. However, current threat mitigation systems like vulnerability scanners are designed to depend on information from public vulnerability repositories which mostly do not retain comprehensive information on vulnerabilities. Accordingly, we propose a framework that would mitigate the afore-mentioned risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories, Bug Tracking Systems and other channels. These information is thereafter used to automatically generate plugins armed with current information about possible zeroday exploits and other unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks, Scanner Patch Time and Scanner Patch Discovery Time
Malchow, M., Bauer, M., Meinel, C.: Lecture Butler - Teaching Reasonable Lectures from a Lecture Video Archive.Proceedings of the 2015 ACM Annual Conference on SIGUCCS. pp. 3-9. ACM (2015).
Lecture video archives offer a large variety of lecture recordings in different topics. Naturally, topics are described superficially, easily or detailed in different lectures. Users interested in certain topics have problems finding lectures describing a topic chronology from basic lectures to more detailed difficult lectures. The Lecture Butler is going to automatically offer e-learning students lectures for the topics of interest in chronological playlists. The approach is finding lecture information using title, description, OCR and ASR data. This data is indexed and searched by an in-memory database to fulfill the speed requirements for playlist creation. In the search results lectures are going to be ordered by lecture occurrence in the university semester time schedule or by given lecture level of difficulty. As a result students can automatically create playlists for their topic of interest in sequence of the lecture level. Hence, students are not overstrained by lectures when they start with basic lectures first. Basic lectures provide information to understand more complex lectures. The research shows that an automatic approach by adding the level of difficulty or university semester time table is going to show reasonable playlists to find topics of interest. This solves the main problem students encounter when they try to learn a topic step-by-step using recorded lectures. The approach will support and motivate students using e-learning opportunities.
Malchow, M., Bauer, M., Meinel, C.: Self-Test Integration in Lecture Video Archives.ICERI2015 Proceedings - 8th International Conference of Education, Research and Innovation. pp. 7631-7638. IATED (2015).
Lecture video archives offer hundreds of lectures. Students have to watch lecture videos in a lecture archive without any feedback. They do not know if they understood everything correctly in comparison to MOOCs (Massive Open Online Course) where a direct feedback with self-tests or assignments is common. In contrast to MOOCs, video lecture archives normally do not offer self-test or assignment sections after every video. Due to this behavior of lecture archives questions have to be made visible on the video page. Furthermore, lecture recording videos are typically longer than videos in MOOCs. So, it is not so reasonable and sometimes even demotivating to ask a lot of questions after a long video when not all information is already memorized by the student. The approach of this paper is to overcome these self-test problems in lecture video archives and to finally solve them in a reasonable way to increase the learning experience and support students to learn more efficient with recorded lecture videos.
Amirkhanyan, A., Cheng, F., Meinel, C.: Real-Time Clustering of Massive Geodata for Online Maps to Improve Visual Analysis.Proceedings of the 11th International Conference on Innovations in Information Technology (IIT2015). IEEE, Dubai, UAE (2015).
Nowadays, we have a lot of data produced by social media services, but more and more often these data contain information about a location that gives us the wide range of possibilities to analyze them. Since we can be interested not only in the content, but also in the location where this content was produced. For good analyzing geo-spatial data, we need to find the best approaches for geo clustering. And the best approach means real-time clustering of massive geodata with high accuracy. In this paper, we present a new approach of clustering geodata for online maps, such as Google Maps, OpenStreetMap and others. Clustered geodata based on their location improve visual analysis of them and improve situational awareness. Our approach is the server-side online algorithm that does not need the entire data to start clustering. Also, this approach works in real-time and could be used for clustering of massiv
