Sukmana, M.I.H., Petzolt, M., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Secure and Scalable Multi-Company Management in Enterprise Cloud Storage Broker System. (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C., Jungmann, S.: How Data Anonymisation Techniques influence Disease Triage in Digital Health: A Study on Base Rate Neglect.Proceedings of the 9th International Conference on Digital Public Health. p. 55--62. ACM (2019).
Bethge, J., Yang, H., Bornstein, M., Meinel, C.: BinaryDenseNet: Developing an Architecture for Binary Neural Networks.The IEEE International Conference on Computer Vision (ICCV) Workshops (2019).
Grüner, A., Mühle, A., Meinel, C.: Using Probabilistic Attribute Aggregation for Increasing Trust in Attribute Assurance.Proceedings of the 2019 IEEE Symposium Series on Computational Intelligence in Cyber Security. IEEE, Xiamen, China (2019).
Identity management is an essential cornerstone of securing online services. Service provisioning relies on correct and valid attributes of a digital identity. Therefore, the identity provider is a trusted third party with a specific trust requirement towards a verified attribute supply. This trust demand implies a significant dependency on users and service providers. We propose a novel attribute aggregation method to reduce the reliance on one identity provider. Trust in an attribute is modelled as a combined assurance of several identity providers based on probability distributions. We formally describe the proposed aggregation model. The resulting trust model is implemented in a gateway that is used for authentication with self-sovereign identity solutions. Thereby, we devise a service provider specific web of trust that constitutes an intermediate approach bridging a global hierarchical model and a locally decentralized peer to peer scheme.
Graupner, H., Torkura, K.A., Sukmana, M.I.H., Meinel, C.: Secure Deduplication on Public Cloud Storage.Proceedings of the 2019 4th International Conference on Big Data and Computing. p. 34--41. ACM (2019).
von Schmieden, K., Staubitz, T., Mayer, L., Meinel, C.: Skill Confidence Ratings in a MOOC: Examining the Link Between Skill Confidence and Learner Development.Proceedings of the 11th International Conference on Computer Supported Education. pp. 533-40 (2019).
von Schmieden, K., Staubitz, T., Mayer, L., Meinel, C.: Skill Confidence Ratings in a MOOC: Examining the Link between Skill Confidence and Learner Development.CSEDU (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Towards Identifying De-anonymisation Risks in Distributed Health Data Silos.International Conference on Database and Expert Systems Applications. p. 33--43. Springer (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Identifying Data Exposure Across Distributed High-Dimensional Health Data Silos through Bayesian Networks Optimised by Multigrid and Manifold.2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). p. 556--563. IEEE (2019).
Podlesny, N.J., Kayem, A.V.D.M., Meinel, C.: Attribute Compartmentation and Greedy UCC Discovery for High-Dimensional Data Anonymization.Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy. p. 109--119. ACM (2019).
Alhosseini, S.A., Bin Tareaf, R., Najafi, P., Meinel, C.: Detect Me If You Can: Spam Bot Detection Using Inductive Representation Learning.WWW19, World Wide Web Conference. ACM, San Francisco, USA (2019).
von Schmieden, K., Mayer, L., Meinel, C.: Learner Response to Brainstorming Techniques in a Design Thinking MOOC.Cumulus Conference Proceedings. pp. 443-455. Cumulus Design Conference (2019).
John, C.T., Staubitz, T., Meinel, C.: Performance of Men and Women in Graded Team Assignments in MOOCs.2019 Learning With MOOCS (LWMOOCS) (2019).
Traifeh, H., Staubitz, T., Meinel, C.: Improving learner experience and participation in MOOCs: A design thinking approach.2019 Learning With MOOCS (LWMOOCS) (2019).
Staubitz, T., Meinel, C.: Graded Team Assignments in MOOCs: Effects of Team Composition and Further Factors on Team Dropout Rates and Performance.Proceedings of the Sixth (2019) ACM Conference on Learning @ Scale. p. 5:1--5:10. ACM, Chicago, IL, USA (2019).
The ability to work in teams is an important skill in today's work environments. In MOOCs, however, team work, team tasks, and graded team-based assignments play only a marginal role. To close this gap, we have been exploring ways to integrate graded team-based assignments in MOOCs. Some goals of our work are to determine simple criteria to match teams in a volatile environment and to enable a frictionless online collaboration for the participants within our MOOC platform. The high dropout rates in MOOCs pose particular challenges for team work in this context. By now, we have conducted 15 MOOCs containing graded team-based assignments in a variety of topics. The paper at hand presents a study that aims to establish a solid understanding of the participants in the team tasks. Furthermore, we attempt to determine which team compositions are particularly successful. Finally, we examine how several modifications to our platform's collaborative toolset have affected the dropout rates and performance of the teams.
Staubitz, T., Teusner, R., Meinel, C.: MOOCs in Secondary Education - Experiments and Observations from German Classrooms.2019 IEEE Global Engineering Education Conference (EDUCON). pp. 173-182 (2019).
Computer science education in German schools is often less than optimal. It is only mandatory in a few of the federal states and there is a lack of qualified teachers. As a MOOC (Massive Open Online Course) provider with a German background, we developed the idea to implement a MOOC addressing pupils in secondary schools to fill this gap. The course targeted high school pupils and enabled them to learn the Python programming language. In 2014, we successfully conducted the first iteration of this MOOC with more than 7000 participants. However, the share of pupils in the course was not quite satisfactory. So we conducted several workshops with teachers to find out why they had not used the course to the extent that we had imagined. The paper at hand explores and discusses the steps we have taken in the following years as a result of these workshops.
Najafi, P., Mühle, A., Pünter, W., Cheng, F., Meinel, C.: MalRank: A Measure of Maliciousness in SIEM-based Knowledge Graphs.Proceedings of the 35th Annual Computer Security Applications Conference. p. 417--429. ACM (2019).
In this paper, we formulate threat detection in SIEM environments as a large-scale graph inference problem. We introduce a SIEM- based knowledge graph which models global associations among entities observed in proxy and DNS logs, enriched with related open-source intelligence (OSINT) and cyber threat intelligence (CTI). Next, we propose MalRank, a graph-based inference algorithm designed to infer a node maliciousness score based on its associations to other entities presented in the knowledge graph, e.g., shared IP ranges or name servers. After a series of experiments on real-world data captured from a global enterprise’s SIEM (spanning over 3TB of disk space), we show that MalRank maintains a high detection rate (AUC = 96%) outperforming its predecessor, Belief Propagation, both in terms of accuracy and efficiency. Furthermore, we show that this approach is effective in identifying previously unknown malicious entities such as malicious domain names and IP addresses. The system proposed in this research can be implemented in conjunction with an organization’s SIEM, providing a maliciousness score for all observed entities, hence aiding SOC investigations.
Bin Tareaf, R., Alhosseini, S.A., Meinel, C.: Facial-Based Personality Prediction Models For Estimating Individuals Private Traits.The 12th IEEE International Conference on Social Computing and Networking ( IEEE SocialCom)). IEEE, Xiamen, China (2019).
Bin Tareaf, R., Alhosseini, S.A., Meinel, C.: Cross-Platform Personality Exploration System for Online Social Networks: Facebook vs. Twitter.Journal of Web Intelligence Consortium (WIC). (2019).
Rohloff, T., Sauer, D., Meinel, C.: Student Perception of a Learner Dashboard in MOOCs to Encourage Self-Regulated Learning.2019 IEEE International Conference on Engineering, Technology and Education (TALE). IEEE (2019).
In online learning environments like Massive Open Online Courses (MOOCs), where teachers cannot provide individual support and guidance for thousands of students, self-regulated learning (SRL) is a critical metacognitive skillset for students’ achievement. However, not every student intuitively self-regulates its learning and therefore technical solutions can help to apply SRL strategies. Learner dashboards with visualizations about the learner’s progress and behavior are able to create awareness, encourage self-reflection, and perhaps motivate students to plan and adjust their learning behavior to achieve their learning objectives. Hence, such Learning Analytics tools can support the SRL strategies self-evaluation and strategic planning. To examine this potential, a learner dashboard was integrated into the HPI MOOC platform. This work presents the design process, the concept, and an evaluation of the first dashboard iteration. The perceived usefulness and usability are investigated, and in addition, the question will be considered whether the dashboard encourages students to apply self-regulated learning. The positive results pave the way for future research and a next iteration of the learner dashboard.
Bin Tareaf, R., Alhosseini, S.A., Berger, P., Hennig, P., Meinel, C.: Towards Automatic Personality Prediction Using Facebook Likes Metadata. In: 14th International Conference on Intelligent Systems, I.E.E.E. and Knowledge Engineering, D. (eds.) The 14th IEEE International Conference on Intelligent Systems and Knowledge Engineering. IEEE, Dalian, China (2019).
John, C.T., Staubitz, T., Meinel, C.: Took a MOOC. Got a Certificate. What now?2019 IEEE Frontiers in Education Conference (FIE) (2019).
Grüner, A., Mühle, A., Meinel, C.: An Integration Architecture to Enable Service Providers for Self-sovereign Identity.Proceedings of the 18th. International Symposium on Network Computing and Applications. IEEE, Boston, MA (2019).
The self-sovereign identity management model emerged with the rise of blockchain technology. This paradigm focuses on user-centricity and strives to place the user in full control of the digital identity. Numerous implementations embrace the self-sovereign identity concept, leading to a fragmented landscape of solutions. At the same time, traditional identity and access management protocols are largely disregarded and facilities to issue verifiable claims as attributes are not available. Therefore, service providers barely adopt these solutions. We propose a component-based architecture for integrating selfsovereign identity solutions into web applications to foster their adoption by service providers. Furthermore, we outline a sample implementation as a gateway that enables uPort and Jolocom for authentication, via the OpenID Connect protocol, as well as the retrieval of email address attestations for these solutions.
Bothe, M., Meinel, C.: Applied Mobile-Assisted Seamless Learning Techniques in MOOCs. In: Calise, M., Delgado Kloos, C., Reich, J., Ruiperez-Valiente, J.A., and Wirsing, M. (eds.) Digital Education: At the MOOC Crossroads Where the Interests of Academia and Business Converge. p. 21--30. Springer International Publishing, Cham (2019).
As Massive Open Online Courses (MOOCs) are nowadays used in an increasingly ubiquitous manner, the learning process gets disrupted every time learners change context. Mobile-Assisted Seamless Learning (MSL) techniques have been identified to reduce unwanted overhead for learners and streamline their learning process. However, technical implementations vary across the industry. This paper examines existing MSL research and applied techniques in the context of MOOCs. Therefore, we discussed related MSL research topics. Afterward, eleven characteristic MSL features were selected and compared their implementations across five major MOOC platforms. While web applications provide a bigger feature set, mobile clients offer advanced offline capabilities. Based on the findings, a concept outlines how MSL features can enhance the learning experience on MOOC platforms while considering the technical feasibility.
Rohloff, T., Renz, J., Suarez, G.N., Meinel, C.: A Ubiquitous Learning Analytics Architecture for a Service-Oriented MOOC Platform. In: Calise, M., Delgado Kloos, C., Reich, J., Ruiperez-Valiente, J.A., and Wirsing, M. (eds.) Digital Education: At the MOOC Crossroads Where the Interests of Academia and Business Converge (EMOOCs 2019). p. 162--171. Springer International Publishing, Cham (2019).
As Massive Open Online Courses (MOOCs) generate a huge amount of learning activity data through its thousands of users, great potential is provided to use this data to understand and optimize the learning experience and outcome, which is the goal of Learning Analytics. But first, the data needs to be collected, processed, analyzed and reported in order to gain actionable insights. Technical concepts and implementations are rarely accessible and therefore this work presents an architecture how Learning Analytics can be implemented in a service-oriented MOOC platform. To achieve that, a service based on extensible schema-agnostic processing pipelines is introduced for the HPI MOOC platform. The approach was evaluated regarding its scalability, extensibility, and versatility with real-world use cases. Also, data privacy was taken into account. Based on five years of running the service in production on several platform deployments, six design recommendations are presented which can be utilized as best practices for platform vendors and researchers when implementing Learning Analytics in MOOCs.
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: Security Chaos Engineering for Cloud Services.The Proceedings of 18th IEEE International Symposium on Network Computing and Applications (NCA 2019). IEEE (2019).
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: SlingShot: Automated Threat Detection and Incident Response in Multi-Cloud Storage Systems.The Proceedings of 18th IEEE International Symposium on Network Computing and Applications (NCA 2019). IEEE (2019).
Bethge, J., Yang, H., Meinel, C.: Training Accurate Binary Neural Networks from Scratch.2019 26th IEEE International Conference on Image Processing (ICIP) (2019).
Binary neural networks are a promising approach to execute convolutional neural networks on devices with low computational power. Previous work on this subject often quantizes pretrained full-precision models and uses complex training strategies. In our work, we focus on increasing the performance of binary neural networks by training from scratch with a simple training strategy. In our experiments we show that we are able to achieve state-of-the-art results on standard benchmark datasets. Further, we analyze how full-precision network structures can be adapted for efficient binary networks and adopt a network architecture based on a DenseNet for binary networks, which lets us improve the state-of-the-art even further. Our source code can be found online: https://github.com/hpi-xnor/BMXNet-v2
Rohloff, T., Sauer, D., Meinel, C.: On the Acceptance and Usefulness of Personalized Learning Objectives in MOOCs.Proceedings of the Sixth ACM Conference on Learning @ Scale. p. 4:1--4:10. ACM, Chicago, IL, USA (2019).
With Massive Open Online Courses (MOOCs) the number of people having access to higher education increased rapidly. The intentions to enroll for a specific course vary significantly and depend on one's professional or personal learning needs and interests. All learners have in common that they pursue their individual learning objectives. However, predominant MOOC platforms follow a one-size-fits-all approach and primarily aim for completion with certification. Specifically, technical support for goal-oriented and self-regulated learning to date is very limited in this context although both learning strategies are proven to be key factors for students' achievement in large-scale online learning environments. In this first investigation, a concept for the application and technical integration of personalized learning objectives in a MOOC platform is realized and assessed. It is evaluated with a mixed-method approach. First, the learners' acceptance is examined with a multivariate A/B test in two courses. Second, a survey was conducted to gather further feedback about the perceived usefulness, next to the acceptance. The results show a positive perception by the learners, which paves the way for future research.
Rohloff, T., Oldag, S., Renz, J., Meinel, C.: Utilizing Web Analytics in the Context of Learning Analytics for Large-Scale Online Learning.2019 IEEE Global Engineering Education Conference (EDUCON). pp. 296-305 (2019).
Today, Web Analytics (WA) is commonly used to obtain key information about users and their behavior on websites. Besides, with the rise of online learning, Learning Analytics (LA) emerged as a separate research field for collecting and analyzing learners’ interactions on online learning platforms. Although the foundation of both methods is similar, WA has not been profoundly used for LA purposes. However, especially large-scale online learning environments may benefit from WA as it is more sophisticated and well-established in comparison to LA. Therefore, this paper aims to examine to what extent WA can be utilized in this context, without compromising the learners’ data privacy. For this purpose, Google Analytics was integrated into the Massive Open Online Course platform of the Hasso Plattner Institute as a proof of concept. It was tested with two deployments of the platform: openHPI and openSAP, where thousands of learners gain academic and industry knowledge about engineering education. Besides capturing behavioral data, the platforms’ existing LA dashboards were extended by WA metrics. The evaluation of the integration showed that WA covers a large part of the relevant metrics and is particularly suitable for obtaining an overview of the platform’s global activity, but reaches its limitations when it comes to learner-specific metrics.
Bothe, M., Renz, J., Rohloff, T., Meinel, C.: From MOOCs to Micro Learning Activities.2019 IEEE Global Engineering Education Conference (EDUCON). pp. 280-288 (2019).
Mobile devices are omnipresent in our daily lives. They are utilized for a variety of tasks and used multiple times for short periods throughout the day. MOOC providers optimized their platforms for these devices in order to support ubiquitous learning. While a combination of desktop and mobile learning yields improved course performances, standalone learning on mobile devices does not perform in the same manner. One indicator for this is the mismatch between the average usage pattern of mobile devices and the time to consume one content item in a MOOC. Micro learning builds on bite-sized learning material and focusses on short-term learning sessions. This work examines the potential of micro learning activities in the context of MOOCs. Therefore, a framework for video-based micro learning is presented, which features a personalized curriculum. Videos are suggested to the user in a non-linear order that is determined by content dependencies, users’ preferences and watched videos, as well as explicit and implicit user feedback. A mobile application was implemented to test the approach with restructured MOOC content resulting in 58 connected short videos about engineering education – e.g. web technologies and programming languages. The usage data indicates initial curiosity by the users. To improve retention rates, more user motivation will be required for future studies. A survey gathered additional qualitative feedback. While the content suggestions were seen as a vital feature for such an approach, the results showed good interest and acceptance rates to create a better learning experience for MOOCs on mobile devices.
Sukmana, M.I.H., Torkura, K.A., Graupner, H., Chauhan, A., Cheng, F., Meinel, C.: Supporting Internet-Based Location for Location-Based Access Control in Enterprise Cloud Storage Solution.International Conference on Advanced Information Networking and Applications. p. 1240--1253. Springer (2019).
Sukmana, M.I.H., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Unified Cloud Access Control Model for Cloud Storage Broker.2019 International Conference on Information Networking (ICOIN). p. 60--65. IEEE (2019).
Meinig, M., Sukmana, M.I.H., Torkura, K.A., Meinel, C.: Holistic Strategy-Based Threat Model for Organizations.Proceedings of the 10th International Conference on Ambient Systems, Networks and Technologies (ANT 2019). Elsevier Science, Leuven, Belgium (2019).
Data breaches, privacy violations and cyber-attacks are growing problems for companies and governmental organizations. Threat modelling serves as a heuristic procedure of methodological validation of organizations, system designs, software architectures to identify threats. The earlier this happens in the design process, the more cost-effective it is to identify and fix security vulnerabilities and therefore it reduces the possibility of risk happening. Classical literature sources and Internet sources offer different representations of attacker strategies and threat classifications. It is often difficult to apply these schemes to one’s own organization and often the size of them is comprehensible only for experts. In order to improve the understanding of security threats, particularly in the management levels, we provide a structured overview of the most common threat classification schemes and propose a classification model focusing on threats that first considers the specific organization and in a further step presents the courses of action of an attacker in this organization.
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: A Comparative Analysis of Trust Requirements in Decentralized Identity Management.Proceedings of the 33rd. International Conference on Advanced Information Networking and Applications. Springer, Matsue, Japan (2019).
Identity management is a fundamental component in securing online services. Isolated and centralized identity models have been applied within organizations. Moreover, identity federations connect digital identities across trust domain boundaries. These traditional models have been thoroughly studied with regard to trust requirements. The recently emerging blockchain technology enables a novel decentralized identity management model that targets user-centricity and eliminates the identity provider as a trusted third party. The result is a substantially different set of entities with mutual trust requirements. In this paper, we analyze decentralized identity management based on blockchain through defining topology patterns. These patterns depict schematically the decentralized setting and its main actors. We study trust requirements for the devised patterns and, finally, compare the result to traditional models. Our contribution enables a clear view of differences in trust requirements within the various models.
Pelchen, C., Jaeger, D., Cheng, F., Meinel, C.: The (Persistent) Threat of Weak Passwords: Implementation of a Semi-automatic Password-Cracking Algorithm.Proceedings of the 15th International Conference on Information Security Practice and Experience. Springer (2019).
Rohloff, T., Bothe, M., Meinel, C.: Visualizing Content Exploration Traces of MOOC Students.Companion Proceedings of the 9th International Conference on Learning Analytics & Knowledge (LAK19). p. 754--758 (2019).
This workshop paper introduces a novel approach to visualize content exploration traces of students who navigate through the learning material of Massive Open Online Courses (MOOCs). This can help teachers to identify trends and anomalies in their provided learning material in order to improve the learning experience. The difficulty lies in the complexity of data: MOOCs are structured into multiple sections consisting of different learning items and students can navigate freely between them. Therefore, it is challenging to find a meaningful and comprehensible visualization that provides a complete overview for teachers. We utilized a Sankey diagram which shows the students' transitions between course sections by grouping them into different buckets, based on the percentage of visited items in the corresponding section. Three preceding data processing steps are explained as well as the data visualization with an example course. This is followed by pedagogical considerations how MOOC teachers can utilize and interpret the visualization, to gain meaningful insights and execute informed actions. At last, an evaluation concept is outlined.
von Schmieden, K., Mayer, L., Taheri, M., Meinel, C.: Iterative Course Design in MOOCs: Evaluating a protoMOOC.Proceedings of the Design Society: International Conference on Engineering Design. pp. 539-548. Cambridge University Press (2019).
Meinig, M., Tröger, P., Meinel, C.: Rough Logs - A Data Reduction Approach for Log Files.Proceedings of the 21st International Conference on Enterprise Information Systems (ICEIS 2019). SCITEPRESS – Science and Technology Publications, Lda, Heraklion, Crete - Greece (2019).
Modern scalable information systems produce a constant stream of log records to describe their activities and current state. This data is increasingly used for online anomaly analysis, so that dependability problems such as security incidents can be detected while the system is running. Due to the constant scaling of many such systems, the amount of processed log data is a significant aspect to be considered in the choice of any anomaly detection approach. We therefore present a new idea for log data reduction called ‘rough logs’. It utilizes rough set theory for reducing the number of attributes being collected in log data for representing events in the system. We tested the approach in a large case study - the experiments showed that data reduction possibilities proposed by our approach remain valid even when the log information is modified due to anomalies happening in the system.
Bock, B., Matysik, J.-T., Krentz, K.-F., Meinel, C.: Link Layer Key Revocation and Rekeying for the Adaptive Key Establishment Scheme.Proceedings of the IEEE 5th World Forum on Internet of Things (WF-IoT). IEEE, Limerick, Ireland (2019).
While the IEEE 802.15.4 radio standard has many features that meet the requirements of Internet of things (IoT) applications, IEEE 802.15.4 leaves the whole issue of key management unstandardized. To address this gap, Krentz et al. proposed the Adaptive Key Establishment Scheme (AKES), which establishes session keys for use in IEEE 802.15.4 security. Yet, AKES does not cover all aspects of key management. In particular, AKES comprises no means for key revocation and rekeying. Moreover, existing protocols for key revocation and rekeying seem limited in various ways. In this paper, we hence propose a key revocation and rekeying protocol, which is designed to overcome various limitations of current protocols for key revocation and rekeying. For example, our protocol seems unique in that it routes around IEEE 802.15.4 nodes whose keys are being revoked. We succesfully implemented and evaluated our protocol using the Contiki-NG operating system and aiocoap.
Seidel, F., Krentz, K.-F., Meinel, C.: Deep En-Route Filtering of Constrained Application Protocol (CoAP) Messages on 6LoWPAN Border Routers.Proceedings of the IEEE 5th World Forum on Internet of Things (WF-IoT). IEEE, Limerick, Ireland (2019).
Devices on the IoT are usually battery-powered and have limited resources. Hence, energy-efficient and lightweight protocols were designed for IoT devices, such as the popular CoAP. Yet, CoAP itself does not include any defenses against denial-of-sleep attacks, which are attacks that aim at depriving victim devices of entering low-power sleep modes. For example, a denial-of-sleep attack against an IoT device that runs a CoAP server is to send plenty of CoAP messages to it, thereby forcing the IoT device to expend energy for receiving and processing these CoAP messages. All current security solutions for CoAP, namely DTLS, IPsec, and OSCORE, fail to prevent such attacks. To fill this gap, Seitz et al. proposed a method for filtering out inauthentic and replayed CoAP messages "en-route" on 6LoWPAN border routers. In this paper, we expand on Seitz et al.'s proposal in two ways. First, we revise Seitz et al.'s software architecture so that 6LoWPAN border routers can not only check the authenticity and freshness of CoAP messages, but can also perform a wide range of further checks. Second, we propose a couple of such further checks, which, as compared to Seitz et al.'s original checks, more reliably protect IoT devices that run CoAP servers from remote denial-of-sleep attacks, as well as from remote exploits. We prototyped our solution and successfully tested its compatibility with Contiki-NG's CoAP implementation.
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: Personality Exploration System for Online Social Networks: Facebook Brands As a Use Case.IEEE/WIC/ACM International Conference on Web Intelligence. IEEE Press, Santiago, Chile (2019).
User-generated content on social media platforms is a rich source of latent information about individual variables. Crawling and analyzing this content provides a new approach for enterprises to personalize services and put forward product recommendations. In the past few years, brands made a gradual appearance on social media platforms for advertisement, customers support and public relation purposes and by now it became a necessity throughout all branches. This online identity can be represented as a brand personality that reflects how a brand is perceived by its customers. We exploited recent research in text analysis and personality detection to build an automatic brand personality prediction model on top of the (Five-Factor Model) and (Linguistic Inquiry and Word Count) features extracted from publicly available benchmarks. The proposed model reported significant accuracy in predicting specific personality traits form brands. For evaluating our prediction results on actual brands, we crawled the Facebook API for 100k posts from the most valuable brands’ pages in the USA and we visualize exemplars of comparison results and present suggestions for future directions.
Rezaei, M., Yang, H., Meinel, C.: Learning Imbalanced Semantic Segmentation through Cross-Domain Relations of Multi-Agent Generative Adversarial Networks.SPIE Medical Imaging - Computer Aided Diagnosis (SPIE 2019) (2019).
Bothe, M., Rohloff, T., Meinel, C.: A Quantitative Study on the Effects of Learning with Mobile Devices in MOOCs.2019 IEEE International Conference on Engineering, Technology and Education (TALE). pp. 1-7 (2019).
Massive Open Online Course (MOOC) platforms were initially designed for a desktop learning experience delivered via the Internet. With the increasing acceptance of mobile devices, learners started accessing the MOOC platforms through the browser application on their smartphones and tablets. However, native mobile applications offer better system integration and enhance the learning experience. As the concept of mobile-assisted seamless learning emphasizes the ubiquitous access to learning material, the relevance of mobile devices in the learning process will increase further. This paper investigates the different learning behaviors when using mobile devices on the HPI MOOC platform. For this, influencing aspects, that can not always be controlled by the learner, are examined for native applications and mobile websites-such as the size of the screen and the current network state of the mobile device. The results of a quantitative study show highly significant differences between the usage of native applications, mobile websites, and the overall average of the HPI MOOC platform. It was proven that the size of the screen has a large practical effect when using native applications. Furthermore, course items and videos are more often consumed when the device is connected to a WiFi network. This study creates the basis for future research to improve the support of mobile-assisted seamless learning methods for MOOCs.
Meinig, M., Tröger, P., Meinel, C.: Finding Classification Zone Violations with Anonymized Message Flow Analysis.Proceedings of the 5th Conference on Information Systems Security and Privacy (ICISSP 2019). SCITEPRESS – Science and Technology Publications, Lda, Prague, Czech Republic (2019).
Modern information infrastructures and organizations increasingly face the problem of data breaches and cyber-attacks. A traditional method for dealing with this problem are classification zones, such as ‘top secret’, ‘confidential’, and ‘unclassified’, which regulate the access of persons, hardware, and software to data records. In this paper, we present an approach that finds classification zone violations through automated message flow analysis. Our approach considers the problem of anonymization for the source event logs, which makes the resulting data flow model sharable with experts and the public. We discuss practical implications from applying the approach to a large governmental organization data set and discuss how the anonymity of our concept can be formally validated.
von Schmieden, K., Meinel, C.: Utilizing Warm-Up Games in MOOC Discussion Forums.EMOOCs-WiP. pp. 218-223 (2019).
Shaabani, N., Meinel, C.: Improving the Efficiency of Inclusion Dependency Detection.Proceedings of the 27th ACM International Conference on Information and Knowledge Management, CIKM 2018. pp. 207-216. ACM (2018).
The detection of all inclusion dependencies (INDs) in an unknown dataset is at the core of any data profiling effort. Apart from the discovery of foreign key relationships, INDs can help perform data integration, integrity checking, schema (re-)design, and query optimization. With the advent of Big Data, the demand increases for efficient INDs discovery algorithms that can scale with the input data size. To this end, we propose S-indd++ as a scalable system for detecting unary INDs in large datasets. S-indd++ applies a new stepwise partitioning technique that helps discard a large number of attributes in early phases of the detection by processing the first partitions of smaller sizes. S-indd++ also extends the concept of the attribute clustering to decide which attributes to be discarded based on the clustering result of each partition. Moreover, in contrast to the state-of-the-art, S-indd++ does not require the partition to fit into the main memory- which is a highly appreciable property in the face of the ever growing datasets. We conducted an exhaustive evaluation of S-indd ++ by applying it to large datasets with thousands attributes and more than 266 million tuples. The results show the high superiority of S-indd++ over the state-of-the-art. S-indd++ reduced up to 50~% of the runtime in comparison with Binder, and up to 98~% in comparison with S-indd.
Traifeh, H., Bin Tareaf, R., Meinel, C.: Challenges and Opportunities in Digital Learning: Perspectives from the Arab World.British Association for International & Comparative Education, BAICE 2018. BAICE UK, University of York, UK (2018).
The plethora of challenges facing the education sector in the Arab World is resulting in significant gaps in outcome and quality between the region and countries with similar levels of economic development. However, the past few years witnessed a gradual trend of improvement propelled by an increasing adoption of digital learning. The widespread of the Internet, the increased number of mobile devices (especially smartphones) among Arab youth and the improvement of some educational institutions’ technical infrastructure, led to a thriving online education landscape. This paper provides a systematic review of Arab digital learning and MOOCs platforms, and highlights the current challenges and issues faced by learners and providers. The paper reports the results of a survey of Arab students and life-long learners about their digital learning experiences. Analysis of the survey data shows that despite its growing adoption, digital learning is still in its early stages compared to that of the developed countries. The paper discusses the identified opportunities for improvement and the potential benefits and advantages for both learners and digital learning providers. The paper concludes with a discussion of future research directions.
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: A Quantifiable Trust Model for Blockchain-Based Identity Management.Proceedings of the 2018 International Conference on Blockchain. IEEE, Halifax, Canada (2018).
Removing the need for a trusted third party, blockchain technology revolutionizes the field of identity management. Service providers rely on digital identities to securely identify, authenticate and authorize users to their services. Traditionally, these digital identities are offered by a central identity provider belonging to a specific organisation. Trust in the digital identity mainly originates from the identity provider’s reputation, organizational functioning and contractual obligations. Blockchain technology enables the creation of decentralized identity management without a central identity provider as trusted third party. Therefore, the derivation of trust in digital identities within this paradigm requires a distinct approach. In this paper we propose a novel general quantifiable trust model and a specific implementation variant for blockchainbased identity management. Applying the model, trust is deduced in a decentralized manner from attestations of claims and applied to the associated digital identity. This concept replaces trust with a central identity provider by aggregated trust into attestation issuers. Thus, promoting self-sovereign identities to be fit for purpose. The calculated numerical trust metric serves as independent basis for the definition of assurance levels to simplify and automate reasoning about trust by service providers without requiring a dedicated evaluation of a trusted third party.
Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: Towards a Blockchain-based Identity Provider.Proceedings of the 12th. International Conference on Emerging Security Information, Systems and Technologies. IARIA, Venice, Italy (2018).
The emerging technology blockchain is under way to revolutionize various fields. One significant domain to apply blockchain is identity management. In traditional identity management, a centralized identity provider, representing a trusted third party, supplies digital identities and their attributes. The identity provider controls and owns digital identities instead of the associated subjects and therefore, constitutes a single point of failure and compromise. To overcome the need for this trusted third party, blockchain enables the creation of a decentralized identity provider serving digital identities that are under full control of the associated subject. In this paper, we outline the design and implementation of a decentralized identity provider using an unpermissioned blockchain. Digital identities are partially stored on the blockchain and their attributes are modelled as verifiable claims, consisting of claims and attestations. In addition to that, the identity provider implements the OpenID Connect protocol to promote seamless integration into existing application landscapes. We provide a sample authentication workflow for a user at an online shop to show practical feasibility.
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: ASEDS: Towards Automatic Social Emotion Detection System Using Facebook Reactions.2018 IEEE 20th International Conference on High Performance Computing and Communications. p. 860--866. IEEE Press, Exeter, UK (2018).
The Massive adoption of social media has provided new ways for individuals to express their opinion and emotion online. In 2016, Facebook introduced a new reactions feature that allows users to express their psychological emotions regarding published contents using so-called Facebook reactions. In this paper, a framework for predicting the distribution of Facebook post reactions is presented. For this purpose, we collected an enormous amount of Facebook posts associated with their reactions labels using the proposed scalable Facebook crawler. The training process utilizes 3 million labeled posts for more than 64,000 unique Facebook pages from diverse categories. The evaluation on standard benchmarks using the proposed features shows promising results compared to previous research. The final model is able to predict the reaction distribution on Facebook posts with a recall score of 0.90 for “Joy” emotion.
Mordido, G., Yang, H., Meinel, C.: Dropout-GAN: Learning from a Dynamic Ensemble of Discriminators.KDD2018 (2018).
Bin Tareaf, R., Berger, P., Hennig, P., Meinel, C.: Malicious Behaviour Identification in Online Social Networks.Springer - IFIP International Conference on Distributed Applications and Interoperable Systems. p. 18. Springer LNCS, Madrid, Spain (2018).
This paper outlines work on the detection of anomalous behaviour in Online Social Networks (OSNs). We present various automated techniques for identifying a ‘prodigious’ segment within a tweet, and consider tweets which are unusual because of writing style, posting sequence, or engagement level. We evaluate the mechanism by running extensive experiments over large artificially constructed tweets corpus, crawled to include randomly interpolated and abnormal Tweets. In order to successfully identify anomalies in a tweet, we aggregate more than 21 features to characterize users’ behavioural pattern. Using these features with each of our methods, we examine the effect of the total number of tweets on our ability to detect an anomaly, allowing segments of size 50 tweets 100 tweets and 200 tweets. We show indispensable improvements over a baseline in all circumstances for each method, and identify the method variant which performs persistently better than others.
Shams, A., Bin Tareaf, R., Renz, J., Meinel, C.: Smart MOOC-Social Computing for Learning and Knowledge Sharing.Proceedings of the 10th International Conference on Computer Supported Education, CSEDU 2018, Funchal, Madeira, Portugal, March 15-17, 2018, Volume 2. p. 391--396. , Capr Town, South Africa (2018).
Massive Open Online Courses(MOOCs) make use of educational technologies to deliver learning materials, supposedly open for everyone, usually with a capacity to serve a substantial number of learners regardless of their geographical locations. A recent advancement in mobile technologies and wireless communications in Africa has produced a conducive digital environment enough to support mobile learning. However, only a handful of learners from Africa participates in online learning compared to their massive engagement in online social networking. Internet-based Social media programs make most of the connections with students for social purposes and yet far less with educational intentions. Participation in mobile learning is still small in the region particular to the Social media who already possess necessary resources for e-learning. Therefore it remains unclear though in which ways, Social media may help to boost mobile learning through its utilization of programs and computation power. This paper argues the best possible approaches aiming to increase the involvement of MOOCs to Africa via a Social network.
Torkura, K. .A., Sukmana, M.I.H., Tim, S., Cheng, F., Graupner, H., Meinel, C.: Defeating Malicious Intrusions in Multi-Cloud Storage Systems.Proceedings of the 6th HPI Cloud Symposium “Operating the Cloud” 2018. Hasso Plattner Institute, Potsdam, Germany (2018).
Rezaei, M., Yang, H., Meinel, C.: Multi-Task Generative Adversarial Network for Handling Imbalanced Clinical Data.arXiv preprint arXiv:1811.10419 (2018).
We propose a new generative adversarial architecture to mitigate imbalance data problem for the task of medical image semantic segmentation where the majority of pixels belong to a healthy region and few belong to lesion or non-health region. A model trained with imbalanced data tends to bias towards healthy data which is not desired in clinical applications. We design a new conditional GAN with two components: a generative model and a discriminative model to mitigate imbalanced data problem through selective weighted loss. While the generator is trained on sequential magnetic resonance images (MRI) to learn semantic segmentation and disease classification, the discriminator classifies whether a generated output is real or fake. The proposed architecture achieved state-of-the-art results on ACDC-2017 for cardiac segmentation and diseases classification. We have achieved competitive results on BraTS-2017 for brain tumor segmentation and brain diseases classification.
Sukmana, M.I.H., Torkura, K.A., Cheng, F., Meinel, C., Graupner, H.: Unified logging system for monitoring multiple cloud storage providers in cloud storage broker.Information Networking (ICOIN), 2018 International Conference on. p. 44--49. IEEE (2018).
Bartz, C., Yang, H., Bethge, J., Meinel, C.: LoANs: Weakly Supervised Object Detection with Localizer Assessor Networks.Asian Conference on Computer Vision. p. 341--356. Springer (2018).
Rezaei, M., Yang, H., Meinel, C.: Generative Adversarial Framework for Learning Multiple Clinical Tasks.Digital Image Computing: Techniques and Applications (DICTA-2018) (2018).
Rezaei, M., Yang, H., Meinel, C.: voxel-GAN: Adversarial Framework for Learning Imbalanced Brain Tumor Segmentation.Brainlesion: Glioma, Multiple Sclerosis, Stroke and Traumatic Brain Injuries - Fourth International Workshop, BrainLes 2018, Held in Conjunction with MICCAI 2018, Granada, Spain, September 14, 2018, Revised Selected Papers. Springer (2018).
Rezaei, M., Yang, H., Meinel, C.: Automatic Cardiac MRI Segmentation via Context-aware Recurrent Generative Adversarial Neural Network.Computer Assisted Radiology and Surgery (CARS 2018) (2018).
Rezaei, M., Yang, H., Meinel, C.: Conditional Generative Refinement Adversarial Networks for Unbalanced Medical Image Semantic Segmentation.2019 IEEE Winter Application Computer Vision (2018).
Rezaei, M., Yang, H., Meinel, C.: Instance Tumor Segmentation using Multitask Convolutional Neural Network.2018 International Joint Conference on Neural Networks (IJCNN). p. 1--8. IEEE (2018).
Bartz, C., Yang, H., Meinel, C.: SEE: towards semi-supervised end-to-end scene text recognition.Thirty-Second AAAI Conference on Artificial Intelligence (2018).
Staubitz, T., Traifeh, H., Meinel, C.: Team-Based Assignments in MOOCs - User Feedback.2018 Learning With MOOCS (LWMOOCS). pp. 39-42 (2018).
With the increasing use of graded team-based assignments on our MOOC platforms-openHPI, openSAP, and mooc.house-we see the need to consult the opinion of our course participants about their perception of these tasks and the sufficiency of the platform support. Since we introduced the feature in May 2016, seven courses that included team-based assignments have been conducted on our platforms. In four of these courses, we have conducted qualitative and quantitative surveys among the participants. The paper at hand presents and discusses the results of these surveys.
Meinig, M., Meinel, C.: Securing the Flow - Data Flow Analysis with Operational Node Structures.Proceedings of the 4th Conference on Information Systems Security and Privacy (ICISSP 2018). pp. 241-250. SCITEPRESS – Science and Technology Publications, Lda, Madeira, Portugal (2018).
After land, sea, air and space, cyberspace has become the fifth domain of warfare. Organizations recognize the need for protecting confidential, secret - classified – information. Competitors and adversaries turn to illegal methods to obtain classified information. They try to gain a competitive advantage or close a technological gap as well as reduce dependencies on others. Classified information involves facts, subject matters or knowledge needing to be kept secret, regardless of the way in which the information is depicted. In networks with different security classifications a direct physical connection is not allowed. Consequently the possibility of coupling different security domains in affected organizations must be checked comprehensively under security aspects. In this paper we present a new security approach that helps to identify threats at transitions and security zones on valid data flow paths. It can be used to display security challenges within organizations using classified information such as governmental or military organizations. The methodology also incorporates new attributes for data flows in connected systems or processes.
Torkura, K. .A., Sukmana, M.I.H., Kayem, A.V.D.M., Cheng, F., Meinel, C.: A Cyber Risk Based Moving Target Defense Mechanism for Microservice Architectures.32nd IEEE International Symposium on Parallel and Distributed Processing with Applications. IEEE (2018).
Rezaei, M., Harmuth, K., Gierke, W., Kellermeier, T., Fischer, M., Yang, H., Meinel, C.: A Conditional Adversarial Network for Semantic Segmentation of Brain Tumor.Springer (2018).
Staubitz, T., Meinel, C.: Team based assignments in MOOCs: results and observations.Proceedings of the Fifth Annual ACM Conference on Learning at Scale, London, UK, June 26-28, 2018. p. 47:1--47:4 (2018).
Teamwork and collaborative learning are considered superior to learning individually by many instructors and didactical theories. Particularly, in the context of e-learning and Massive Open Online Courses (MOOCs) we see great benefits but also great challenges for both, learners and instructors. We discuss our experience with six team based assignments on the openHPI and openSAP1 MOOC platforms.
Perlich, A., Meinel, C.: Cooperative Note-Taking in Psychotherapy Sessions: An Evaluation of the Therapist’s User Experience with Tele-Board MED.Proceedings of the IEEE 20th International Conference on e-Health Networking, Applications and Services (Healthcom 2018) (2018).
In the course of patient treatments, psychotherapists aim to meet the challenges of being both a trusted, knowledgeable conversation partner and a diligent documentalist. We are developing the digital whiteboard system Tele-Board MED (TBM), which allows the therapist to take digital notes during the session together with the patient. This study investigates what therapists are experiencing when they document with TBM in patient sessions for the first time and whether this documentation saves them time when writing official clinical documents. As the core of this study, we conducted four anamnesis session dialogues with behavior psychotherapists and volunteers acting in the role of patients. Following a mixed-method approach, the data collection and analysis involved self-reported emotion samples, user experience curves and questionnaires. We found that even in the very first patient session with TBM, therapists come to feel comfortable, develop a positive feeling and can concentrate on the patient. Regarding administrative documentation tasks, we found with the TBM report generation feature the therapists save 60% of the time they normally spend on writing case reports to the health insurance.
Staubitz, T., Meinel, C.: Collaborative Learning in MOOCs - Approaches and Experiments.2018 IEEE Frontiers in Education Conference (FIE). IEEE (2018).
This Research-to-Practice paper examines the practical application of various forms of collaborative learning in MOOCs. Since 2012, about 60 MOOCs in the wider context of Information Technology and Computer Science have been conducted on our self-developed MOOC platform. The platform is also used by several customers, who either run their own platform instances or use our white label platform. We, as well as some of our partners, have experimented with different approaches in collaborative learning in these courses. Based on the results of early experiments, surveys amongst our participants, and requests by our business partners we have integrated several options to offer forms of collaborative learning to the system. The results of our experiments are directly fed back to the platform development, allowing to fine tune existing and to add new tools where necessary. In the paper at hand, we discuss the benefits and disadvantages of decisions in the design of a MOOC with regard to the various forms of collaborative learning. While the focus of the paper at hand is on forms of large group collaboration, two types of small group collaboration on our platforms are briefly introduced.
Krentz, K.-F., Meinel, C., Graupner, H.: Denial-of-Sleep-Resilient Session Key Establishment for IEEE 802.15.4 Security: From Adaptive to Responsive.Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2018). Junction, Madrid, Spain (2018).
Battery-powered and energy-harvesting IEEE 802.15.4 nodes are subject to so-called denial-of-sleep attacks. Such attacks generally aim at draining the energy of a victim device. Especially, session key establishment schemes for IEEE 802.15.4 security are susceptible to denial-of-sleep attacks since injected requests for session key establishment typically trigger energy-consuming processing and communication. Nevertheless, Krentz et al.’s Adaptive Key Establishment Scheme (AKES) for IEEE 802.15.4 security is deemed to be resilient to denial-of-sleep attacks thanks to its energy-efficient design and special defenses. However, thus far, AKES’ resilience to denial-of-sleep attacks was presumably never evaluated. In this paper, we make two contributions. First, we evaluate AKES’ resilience to denial-of-sleep attacks both theoretically and empirically. We particularly consider two kinds of denial-of-sleep attacks, namely HELLO flood attacks, as well as what we introduce in this paper as “yo-yo attacks”. Our key finding is that AKES’ denial-of-sleep defenses require trade-offs between denial-of-sleep resilience and the speed at which AKES adapts to topology changes. Second, to alleviate these trade-offs, we devise and evaluate new denial-of-sleep defenses. Indeed, our newly-devised denial-of-sleep defenses turn out to significantly accelerate AKES’ reaction to topology changes, without incurring much overhead nor sacrificing on security.
Rohloff, T., Bothe, M., Renz, J., Meinel, C.: Towards a Better Understanding of Mobile Learning in MOOCs.Proceedings of the 5th Learning with MOOCs Conference (LWMOOCs 2018) (2018).
The pervasive presence of mobile devices and growing trends like ubiquitous learning make new demands on Massive Open Online Courses (MOOCs). Users learn increasingly on the go and with multiple devices, instead of being tied to a fixed workstation. However, there is a lack of research how the usage of mobile devices influences the learning behavior and outcome in MOOCs. Thus, this paper presents a first quantitative study to examine this question. To enable a statistical analysis, a proof-of-concept implementation outline is presented, which enhances the Learning Analytics capabilities of the openHPI MOOC platform with contextual data to process various learning behavior metrics. Based on an analysis of four courses, it was found that users who additionally learnt with mobile applications showed a higher engagement with the learning material and completed the course more often. Nevertheless, the reasoning must be addressed with qualitative analyses in future, to better support their learning process and success on mobile and stationary devices.
Torkura, K. .A., Sukmana, M.I.H., Tim, S., Cheng, F., Graupner, H., Meinel, C.: CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems.The Proceedings of 17th IEEE International Symposium on Network Computing and Applications (NCA 2018). IEEE (2018).
Sianipar, J., Willems, C., Meinel, C.: Virtual Machine Integrity Verification in Crowd-Resourcing Virtual Laboratory. Presented at the (2018).
In cloud computing, users are able to use their own operating system (OS) image to run a virtual machine (VM) on a remote host. The virtual machine OS is started by the user using some interfaces provided by a cloud provider in public or private cloud. In peer to peer cloud, the VM is started by the host admin. After the VM is running, the user could get a remote access to the VM to install, configure, and run services. For the security reasons, the user needs to verify the integrity of the running VM, because a malicious host admin could modify the image or even replace the image with a similar image, to be able to get sensitive data from the VM. We propose an approach to verify the integrity of a running VM on a remote host, without using any specific hardware such as Trusted Platform Module (TPM). Our approach is implemented on a Linux platform where the kernel files (vmlinuz and initrd) could be replaced with new files, while the VM is running. kexec is used to reboot the VM with the new kernel files. The new kernel has secret codes that will be used to verify whether the VM was started using the new kernel files. The new kernel is used to further measuring the integrity of the running VM.
Rohloff, T., Utunen, H., Renz, J., Zhao, Y., Gamhewage, G., Meinel, C.: OpenWHO: Integrating Online Knowledge Transfer into Health Emergency Response. In: Dimitrova, V., Praharaj, S., Fominykh, M., and Drachsler, H. (eds.) Practitioner Proceedings of the 13th European Conference On Technology Enhanced Learning (EC-TEL 2018). CEUR-WS.org (2018).
The platform OpenWHO was developed in 2017 in a cooperation between the World Health Organization (WHO) and the Hasso Plattner Institute (HPI). The Department of Infectious Hazard Management, under the WHO Health Emergencies Programme, worked together with the HPI to create a new interactive, web-based, knowledge-transfer platform offering online courses to improve the response to health emergencies. The platform was newly launched as there was an identified need of an open and scalable solution for fast distribution of life-saving content in disease outbreaks for frontline responders. The platform provides adjusted versions of the massive open online learning resources that are self-paced and at ease formats for the frontline and low-bandwidth use. The HPI already developed know-how in previous Massive Open Online Course (MOOC) projects like openHPI and openSAP. OpenWHO is based on the same technology as the aforementioned projects. This paper will provide insights into the practical deployment, the adaption of the MOOC concept, and lessons learnt within the first year of this platform.
Rohloff, T., Meinel, C.: Towards Personalized Learning Objectives in MOOCs. In: Pammer-Schindler, V., Pérez-Sanagustín, M., Drachsler, H., Elferink, R., and Scheffel, M. (eds.) Lifelong Technology-Enhanced Learning (EC-TEL 2018). p. 202--215. Springer International Publishing, Cham (2018).
Instead of measuring success in Massive Open Online Courses (MOOCs) based on certification and completion-rates, researchers started to define success with alternative metrics recently, for example by evaluating the intention-behavior gap and goal achievement. Especially self-regulated and goal-oriented learning have been identified as critical skills to be successful in online learning environments with low guidance like MOOCs, but technical support is rare. Therefore, this paper examines the current technical capabilities and limitations of goal-oriented learning in MOOCs. An observational study to explore how well learners in five MOOCs achieved their initial learning objectives was conducted, and the results are compared with similar studies. Afterwards, a concept with a focus on technical feasibility and automation outlines how personalized learning objectives can be supported and implemented on a MOOC platform.
Torkura, K. .A., Sukmana, M.I.H., Cheng, F., Meinel, C.: CAVAS: Neutralizing Application and Container Security Vulnerabilities in the Cloud Native Era.14th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2018). Springer (2018).
Perlich, A., Meinel, C., Zeis, D.: Evaluation of the Technology Acceptance of a Collaborative Documentation System for Addiction Therapists and Clients.Building Continents of Knowledge in Oceans of Data: The Future of Co-Created eHealth. pp. 695-699 (2018).
Addiction treatment outcomes are strongly determined by relational factors. We present the interactive documentation system Tele-Board MED (TBM) developed as an adjunct to therapy sessions aimed at enhancing the therapeutic alliance and patient empowerment. The objective of this work is to find factors that predict the acceptance of TBM in face-to-face addiction treatment sessions. We combined the methodologies of survey and focus group and based the data collection and analysis on the Unified Theory of Acceptance and Use of Technology. The studies, which involved therapists (n=13) and clients (n=33), were conducted in an addiction counselling center in Germany. Therapists see a flexible, contextdependent usage as a basic condition for TBM acceptance and its greatest benefit in providing a discussion framework and quick access to worksheets—in both individual and group sessions. Clients are inclined to use the system with the expectation of improved communication and better recall of the discussed topics based on a personal copy of the session notes.
Torkura, K.A., Sukmana, M.I.H., Meinig, M., Graupner, H., Cheng, F., Meinel, C.: A Threat Modeling Approach for Cloud Storage Brokerage and File Sharing Systems.16th IEEE/IFIP Network Operations and Management Symposium (NOMS 2018). IEEE/IFIP (2018).
Cloud storage brokerage systems abstract cloud storage complexities by mediating technical and business relationships between Cloud Service Providers(CSP) and cloud users, while providing value-added services e.g. increased security, identity management and file sharing/syncing. However, CSBs face several security challenges including enlarged attack surfaces due to integration of disparate components e.g. on-premise and cloud APIs/services. Therefore, appropriate security risk assessment methods are required to identify and evaluate these security issues, and examine the efficiency of countermeasures. A possible approach for satisfying these requirements is employment of threat modeling concepts, which have been successfully applied in traditional paradigms. In this work, we employ threat models including attack trees, attack graphs and Data Flow Diagrams against a representative, real Cloud Storage Broker (CSB) and analyze these security threats and risks. We also propose a technique for combining Common Vulnerability Scoring System (CVSS) and Common Configuration Scoring System (CCSS) base scores in probabilistic attack graphs in order to cater for configuration-based vulnerabilities which are typically leveraged to compromise cloud storage systems. This effort is necessary since existing schemes do not provide sufficient security metrics, imperative for comprehensive risk assessments. We demonstrate the efficiency of our proposal by devising CCSS base scores for two common attacks against cloud storage: Cloud Storage Enumeration Attack and Cloud Storage Exploitation Attack. These metrics are then used in Attack Graph Metric-based risk assessment. Therefore, our approach can be employed by CSBs and CSPs to improve cloud security.
Torkura, K. .A., Sukmana, M.I.H., Meinig, M., Kayem, A., Cheng, F., Graupner, H., Meinel, C.: Securing Cloud Storage Brokerage Systems through Threat Models.The 32nd IEEE International Conference on Advanced Information Networking and Applications (AINA 2018). IEEE (2018).
Sianipar, J., Sukmana, M., Meinel, C.: Moving Sensitive Data Against Live Memory Dumping, Spectre and Meltdown Attacks. Presented at the (2018).
The emergence of cloud computing allows users to easily host their Virtual Machines with no up-front investment and the guarantee of always available anytime anywhere. But with the Virtual Machine (VM) is hosted outside of user’s premise, the user loses the physical control of the VM as it could be running on untrusted host machines in the cloud. Malicious host administrator could launch live memory dumping, Spectre, or Meltdown attacks in order to extract sensitive information from the VM’s memory, e.g. passwords or cryptographic keys of applications running in the VM. In this paper, inspired by the moving target defense (MTD) scheme, we propose a novel approach to increase the security of application’s sensitive data in the VM by continuously moving the sensitive data among several memory allocations (blocks) in Random Access Memory (RAM). A movement function is added into the application source code in order for the function to be running concurrently with the application’s main function. Our approach could reduce the possibility of VM’s sensitive data in the memory to be leaked into memory dump file by 25% and secure the sensitive data from Spectre and Meltdown attacks. Our approach’s overhead depends on the number and the size of the sensitive data.
Rezaei, M., Yang, H., Meinel, C.: Whole Heart and Great Vessel Segmentation with Context-aware of Generative Adversarial Networks. In: Maier, A.K., Deserno, and T.M., Handels, and H., and Klaus Hermann Maier-Hein,, Palm, and C., and Tolxdorff, and T. (eds.) Bildverarbeitung für die Medizin 2018. p. 353--358. Springer (2018).
Amirkhanyan, A., Meinel, C.: The Framework for Spatiotemporal Sequential Rule Mining: Crime Data Case Study.The 2017 International Conference on Knowledge Engineering and Applications (ICKEA2017, IEEE) (2017).
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Identifying Suspicious User Behavior with Neural Networks.Proceedings of the 4th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2017). p. 255--263. IEEE (2017).
Rezaei, M., Yang, H., Meinel, C.: Deep Learning for Medical Image Analysis.arXiv preprint arXiv:1708.08987.10 (2017).
Torkura, K.A., Sukmana, M.I.H., Meinel, C.: Integrating Continuous Security Assessments in Microservices and Cloud Native Applications.Proceedings of the10th International Conference on Utility and Cloud Computing. p. 171--180. ACM (2017).
Cloud Native Applications (CNA) consists of multiple collaborating microservice instances working together towards common goals. These microservices leverage the underlying cloud infrastructure to enable several properties such as scalability and resiliency. CNA are complex distributed applications, vulnerable to several security issues affecting microservices and traditional cloud-based applications. For example, each microservice instance could be developed with different technologies e.g. programming languages and databases. This diversity of technologies increases the chances for security vulnerabilities in microservices. Moreover, the fast-paced development cycles of CNA increases the probability of insufficient security tests in the development pipelines, and consequent deployment of vulnerable microservices. Furthermore, cloud native environments are ephemeral, microservices are dynamically launched and de-registered, this factor creates a discoverability challenge for traditional security assessment techniques. Hence, security assessments in such environments require new approaches which are specifically adapted and integrated to CNA. In fact, such techniques are to be cloud native i.e. well integrated into the cloud’s fabric. In this paper, we tackle the above-mentioned challenges through the introduction of a novel Security Control concept - the Security Gateway. To support the Security Gateway concept, two other concepts are proposed: dynamic document store and security health endpoints.We have implemented these concepts using cloud native design patterns and integrated them into the CNA workflow. Our experimental evaluations validate the efficiency of our proposals, the time overhead due to the security gateway is minimal and the vulnerability detection rate surpasses that of traditional security assessment approaches. Our proposal can therefore be employed to secure CNA and microservice-based implementations.
Rohloff, T., Renz, J., Bothe, M., Meinel, C.: Supporting Multi-Device E-Learning Patterns with Second Screen Mobile Applications.Proceedings of the 16th World Conference on Mobile and Contextual Learning (mLearn 2017). pp. 25:1-25:8. ACM, Larnaca, Cyprus (2017).
Many providers of Massive Open Online Course (MOOC) platforms released mobile applications in the recent years to enable learning offline and on the go, for a more ubiquitous learning experience. However, mainly the MOOC content was optimized for small screens, but mobile devices provide the opportunity to enrich the MOOC experience even further by enabling new forms of learning. Based on a previous learning patterns evaluation and a user survey, this paper presents a second screen prototype for the MOOC platform of the Hasso Plattner Institute, whereby the mobile application can be used as a learning companion while using the web platform on a computer. Four different actions were implemented which can be done next to watching a video lecture. The evaluation showed that the prototype was helpful and made learning more efficient, as reported by users, and also ideas for further improvements were proposed.
Meinel, C., Renz, J., Grella, C., Karn, N., Hagedorn, C.: Die Cloud für Schulen in Deutschland. Konzept und Pilotierung der Schul-Cloud.Technische Berichte des Hasso-Plattner-Instituts für Softwaresystemtechnik an der Universität Potsdam.56 (2017).
Die digitale Entwicklung durchdringt unser Bildungssystem, doch Schulen sind auf die Veränderungen kaum vorbereitet: Überforderte Lehrer/innen, infrastrukturell schwach ausgestattete Unterrichtsräume und unzureichend gewartete Computernetzwerke sind keine Seltenheit. Veraltete Hard- und Software erschweren digitale Bildung in Schulen eher, als dass sie diese ermöglichen: Ein zukunftssicherer Ansatz ist es, die Rechner weitgehend aus den Schulen zu entfernen und Bildungsinhalte in eine Cloud zu überführen. Zeitgemäßer Unterricht benötigt moderne Technologie und eine zukunftsorientierte Infrastruktur. Eine Schul-Cloud (https://hpi.de/schul-cloud) kann dabei helfen, die digitale Transformation in Schulen zu meistern und den fächerübergreifenden Unterricht mit digitalen Inhalten zu bereichern. Den Schüler/innen und Lehrkräften kann sie viele Möglichkeiten eröffnen: einen einfachen Zugang zu neuesten, professionell gewarteten Anwendungen, die Vernetzung verschiedener Lernorte, Erleichterung von Unterrichtsvorbereitung und Differenzierung
Renz, J., Shams, A., Meinel, C.: Offline-Enabled Web-based E-Learning for Improved User Experience in Africa.In Proceedings of the 2017 IEEE AFRICON Conference. pp. '759-764'. IEEE (2017).
Web-based E-Learning uses Internet technologies and digital media to deliver education content to learners. Many universities in recent years apply their capacity in producing Massive Open Online Courses (MOOCs). They have been offering MOOCs with an expectation of rendering a comprehensive online apprenticeship. Typically, an online content delivery process requires an Internet connection. However, access to the broadband has never been a readily available resource in many regions. In Africa, poor and no networks are yet predominantly experienced by Internet users, frequently causing offline each moment a digital device disconnect from a network. As a result, a learning process is always disrupted, delayed and terminated in such regions. This paper raises the concern of E-Learning in poor and low bandwidths, in fact, it highlights the needs for an Offline-Enabled mode. The paper also explores technical approaches beamed to enhance the user experience in Web-based E-Learning, particular in Africa.
Najafi, P., Sapegin, A., Cheng, F., Meinel, C.: Guilt-by-Association: Detecting Malicious Entities via Graph Mining.International Conference on Security and Privacy in Communication Systems. p. 88--107. Springer (2017).
In this paper, we tackle the problem of detecting malicious domains and IP addresses using graph inference. In this regard, we mine proxy and DNS logs to construct an undirected graph in which vertices represent domain and IP address nodes, and the edges represent relationships describing an association between those nodes. More specifically, we investigate three main relationships: subdomainOf, referredTo, andresolvedTo. We show that by providing minimal ground truth information, it is possible to estimate the marginal probability of a domain or IP node being malicious based on its association with other malicious nodes. This is achieved by adopting belief propagation, i.e., an efficient and popular inference algorithm used in probabilistic graphical models. We have implemented our system in Apache Spark and evaluated using one day of proxy and DNS logs collected from a global enterprise spanning over 2 terabytes of disk space. In this regard, we show that our approach is not only efficient but also capable of achieving high detection rate (96% TPR) with reasonably low false positive rates (8% FPR). Furthermore, it is also capable of fixing errors in the ground truth as well as identifying previously unknown malicious domains and IP addresses. Our proposal can be adopted by enterprises to increase both the quality and the quantity of their threat intelligence and blacklists using only proxy and DNS logs.
Kayem, A., Meinel, C., Wolthusen, S.: A Smart Micro-Grid Architecture for Resource Constrained Environments.Proceedings, 31st International Conference on Advanced Information Networking and Applications (AINA 2017), Taipei, Taiwan. IEEE (2017).
Micro-grids offer a cost-effective approach to providing reliable power supply in isolated and disadvantaged communities. These communities present a special case where access to national power networks is either non-existent or intermittent due to load-shedding to provision urban areas and/or due to high interconnection costs. By necessity, such micro-grids rely on renewable energy sources that are variable and so only partly predictable. Ensuring reliable power provisioning and billing must therefore be supported by demand management and fair-billing policies. Furthermore, since trusted centralized grid management is not always possible, using a distributed model offers a viable solution approach. However, such a distributed system may be subject to subversion attacks aimed at power theft. In this paper, we present a novel and innovative distributed architecture for power distribution and billing on micro-grids. The architecture is designed to operate efficiently over a lossy communication network, which is an advantage for disadvantaged communities. Since lossy networks are undependable, differentiating system failures from adversarial manipulations is important because grid stability is to a large extent dependent on user participation. To this end, we provide a characterization of potential adversarial models to underline how these can be differentiated from failures.
Ussath, M., Cheng, F., Meinel, C.: Enhanced Sinkhole System: Collecting System Details to Support Investigations.Proceedings of the 3rd International Conference on Mobile, Secure, and Programmable Networking (MSPN 2017). p. 18--33. Springer (2017).
Bin Tareaf, R., Berger, P., Hennig, P., Jung, J., Meinel, C.: Identifying Audience Attributes - Predicting Age, Gender and Personality for Enhanced Article Writing.ACM - International Conference on Cloud and Big Data Computing. pp. 79-88. ACM Press, London, UK (2017).
In order to create an effective article, having great content is essential. However, to achieve this, the writer needs to target a specific audience. A target audience refers to a group of readers that a writer intends to reach with his content. Defining a target audience is substantial because it has a direct effect on adjusting writing style and content of the article. Nowadays, writers rely solely on annotated attributes of articles, such as location and language to understand his/her audience. The aim of this work is to identify the audience attributes of articles, especially not-annotated attributes. Among others, this work focuses on the detection of three key audience attributes of related articles: age, gender, and personality. We compare between multiple machine learning classifiers to detect these attributes. Finally, we demonstrate a prototypical application that enables writers to run existing algorithms such as trend detection and showing related articles that are specific to a defined target audience based on the newly detected attributes.
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform - A Toolset.In Proceedings of ACM Learning at Scale Conference (L@S2017)(ACM), accepted as WIP. ACM (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course. Furthermore, today’s jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the platform’s OPS-team, which prepares the courses in accordance with the requirements of the teaching teams. The evaluation is based on the analysis of data, which has been collected in five courses that have been conducted on one of our platforms during 2015 and 2016 and interviews with the platform’s OPS-team.
Sianipar, J., Willems, C., Meinel, C.: Signed URL for an Isolated Web Server in a Virtual Laboratory.Proceedings of the 9th International Conference on Education Technology and Computers, ICETC 2017, Barcelona, Spain, December 20-22, 2017. p. 218--222 (2017).
Sukmana, M.I.H., Torkura, K.A., Meinel, C., Graupner, H.: Redesign cloudRAID for flexible and secure enterprise file sharing over public cloud storage.Proceedings of the 10th International Conference on Security of Information and Networks. p. 3--10. ACM (2017).
Sianipar, J., Willems, C., Meinel, C.: Team Placement in Crowd-Resourcing Virtual Laboratory for IT Security e-Learning.Proceedings of the 2017 International Conference on Cloud and Big Data Computing, ICCBDC 2017, London, United Kingdom, September 17 - 19, 2017. p. 60--66 (2017).
Perlich, A., Meinel, C.: Juggling Doctor and Patient Needs in Mental Health Record Design.Informatics Empowers Healthcare Transformation (2017).
Providing patients access to mental health records is a controversial topic that gains growing attention in research and practice. While it has great potential in increasing the patient engagement, skepticism is prevailing among therapists who fear detrimental effects and face a lack of feasibility when treatment notes are handwritten. We aim at empowering both therapists to new documentation approaches and patients to higher engagement, and develop the collaborative documentation system Tele-Board MED (TBM) as an adjunct to talk-based mental health interventions. We present an evaluation of TBM by comparing four prototypes and testing scenarios, reaching from early simulations to attempts of real-life implementations in clinical routines. This paper delivers a systematic need comparison of therapists as primary users and patients as secondary users, both during and beyond treatment sessions. While patient feedback is thoroughly positive, the therapist needs are only partially addressed; the benefits remain hidden behind the perceived effort.
Renz, J., Rohloff, T., Meinel, C.: Automatisierte Qualitätssicherung in MOOCs durch Learning Analytics. In: Ullrich, C. and Wessner, M. (eds.) Joint Proceedings of the Pre-Conference Workshops of DeLFI and GMW 2017. CEUR-WS.org (2017).
Dieser Beitrag beschreibt wie mithilfe von Learning Analytics Daten eine automatisierte Qualitätssicherung in MOOCs durchgeführt werden kann. Die Ergebnisse sind auch für andere skalierende E-Learning Systeme anwendbar. Hierfür wird zunächst beschrieben, wie in den untersuchten Systemen (die als verteilte Dienste in einer Microservice-Architektur implementiert sind) Learning Analytics Werkzeuge umgesetzt sind. Darauf aufbauend werden Konzept und Implementierung einer automatisierten Qualitätssicherung beschrieben. In einer ersten Evaluation wird die Nutzung der Funktion auf einer Instanz der am HPI entwickelten MOOC-Plattform untersucht. Anschließend wird ein Ausblick auf Erweiterungen und zukünftige Forschungsfragen gegeben.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-Norm Unit for Brain Lesions Detection.Springer (2017).
Grella, C.T., Staubitz, T., Teusner, R., Meinel, C.: Can MOOCs Support Secondary Education in Computer Science? In: Auer, M.E., Guralnick, D., and Uhomoibhi, J. (eds.) Interactive Collaborative Learning. p. 478--493. Springer International Publishing, Cham (2017).
Despite the importance of competencies in computer science for participation in the digital transformation of nearly all sectors, there is still a lack of learning material and technically experienced teachers in German schools. In the paper at hand, we investigate the potential of Massive Open Online Courses (MOOCs) for secondary education. Schools can profit from this learning content and format provided by well-known institutions. However, German schools provide some challenging conditions, which have to be taken into account for a meaningful integration of e-learning elements. Our statistical and qualitative results are based on the representative data of the National Educational Panel Study (NEPS), the learning data of more than 100,000 online learners from over 150 countries, and the outcomes of several workshops with teachers and school administrators.
Krentz, K.-F., Meinel, C., Graupner, H.: More Lightweight, yet Stronger 802.15.4 Security through an Intra-Layer Optimization.Proceedings of the 10th International Symposium on Foundations & Practice of Security (FPS 2017). Springer, Nancy, France (2017).
802.15.4 security protects against the replay, injection, and eavesdropping of 802.15.4 frames. A core concept of 802.15.4 security is the use of frame counters for both nonce generation and anti-replay protection. While being functional, frame counters (i) cause an increased energy consumption as they incur a per-frame overhead of 4 bytes and (ii) only provide sequential freshness. The Last Bits (LB) optimization does reduce the per-frame overhead of frame counters, yet at the cost of an increased RAM consumption and occasional energy- and time-consuming resynchronization actions. Alternatively, the timeslotted channel hopping (TSCH) media access control (MAC) protocol of 802.15.4 avoids the drawbacks of frame counters by replacing them with timeslot indices, but findings of Yang et al. question the security of TSCH in general. In this paper, we assume the use of ContikiMAC, which is a popular asynchronous MAC protocol for 802.15.4 networks. Under this assumption, we propose an Intra-Layer Optimization for 802.15.4 Security (ILOS), which intertwines 802.15.4 security and ContikiMAC. In effect, ILOS reduces the security-related per-frame overhead even more than the LB optimization, as well as achieves strong freshness. Furthermore, unlike the LB optimization, ILOS neither incurs an increased RAM consumption nor requires resynchronization actions. Beyond that, ILOS integrates with and advances other security supplements to ContikiMAC. We implemented ILOS using OpenMotes and the Contiki operating system.
Bin Tareaf, R., Berger, P., Hennig, P., Koall, S., Kohstall, J., Meinel, C.: Information Propagation Speed and Patterns in Social Networks: a Case Study Analysis of German Tweets.JCP 2018. pp. 761-770. ACM & Journal of Computer (ISSN: 1796-203X), Jeju Island, South Korea (2017).
In this paper, we present our experiences in analyzing Twitter data. The analysis has shown that information diffuses over time through the Twitter network in certain patterns. Furthermore, it has shown those friend relationships significantly influence the information propagation speed on Twitter. Since it was launched in 2006, the microblogging service grew tremendously. Tweets are sent by users all around the world. Results show that there are two major patterns. While these patterns accommodate us to understand the diffusion of information through Twitter in an even better plan, the analysis of friend networks provides information on who influences the network, concerning the number of re-tweets and the time between a tweet and its re-tweets. The approaches have been evaluated both technically, based on how certain a topic matches one of the patterns and how prominent friends are compared to other users, and conceptually, based on existing, well-known approaches in measuring the speed and scale of information diffusion on Twitter.
Staubitz, T., Teusner, R., Meinel, C.: Towards a Repository for Open Auto-Gradable Programming Exercises.2017 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE) (2017).
Auto-gradable hands-on programming exercises are a key element for scalable programming courses. A variety of auto-graders already exist, however, creating suitable high- quality exercises in a sufficient amount is a very time-consuming and tedious task. One way to approach this problem is to enable sharing auto-gradable exercises between several interested parties. School-teachers, MOOC1 instructors, workshop providers, and university level teachers need programming exercises to provide their students with hands-on experience. Auto-gradability of these exercises is an important requirement. The paper at hand introduces a tool that enables the sharing of such exercises and addresses the various needs and requirements of the different stakeholders.
Staubitz, T., Willems, C., Hagedorn, C., Meinel, C.: The gamification of a MOOC platform.2017 IEEE Global Engineering Education Conference (EDUCON). pp. 883-892 (2017).
Massive Open Online Courses (MOOCs) have left their mark on the face of education during the recent couple of years. At the Hasso Plattner Institute (HPI) in Potsdam, Germany, we are actively developing a MOOC platform, which provides our research with a plethora of e-learning topics, such as learning analytics, automated assessment, peer assessment, team-work, online proctoring, and gamification. We run several instances of this platform. On openHPI, we provide our own courses from within the HPI context. Further instances are openSAP, openWHO, and mooc.HOUSE, which is the smallest of these platforms, targeting customers with a less extensive course portfolio. In 2013, we started to work on the gamification of our platform. By now, we have implemented about two thirds of the features that we initially have evaluated as useful for our purposes. About a year ago we activated the implemented gamification features on mooc.HOUSE. They have been employed actively in the course “Design for Non-Designers”. We plan to activate the features on openHPI in the beginning of 2017. The paper at hand recaps, examines, and re-evaluates our initial recommendations.
Shaabani, N., Meinel, C.: Incremental Discovery of Inclusion Dependencies.Proceedings of the 29th International Conference on Scientific and Statistical Database Management (SSDBM'17). p. 2:1--2:12. ACM (2017).
Inclusion dependencies form one of the most fundamental classes of integrity constraints. Their importance in classical data management is reinforced by modern applications such as data profiling, data cleaning, entity resolution and schema matching. Their discovery in an unknown dataset is at the core of any data analysis effort. Therefore, several research approaches have focused on their efficient discovery in a given, static dataset. However, none of these approaches are appropriate for applications on dynamic datasets, such as transactional datasets, scientific applications, and social network. In these cases, discovery techniques should be able to efficiently update the inclusion dependencies after an update in the dataset, without reprocessing the entire dataset. We present the first approach for incrementally updating the unary inclusion dependencies. In particular, our approach is based on the concept of attribute clustering from which the unary inclusion dependencies are efficiently derivable. We incrementally update the clusters after each update of the dataset. Updating the clusters does not need to access the dataset because of special data structures designed to efficiently support the updating process. We perform an exhaustive analysis of our approach by applying it to large datasets with several hundred attributes and more than 116,200,000 million tuples. The results show that the incremental discovery significantly reduces the runtime needed by the static discovery. This reduction in the runtime is up to 99.9996 % for both the insert and the delete.
Amirkhanyan, A., Meinel, C.: Analysis of data from the Twitter account of the Berlin Police for public safety awareness.2017 IEEE 21st International Conference on Computer Supported Cooperative Work in Design (CSCWD). pp. 209-214 (2017).
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform: A Toolset.Proceedings of the Fourth (2017) ACM Conference on Learning @ Scale. p. 165--168. ACM, Cambridge, Massachusetts, USA (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course.Furthermore, today's jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the courses' teaching teams.
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States.Proceedings of the 22nd IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
Mayer, L., von Schmieden, K., Taheri, M., Meinel, C.: Supporting Design Thinking Education in Organizations With Digital Learning Units – A Testing Set-Up. Presented at the (2017).
This research note addresses the design and testing set-up of a prototype learning unit (protoLU). We explain the advantages of adapting Massive Open Online Courses (MOOCs) to digital learning units for professional working environments and introduce the use case for vocational design thinking trainings. Consequently, we describe the case of a protoLU created to support a physical, two-phase design thinking workshop. The protoLU aimed at refreshing participant knowledge, fostering skill transfer and to inspire through behavioral modeling. With our research set-up we intend to gather results for iterating the protoLU and learn more about the needs of design thinking learner teams in independent teamwork phases.
Gawron, M., Cheng, F., Meinel, C.: Automatic Vulnerability Classification using Machine Learning.Proceedings of the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS 2017). Springer (2017).
Amirkhanyan, A., Meinel, C.: Density and Intensity-Based Spatiotemporal Clustering with Fixed Distance and Time Radius. In: Kar, A.K., Ilavarasan, P.V., Gupta, M.P., Dwivedi, Y.K., Mäntymäki, M., Janssen, M., Simintiras, A., and Al-Sharhan, S. (eds.) Digital Nations -- Smart Cities, Innovation, and Sustainability: 16th IFIP WG 6.11 Conference on e-Business, e-Services, and e-Society, I3E 2017, Delhi, India, November 21--23, 2017, Proceedings. p. 313--324. Springer International Publishing, Cham (2017).
Nowadays, social networks produce a huge amount of spatial and spatiotemporal data that provide interesting knowledge. This knowledge can be discovered by clustering algorithms and the result of that can be used for different applications. One of such applications is the geospatial event detection based on data from social networks. Many of such detection methods rely on clustering algorithms that should provide clusters with the high level of density in space and intensity in time. Meanwhile, traditional clustering methods are not always practical for spatial and spatiotemporal data because of the specific of such data. Therefore, in this paper, we present the density and intensity-based spatiotemporal clustering algorithm with fixed distance and time radius. This approach produces the clusters that have the density-based center in space and intensity-based center in time. In the paper, we provide the description of the method from the perspective of 2 aspects: spatial and temporal. We complete the paper with the full description of the algorithm methods and detailed explanation of the pseudo code.
Perlich, A., Thienen, J. von, Meinel, C.: Establishing Therapeutic Alliance in Mental Health Care via Cooperative Documentation.Proceedings of the 16th World Congress on Medical and Health Informatics (MedInfo 2017) (2017).
In talk-based mental health interventions, treatment outcomes can be decisively improved by enhancing the relationship between patient and therapist. We developed the interactive documentation system Tele-Board MED (TBM) with the goal of supporting patients and doctors in their cooperative task of patient care. The system offers a whiteboard-inspired graphical user interface which allows them to take notes jointly during the treatment session. Two proxy studies were conducted whereby TBM was introduced in a role play that showcased the dialogue in a therapy session. The patient role was played by a volunteer. The audience of human-centered design as well as eHealth experts rated the therapist-patient relationship in a session with and without TBM. The data collected via questionnaires shows that TBM consistently receives a positive rating from study participants (N=36) in the areas of: collaboration, communication, patient-doctor relationship, as well as patient empowerment.
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language Identification Using Deep Convolutional Recurrent Neural Networks.International Conference on Neural Information Processing. Springer (2017).
Staubitz, T., Teusner, R., Meinel, C.: openHPI's Coding Tool Family: CodeOcean, CodeHarbor, CodePilot.Automatische Bewertung von Programmieraufgaben (ABP) (2017).
The Hasso Plattner Institute successfully runs a self-developed Massive Open Online Course (MOOC) platform—openHPI—since 2012. MOOCs, even more than classic classroom situations, depend on automated solutions to assess programming exercises. Manual evaluation is not an option due to the massive amount of users that participate in these courses. The paper at hand maps the landscape of tools that are used on openHPI in the context of automated grading of programming exercises. Furthermore, it provides a sneak preview to new features that will be integrated ion the near future. Particularly, we will introduce CodeHarbor, our platform to share auto-gradeable exercises between various online code execution platforms.
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Embedded Smart Home - Remote Lab Grading in a MOOC with over 6000 Participants.2017 Annual IEEE Systems Conference (SysCon). IEEE (2017).
The popularity of MOOCs has increased considerably in the last years. A typical MOOC course consists of video content, self tests after a video and homework, which is normally in multiple choice format. After solving this homeworks for every week of a MOOC, the final exam certificate can be issued when the student has reached a sufficient score. There are also some attempts to include practical tasks, such as programming, in MOOCs for grading. Nevertheless, until now there is no known possibility to teach embedded system programming in a MOOC course where the programming can be done in a remote lab and where grading of the tasks is additionally possible. This embedded programming includes communication over GPIO pins to control LEDs and measure sensor values. We started a MOOC course called ``Embedded Smart Home'' as a pilot to prove the concept to teach real hardware programming in a MOOC environment under real life MOOC conditions with over 6000 students. Furthermore, also students with real hardware have the possibility to program on their own real hardware and grade their results in the MOOC course. Finally, we evaluate our approach and analyze the student acceptance of this approach to offer a course on embedded programming. We also analyze the hardware usage and working time of students solving tasks to find out if real hardware programming is an advantage and motivating achievement to support students learning success.
Gawron, M., Cheng, F., Meinel, C.: PVD: Passive vulnerability detection.Proceedings of the 8th International Conference on Information and Communication Systems (ICICS 2017). pp. 322-327. IEEE (2017).
Seitz, K., Serth, S., Krentz, K.-F., Meinel, C.: Demo: Enabling En-Route Filtering for End-to-End Encrypted CoAP Messages.15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017). ACM, Delft, The Netherlands (2017).
IoT devices usually are battery-powered and directly connected to the Internet. This makes them vulnerable to so-called path-based denial-of-service (PDoS) attacks. For example, in a PDoS attack an adversary sends multiple Constrained Application Protocol (CoAP) messages towards an IoT device, thereby causing each IoT device along the path to expend energy for forwarding this message. Current end-to-end security solutions, such as DTLS or IPsec, fail to prevent such attacks since they only filter out inauthentic CoAP messages at their destination. This demonstration shows an approach to allow en-route filtering where a trusted gateway has all necessary information to check the integrity, decrypt and, if necessary, drop a message before forwarding it to the constrained mote. Our approach preserves precious resources of IoT devices in the face of path-based denial-of-service attacks by remote attackers.
Krentz, K.-F., Meinel, C., Graupner, H.: Countering Three Denial-of-Sleep Attacks on ContikiMAC.Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2017). Junction, Uppsala, Sweden (2017).
Like virtually all media access control (MAC) protocols for 802.15.4 networks, also ContikiMAC is vulnerable to various denial-of-sleep attacks. The focus of this paper is on countering three specific denial-of-sleep attacks on ContikiMAC, namely ding-dong ditching, pulse-delay attacks, and collision attacks. Ding-dong ditching is when attackers emit interference, inject frames, or replay frames so as to mislead ContikiMAC into staying in receive mode for extended periods of time and hence consuming much energy. Pulse-delay attacks are actually attacks on time synchronization, but can also be launched against ContikiMAC’s phase-lock optimization to cause an increased energy consumption. Lastly, in collision attacks, an attacker provokes retransmissions via jamming. In this paper, to counter these three kinds of denial-of-sleep attacks, we propose two optimizations to ContikiMAC. The dozing optimization, on the one hand, significantly reduces the energy consumption under ding-dong ditching. Beyond that, the dozing optimization helps during normal operation as it reduces the energy consumption of true wake ups, too. The secure phase-lock optimization, on the other hand, is a version of ContikiMAC’s phase-lock optimization that resists pulse-delay attacks. Additionally, the secure phase-lock optimization makes ContikiMAC resilient to collision attacks, as well as more energy efficient. We implemented and evaluated both optimizations using the Contiki operating system and OpenMotes.
Yang, H., Fritzsche, M., Bartz, C., Meinel, C.: BMXNet: An Open-Source Binary Neural Network Implementation Based on MXNet.Proceedings of the 2017 ACM on Multimedia Conference. ACM, New York, NY, USA (2017).
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States.IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-norm Unit for Brain Lesions Detection.International Conference on Neural Information Processing. Springer (2017).
Torkura, K.A., Sukmana, M.I.H., Cheng, F., Meinel, C.: Leveraging Cloud Native Design Patterns for Security-as-a-Service Applications.Proceedings of the 2nd IEEE International Conference on Smart Cloud (SmartCloud). IEEE (2017).
This paper discusses a new approach for designing and deploying Security-as-a-Service (SecaaS) applications using cloud native design patterns. Current SecaaS approaches do not efficiently handle the increasing threats to computer systems and applications. For example, requests for security assessments drastically increase after a high-risk security vulnerability is disclosed. In such scenarios, SecaaS applications are unable to dynamically scale to serve requests. A root cause of this challenge is employment of architectures not specifically fitted to cloud environments. Cloud native design patterns resolve this challenge by enabling certain properties e.g. massive scalability and resiliency via the combination of microservice patterns and cloud-focused design patterns. However adopting these patterns is a complex process, during which several security issues are introduced. In this work, we investigate these security issues, we redesign and deploy a monolithic SecaaS application using cloud native design patterns while considering appropriate, layered security counter-measures i.e. at the application and cloud networking layer. Our prototype implementation out-performs traditional, monolithic applications with an average Scanner Time of 6 minutes, without compromising security. Our approach can be employed for designing secure, scalable and performant SecaaS applications that effectively handle unexpected increase in security assessment requests.
Seitz, K., Serth, S., Krentz, K.-F., Meinel, C.: Demo: Enabling En-Route Filtering for End-to-End Encrypted CoAP Messages.Proceedings of the 15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017). ACM Press, New York, NY, USA (2017).
IoT devices usually are battery-powered and directly connected to the Internet. This makes them vulnerable to so-called path-based denial-of-service (PDoS) attacks. For example, in a PDoS attack an adversary sends multiple Constrained Application Protocol (CoAP) messages towards an IoT device, thereby causing each IoT device along the path to expend energy for forwarding this message. Current end-to-end security solutions, such as DTLS or IPsec, fail to prevent such attacks since they only filter out inauthentic CoAP messages at their destination. This demonstration shows an approach to allow en-route filtering where a trusted gateway has all necessary information to check the integrity, decrypt and, if necessary, drop a message before forwarding it to the constrained mote. Our approach preserves precious resources of IoT devices in the face of path-based denial-of-service attacks by remote attackers.
Xiaoyin Che, S.L., Meinel, C.: An attempt at mooc localization for chinese-speaking users.International Journal of Information and Education Technology, Volume 6, Number 2. pp. 90-96 (2016).
Abstract—“Internetworking with TCP/IP” is a massive open online course (MOOC) provided by Germany-based MOOC platform “openHPI”, which has been offered in German, English and – recently – Chinese respectively, with similar content. In this paper, the authors, who worked jointly as a teacher (or as teaching assistants) in this course, want to share their ideas derived from daily teaching experiences, analysis of the statistics, comparison between the performance in different language offers and the feedback from user questionnaires. Additionally, the motivation, attempt and suggestion at MOOC localization will also be discussed.
Yang, H., Wang, C., Bartz, C., Meinel, C.: SceneTextReg: A Real-Time Video OCR System.Proceedings of the 2016 ACM on Multimedia Conference. p. 698--700. ACM, Amsterdam, The Netherlands (2016).
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Enhance Embedded System E-learning Experience with Sensors.2016 IEEE Global Engineering Education Conference (EDUCON). pp. 175-183. IEEE (2016).
Earlier research shows that using an embedded LED system motivates students to learn programming languages in massive open online courses (MOOCs) efficiently. Since this earlier approach was very successful the system should be improved to increase the learning experience for students during programming exercises. The problem of the current system is that only a static image was shown on the LED matrix controlled by students’ array programming over the embedded system. The idea of this paper to change this static behavior into a dynamic display of information on the LED matrix by the use of sensors which are connected with the embedded system. For this approach a light sensor and a temperature sensor are connected to an analog-to-digital converter (ADC) port of the embedded system. These sensors' values can be read by the students to compute the correct output for the LED matrix. The result is captured and sent back to the students for direct feedback. Furthermore, unit tests can be used to automatically evaluate the programming results. The system was evaluated during a MOOC course about web technologies using JavaScript. Evaluation results are taken from the student’s feedback and an evaluation of the students’ code executions on the system. The positive feedback and the evaluation of the students’ executions, which shows a higher amount of code executions compared to standard programming tasks and the fact that students solving these tasks have overall better course results, highlight the advantage of the approach. Due to the evaluation results, this approach should be used in e-learning e.g. MOOCs teaching programming languages to increase the learning experience and motivate students to learn programming.
Sukmana, M., Meinel, C.: e-Government and Security Evaluation Tools Comparison for Indonesian e-Government System.Proceedings of the 4th International Conference on Information and Network Security. p. 96--103. ACM (2016).
Bauer, M., Malchow, M., Staubitz, T., Meinel, C.: Improving Collaborative Learning With Video Lectures.INTED2016 Proceedings. 10th International Technology, Education and Development ConferenceValencia, Spain. 7-9 March, 2016. pp. 5511-5517. IATED (2016).
We have addressed the problems of independent e-lecture learning with an approach involving collaborative learning with lecture recordings. In order to make this type of learning possible, we have prototypically enhanced the video player of a lecture video platform with functionality that allows simultaneous viewing of a lecture on two or more computers. While watching the video, synchronization of the playback and every click event, such as play, pause, seek, and playback speed adjustment can be carried out. We have also added the option of annotating slides. With this approach, it is possible for learners to watch a lecture together, even though they are in different places. In this way, the benefits of collaborative learning can also be used when learning online. Now, it is more likely that learners stay focused on the lecture for a longer time (as the collaboration creates an additional obligation not to leave early and desert a friend). Furthermore, the learning outcome is higher because learners can ask their friends questions and explain things to each other as well as mark important points in the lecture video.
Staubitz, T., Teusner, R., Renz, J., Meinel, C.: First Steps in Automated Proctoring.Proceedings of the Fourth MOOC European Stakeholders Summit (EMOOCs 2016). P.A.U (2016).
Che, X., Staubitz, T., Yang, H., Meinel, C.: Pre-Course Key Segment Analysis of Online Lecture Videos.Proceedings of The 16th IEEE International Conference on Advanced Learning Technology (ICALT2016). , Austin, Texas, USA (2016).
In this paper we propose a method to evaluate the importance of lecture video segments in online courses. The video will be first segmented based on the slide transition. Then we evaluate the importance of each segment based on our analysis of the teacher’s focus. This focus is mainly identified by exploring features in the slide and the speech. Since the whole analysis process is based on multimedia materials, it could be done before the official start of the course. By setting survey questions and collecting forum statistics in the MOOC “Web Technologies”, the proposed method is evaluated. Both the general trend and the high accuracy of selected key segments (over 70%) prove the effectiveness of the proposed method.
Staubitz, T., Brehm, M., Jasper, J., Werkmeister, T., Teusner, R., Willems, C., Renz, J., Meinel, C.: Vagrant Virtual Machines for Hands-On Exercises in Massive Open Online Courses.Smart Education and e-Learning 2016. p. 363--373. Springer International Publishing (2016).
In many MOOCs hands-on exercises are a key component. Their format must be deliberately planned to satisfy the needs of a more and more heterogeneous student body. At the same time, costs have to be kept low for maintenance and support on the course provider’s side. The paper at hand reports about our experiments with a tool called Vagrant in this context. It has been successfully employed for use cases similar to ours and thus promises to be an option for achieving our goals.
Renz, J., Hoffmann, D., Staubitz, T., Meinel, C.: Using A/B Testing in MOOC Environments.Proceedings of the 6th International Conference on Learning Analytics and Knowledge (LAK2016). SOLAR (2016).
Staubitz, T., Petrick, D., Bauer, M., Renz, J., Meinel, C.: Improving the Peer Assessment Experience on MOOC Platforms.Proceedings of ACM Learning at Scale Conference (L@S2016). ACM (2016).
Massive Open Online Courses (MOOCs) have revolutionized higher education by offering university-like courses for a large amount of learners via the Internet. The paper at hand takes a closer look on peer assessment as a tool for delivering individualized feedback and engaging assignments to MOOC participants. Benefits, such as scalability for MOOCs and higher order learning, and challenges, such as grading accuracy and rogue reviewers, are described. Common practices and the state-of-the-art to counteract challenges are highlighted. Based on this research, the paper at hand describes a peer assessment workflow and its implementation on the openHPI and openSAP MOOC platforms. This workflow combines the best practices of existing peer assessment tools and introduces some small but crucial improvements.
Staubitz, T., Teusner, R., Renz, J., Meinel, C.: Automatisierte Online-Aufsicht im Kontext der Wertigkeit von Zertifikaten einer MOOC Plattform.DeLFI 2016 - Die 14. E-Learning Fachtagung Informatik, 11.-14. September 2016, Potsdam. p. 125--136 (2016).
Die Glaubwürdigkeit und Überprüfbarkeit der Zertifikate ist ein wesentlicher Bestandteil von jeglicher Form von zertifiziertem Training. Diese Aussage gilt natürlich auch für MOOCs. In diesem Kontext kommt allerdings erschwerend hinzu, dass eine individuelle, persönliche Beaufsichtigung der Prüfungen tausender TeilnehmerInnen offline nur schwer zu realisieren ist. Es wird daher eine Technik benötigt, diese Beaufsichtigung online durchzuführen, um die Vertrauenswürdigkeit oder Wertigkeit dieser Zertifikate zu erhöhen. In dieser Studie vergleichen wir verschiedene Spielarten der Online-Aufsicht. Wir stellen die Ergebnisse einiger Umfragen unter unseren TeilnehmerInnen, die sich mit deren Sicht bezüglich der Wertigkeit der Zertifikate befassen, vor und bewerten die Aussagen in unserem Kontext. Schließlich stellen wir ein Experiment vor, das wir mit einer neuen Variante der Online-Aufsicht durchgeführt haben. Anstatt sich auf menschliche Augen zu verlassen, wird ein automatisierter Abgleich des Gesichts vor der Kamera mit einem hinterlegten Bild durchgeführt, um zu überprüfen ob die angemeldete TeilnehmerIn auch die ist, die die Prüfung ablegt.
Staubitz, T., Teusner, R., Prakash, N., Meinel, C.: Cellular Automata as Basis for Programming Exercises in a MOOC on Testdriven Development.IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE2016). IEEE (2016).
Programming tasks are an important part of teaching computer programming as they foster students to develop essential programming skills and techniques through practice. The design of educational problems plays a crucial role in the extent to which the experiential knowledge is imparted to the learner both in terms of quality and quantity. Badly designed tasks have been known to put-off students from practicing programming. Hence, there is a need for carefully designed problems. Cellular Automata programming lends itself as a very suitable candidate among problems designed for programming practice. In this paper we describe how various types of problems can be designed using concepts from Cellular Automata and discuss the features which make them good practice problems with regard to instructional pedagogy. We also present a case study on a Cellular Automata programming exercise used in a MOOC on Test Driven Development using JUnit, and discuss the automated evaluation of code submissions and the feedback about the reception of this exercise by participants in this course.
Sianipar, J., Willems, C., Meinel, C.: Crowdsourcing Virtual Laboratory Architecture on Hybrid Cloud.INTED2016 Proceedings. 10th International Technology, Education and Development Conference Valencia, Spain. 7-9 March, 2016. pp. 2940-2949. IATED (2016).
Virtual Laboratory is needed for practical, hands-on exercises in e-learning courses. The E-learning system needs to provide a specific laboratory environment for a specific learning unit. A Virtual laboratory system with a high requirements learning units, is struggling in serving a large number of users, because the available hardware resources are limited and the budget to provide more resources is low. The number of e-Learning users that simultaneously access the virtual laboratory is varied. In this paper, we propose an architecture of a virtual laboratory system for a large number of users. A person or a company can contribute in providing hardware resources in crowdsourcing manner. This system uses Hybrid cloud platform to be able to scale out and scale in rapidly. The architecture is able to expand by receiving more hardware resources from a person or a company that is willing to contribute. The resources can be anywhere but must be connected to the Internet. For example, if a user has a Virtual Machine (VM) in the cloud or in his own bare metal system connected to the Internet, he can integrate his VM into the Virtual laboratory system. Because the e-learning system is a non-profit system, we assumed that some users and companies are willing to contribute. We use Tele-lab architecture as a based to create the proposed architecture. The Tele-lab is a virtual laboratory for Internet Security e-learning. The Tele-lab uses a private cloud (openNebula) to provide VMs and Containers that are used to represent hosts in a Virtual laboratory. In our architecture as also in the Tele-Lab, there is a frontend and a backend. The frontend is providing an interface to the users. In our architecture, we focus on the backend to be able to provide a virtual laboratory that can serve a large number of users. In the architecture, we use a middleware to provide a communication between a private cloud and a public cloud and also communication between the Virtual laboratory system and the resources that belong to the crowd. This work is part of the continuous improvement on Tele-Lab to make it more reliable and more scalable. We are heading toward using Tele-Lab in the implementation of Massive Open Online Course (MOOC)
Rantzsch, H., Yang, H., Meinel, C.: Signature Embedding: Writer Independent Offline Signature Verification with Deep Metric Learning. In: Bebis, G., Boyle, R., Parvin, B., Koracin, D., Porikli, F., Skaff, S., Entezari, A., Min, J., Iwai, D., Sadagic, A., Scheidegger, C., and Isenberg, T. (eds.) Advances in Visual Computing: 12th International Symposium, ISVC 2016, Las Vegas, NV, USA, December 12-14, 2016, Proceedings, Part II. p. 616--625. Springer International Publishing, Cham (2016).
The handwritten signature is widely employed and accepted as a proof of a person's identity. In our everyday life, it is often verified manually, yet only casually. As a result, the need for automatic signature verification arises. In this paper, we propose a new approach to the writer independent verification of offline signatures. Our approach, named Signature Embedding, is based on deep metric learning. Comparing triplets of two genuine and one forged signature, our system learns to embed signatures into a high-dimensional space, in which the Euclidean distance functions as a metric of their similarity. Our system ranks best in nearly all evaluation metrics from the ICDAR SigWiComp 2013 challenge. The evaluation shows a high generality of our system: being trained exclusively on Latin script signatures, it outperforms the other systems even for signatures in Japanese script.
Staubitz, T., Klement, H., Teusner, R., Renz, J., Meinel, C.: CodeOcean - A Versatile Platform for Practical Programming Excercises in Online Environments.Proceedings of IEEE Global Engineering Education Conference (EDUCON2016). IEEE (2016).
Wang, C., Yang, H., Bartz, C., Meinel, C.: Image Captioning with Deep Bidirectional LSTMs.Proceedings of the 2016 ACM on Multimedia Conference. p. 988--997. ACM, Amsterdam, The Netherlands (2016).
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Pushing the Limits of Cyber Threat Intelligence: Extending STIX to Support Complex Patterns.Information Technology: New Generations: 13th International Conference on Information Technology. p. 213--225. Springer (2016).
Wang, C., Yang, H., Meinel, C.: Exploring multimodal video representation for action recognition.2016 International Joint Conference on Neural Networks (IJCNN). pp. 1924-1931 (2016).
Ussath, M., Cheng, F., Meinel, C.: Insights into Encrypted Network Connections: Analyzing Remote Desktop Protocol Traffic.Proceedings of the 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP 2016). p. 585--589. IEEE (2016).
Rezaei, M., Yang, H., Meinel, C.: Brain Abnormality Detection by Deep Convolutional Neural Network.arXiv preprint arXiv:1708.05206. (2016).
Renz, J., Navarro-Suarez, G., Sathi, R., Staubitz, T., Meinel, C.: Enabling Schema Agnostic Learning Analytics in a Service-Oriented MOOC Platform.Proceedings of ACM Learning at Scale Conference (L@S2016). ACM (2016).
Ussath, M., Jaeger, D., Cheng, F., Meinel, C.: Advanced Persistent Threats: Behind the Scenes.Proceedings of the 50th Annual Conference on Information Sciences and Systems (CISS 2016). p. 181--186. IEEE (2016).
Ussath, M., Cheng, F., Meinel, C.: Event Attribute Tainting: A New Approach for Attack Tracing and Event Correlation.Proceedings of the 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS 2016). p. 509--515. IEEE (2016).
Luo, S., Yang, H., Wang, C., Che, X., Meinel, C.: Real-time action recognition in surveillance videos using ConvNets.International Conference on Neural Information Processing. pp. 529-537. Springer (2016).
The explosive growth of surveillance cameras and its 7 * 24 recording period brings massive surveillance videos data. Therefore how to efficiently retrieve the rare but important event information inside the videos is eager to be solved. Recently deep convolutinal networks shows its outstanding performance in event recognition on general videos. Hence we study the characteristic of surveillance video context and propose a very competitive ConvNets approach for real-time event recognition on surveillance videos. Our approach adopts two-steam ConvNets to respectively recognition spatial and temporal information of one action. In particular, we propose to use fast feature cascades and motion history image as the template of spatial and temporal stream. We conducted our experiments on UCF-ARG and UT-interaction dataset. The experimental results show that our approach acquires superior recognition accuracy and runs in real-time.
Ambassa, P.L., Wolthusen, S.D., Kayem, A.V.D.M., Meinel, C.: Physical Attestation and Authentication to Detect Cheating in Resource Constrained Smart Microgrids.In Proceedings, 2nd Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems (CyberICPS 2016), September 26-30, 2016, Heraklion, Greece (2016).
We present a physical attestation and authentication approach to detecting cheating in resource constrained smart micro-grids. A multi-user smart microgrid (SMG) architecture supported by a low cost and unreliable communications network, forms our application scenario. In this scenario, a malicious adversary can cheat by manipulating the measured power consumption/generation data. In doing so, the reward is access to more than the per user allocated power quota. Cheating discourages user participation and results in grid destabilisation and a breakdown of the grid in the worst case. Detecting cheating attacks is thus essential for secure and resilient SMG but also a challenging problem.We develop a cheating detection scheme that integrates the idea of physical attestation to assess whether the SMG system is under attack. Subsequently, we support our scheme with an authentication mechanism based on control signals to uniquely identify node subversion. A theoretical analysis demonstrates the efficiency and correctness of our proposed scheme for constrained SMGs.
Musavi, S.M.B., Mohammad Ghasemzadeh, C.M.: Geometric Design by Interactive and Evolutionary Design Methods.VII European Congress of Methodology, Palma de Mallorca, Balearic Islands (Spain). p. 47 (2016).
Luo, S., Yang, H., Wang, C., Che, X., Meinel, C.: Action Recognition in Surveillance Video Using ConvNets and Motion History Image.Artificial Neural Networks and Machine Learning – ICANN 2016. pp. 187-195. Springer (2016).
With significant increasing of surveillance cameras, the amount of surveillance videos is growing rapidly. Thereby how to automatically and efficiently recognize semantic actions and events in surveillance videos becomes an important problem to be addressed. In this paper, we investigate the state-of-the-art Deep Learning (DL) approaches for human action recognition, and propose an improved two-stream ConvNets architecture for this task. In particular, we propose to use Motion History Image (MHI) as motion expression for training the temporal ConvNet, which achieved impressive results in both accuracy and recognition speed. In our experiment, we conducted an in-depth study to investigate important network options and compared to the latest deep network for action recognition. The detailed evaluation results show the superior ability of our proposed approach, which achieves state-of-the-art in surveillance video context.
Ussath, M., Cheng, F., Meinel, C.: Automatic Multi-Step Signature Derivation from Taint Graphs.Proceedings of the 2016 IEEE Symposium Series on Computational Intelligence (SSCI 2016). p. 1--8. IEEE (2016).
Perlich, A., Meinel, C.: Patient-provider teamwork via cooperative note taking on Tele-Board MED.Exploring Complexity in Health: An Interdisciplinary Systems Approach (Proceedings of MIE2016 at HEC2016) (2016).
There is significant, unexploited potential to improve the patients’ engagement in psychotherapy treatment through technology use. We develop Tele-Board MED (TBM), a digital tool to support documentation and patient-provider collaboration in medical encounters. Our objective is the evaluation of TBM's practical effects on patient-provider relationships and patient empowerment in the domain of talk-based mental health interventions. We tested TBM in individual therapy sessions at a psychiatric ward using action research methods. The qualitative results in form of therapist observations and patient stories show an increased acceptance of diagnoses and patient-therapist bonding. We compare the observed effects to patient-provider relationship and patient empowerment models. We can conclude that the functions of TBM – namely that notes are shared and cooperatively taken with the patient, that diagnostics and treatment procedures are depicted via visuals and in plain language, and that patients get a copy of their file – lead to increased patient engagement and an improved collaboration, communication and integration in consultations.
Amirkhanyan, A., Meinel, C.: Visualization and Analysis of Public Social Geodata to Provide Situational Awareness.Proceedings of the 8th International Conference on Advanced Computational Intelligence (ICACI2016). IEEE, Chiang Mai, Thailand (2016).
Nowadays, social networks are an essential part of modern life. People posts everything what happens with them and what happens around them. The amount of data, producing by social networks, increases dramatically every year and users more often post geo-tagged messages. It gives us more possibilities for visualization and analysis of social data, since we can be interested not only in the content of the message but also in the location, from where this message was posted. We aimed to use public social data from location-based social networks to improve situational awareness. In the paper, we show our approach of handling in real-time geodata from Twitter and providing the advanced methods for visualization, analysis, searching and statistics, in order to improve situational awareness.
Jaeger, D., Pelchen, C., Graupner, H., Cheng, F., Meinel, C.: Analysis of Publicly Leaked Credentials and the Long Story of Password (Re-)use.Proceedings of the 11th International Conference on Passwords (PASSWORDS2016). Springer, Bochum, Germany (2016).
Renz, J., Schwerer, F., Meinel, C.: openSAP: Evaluating xMOOC Usage and Challenges for Scalable and Open Enterprise Education.Proceedings of the Eighth International Conference on E-Learning in the Workplace (2016).
Hemati, H.R., Mohammad Ghasemzadeh, C.M.: A Hybrid Machine Learning Method for Intrusion Detection.International Journal of Engineering (IJE). pp. 1242-1246. IJE (2016).
Data security is an important area of concern for every computer system owner. An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Already various techniques of artificial intelligence have been used for intrusion detection. The main challenge in this area is the running speed of the available implementations. In this research work, we present a hybrid approach which is based on the “linear discernment analysis” and the “extreme learning machine” to build a tool for intrusion detection. In the proposed method, the linear discernment analysis is used to reduce the dimensions of data and the extreme learning machine neural network is used for data classification. This idea allowed us to benefit from the advantages of both methods. We implemented the proposed method on a microcomputer with core i5 1.6 GHz processor by using machine learning toolbox. In order to evaluate the performance of the proposed method, we run it on a comprehensive data set concerning intrusion detection. The data set is called KDD, which is a version of the data set DARPA presented by MIT Lincoln Labs. The experimental results were organized in related tables and charts. Analysis of the results show meaningful improvements in intrusion detection. In general, compared to the existing methods, the proposed approach works faster with higher accuracy.
Amirkhanyan, A., Meinel, C.: Analysis of the Value of Public Geotagged Data from Twitter from the Perspective of Providing Situational Awareness.Proceedings of the 15th IFIP Conference on e-Business, e-Services and e-Society (I3E2016) - Social Media: The Good, the Bad, and the Ugly. Springer, Swansea, Wales, UK (2016).
In the era of social networks, we have a huge amount of social geotagged data that reflect the real world. These data can be used to provide or to enhance situational and public safety awareness. It can be reached by the way of analysis and visualization of geotagged data that can help to better understand the situation around and to detect local geo-spatial threats. One of the challenges in the way of reaching this goal is providing valuable statistics and advanced methods for filtering data. Therefore, in the scope of this paper, we collect sufficient amount of public social geotagged data from Twitter, build different valuable statistics and analyze them. Also, we try to find valuable parameters and propose the useful filters based on these parameters that can filter data from invaluable data and, by this way, support analysis of geotagged data from the perspective of providing situational awareness.
Khazaei, A., Mohammad Ghasemzadeh, C.M.: Solution Prediction for Vulnerabilities using Textual Data.13th International Conference on Applied Computing , University of Mannheim, Germany. pp. 200-204 (2016).
This paper reports an in progress research project. Each year many software vulnerabilities are discovered and reported. These vulnerabilities can lead to system exploitations and consequently finance and information losses. Soon after detection of vulnerabilities, requests for solutions arise. Usually it takes some time and effort until an effective solution is provided. Therefore it is very desirable to have an automated vulnerability solution predictor. In this paper we introduce an effective approach to achieve such a predictive system. In the first step, by using text mining techniques, we extract some features from the available textual data concerning vulnerabilities. Due to the pattern of the existing overlap between different categories of vulnerabilities and their solutions, we found the overlapping clustering algorithm to be the most suitable method to cluster them. After that, we attempt to find the existing relationship among the obtained clusters. In the last step, we benefit from machine learning methods to construct the requested solution predictor. In our approach we propose an automated quick workaround solution, in workaround solutions, users do not need to wait for a patch or a new version of software but they bypass a problem caused by vulnerability with additional effort to avoid its damages.
Wenzel, M., Klinger, A., Meinel, C.: Tele-Board Prototyper - Distributed 3D Modeling in a Web-Based Real-Time Collaboration System.2016 International Conference on Collaboration Technologies and Systems. pp. 447-453. IEEE (2016).
Prototypes help people to externalize their ideas and are a basic element for gathering feedback on an early product design. Prototyping is oftentimes a team-based method traditionally involving physical and analog tools. At the same time, collaboration among geographically dispersed team members becomes more and more standard practice for companies and research teams. Therefore, a growing need arises for collaborative prototyping environments. We present a standards compliant, web browser-based real-time remote 3D modeling system. We utilize cross-platform WebGL rendering API for hardware accelerated visualization of 3D models. Synchronization relies on WebSocket-based message interchange over a centralized Node.js real-time collaboration server. In a first co-located user test, participants were able to rebuild physical prototypes without having prior knowledge of the system. This way, the provided system design and its implementation can serve as a basis for visual real-time collaboration systems available across a multitude of hardware devices.
Wenzel, M., Meinel, C.: Full-Body WebRTC Video Conferencing in a Web-Based Real-Time Collaboration System.Proceedings of the 2016 IEEE 20th International Conference on Computer Supported Cooperative Work in Design. pp. 334-339. IEEE (2016).
Remote collaboration systems are a necessity for geographically dispersed teams in achieving a common goal. Realtime groupware systems frequently provide a shared workspace where users interact with shared artifacts. However, a shared workspace is often not enough for maintaining the awareness of other users. Video conferencing can create a visual context simplifying the user’s communication and understanding. In addition, flexible working modes and modern communication systems allow users to work at any time at any location. It is therefore desirable that a groupware system can run on users’ everyday devices, such as smartphones and tablets, in the same way as on traditional desktop hardware. We present a standards compliant, web browser-based realtime remote collaboration system that includes WebRTC-based video conferencing. It allows a full-body video setup where everyone can see what other participants are doing and where they are pointing in the shared workspace. In contrast to standard WebRTC’s peer-to-peer architecture, our system implements a star topology WebRTC video conferencing. In this way, our solution improves network bandwidth efficiency from a linear to a constant network upstream consumption.
Alibabaie, N., Mohammad Ghasemzadeh, C.M.: A variant of genetic algorithm for non-homogeneous population.International Conference on Applied Mathematics, Computational Science and Systems Engineering , Sapienza University, Italy-Rome (2016).
Selection of initial points, the number of clusters and finding proper clusters centers are still the main challenge in clustering processes. In this paper, we suggest genetic algorithm based method which searches several solution spaces simultaneously. The solution spaces are population groups consisting of elements with similar structure. Elements in a group have the same size, while elements in different groups are of different sizes. The proposed algorithm processes the population in groups of chromosomes with one gene, two genes to k genes. These genes hold corresponding information about the cluster centers. In the proposed method, the crossover and mutation operators can accept parents with different sizes, this can lead to versatility in population and information transfer among sub-populations. We implemented the proposed method and evaluated its performance against some random datasets and the Ruspini dataset as well. The experimental results show that the proposed method could effectively determine the appropriate number of clusters and recognize their centers. Overall this research implies that using heterogeneous population in the genetic algorithm can lead to better results.
Kayem, A.V.D.M., Vester, C.T., Meinel, C.: Automated k-Anonymization and l-Diversity for Shared Data Privacy.In Proceedings, 27th International Conference on Database and Expert Systems Applications, DEXA 2016, Porto, Portugal, September 5-8, 2016, Part I. p. 105--120. Springer (2016).
Analyzing data is a cost-intensive process, particularly for organizations lacking the necessary in-house human and computational capital. Data analytics outsourcing offers a cost-effective solution, but data sensitivity and query response time requirements, make data protection a necessary pre-processing step. For performance and privacy reasons, anonymization is preferred over encryption. Yet, manual anonymization is time-intensive and error-prone. Automated anonymization is a better alternative but requires satisfying the conflicting objectives of utility and privacy. In this paper, we present an automated anonymization scheme that extends the standard k-anonymization and l-diversity algorithms to satisfy the dual objectives of data utility and privacy. We use a multi-objective optimization scheme that employs a weighting mechanism, to minimise information loss and maximize privacy. Our results show that automating l-diversity results in an added average information loss of 7 % over automated k-anonymization, but in a diversity of between 9–14 % in comparison to 10–30 % in k-anonymised datasets. The lesson that emerges is that automated l-diversity offers better privacy than k-anonymization and with negligible information loss.
Che, X., Luo, S., Yang, H., Meinel, C.: Sentence Boundary Detection Based on Parallel Lexical and Acoustic Models.Proceedings of Interspeech 2016. pp. 257-261. , San Francisco, CA, USA (2016).
In this paper we propose a solution that detects sentence boundary from speech transcript. First we train a pure lexical model with deep neural network, which takes word vectors as the only input feature. Then a simple acoustic model is also prepared. Because the models work independently, they can be trained with different data. In next step, the posterior probabilities of both lexical and acoustic models will be involved in a heuristic 2-stage joint decision scheme to classify the sentence boundary positions. This approach ensures that the models can be updated or switched freely in actual use. Evaluation on TED Talks shows that the proposed lexical model can achieve good results: 75.5% accuracy on error-involved ASR transcripts and 82.4% on error-free manual references. The joint decision scheme can further improve the accuracy by 3�~10% when acoustic data is available.
Sianipar, J., Willems, C., Meinel, C.: A Container based Virtual Laboratory for Internet Security e-Learning.International Journal of Learning and Teaching. IJLT. p. 121--128 (2016).
Malchow, M., Renz, J., Bauer, M., Meinel, C.: Improved E-learning Experience with Embedded LED System.2016 Annual IEEE Systems Conference (SysCon). IEEE (2016).
During the last years, e-learning has become more and more important. There are several approaches like teleteaching or MOOCs to delivers knowledge information to the students on different topics. But, a major problem most learning platforms have is, students often get demotivated fast. This is caused e.g. by solving similar tasks again and again, and learning alone on the personal computer. To avoid this situation in coding-based courses one possible way could be the use of embedded devices. This approach increases the practical programming part and should push motivation to the students. This paper presents a possibility to the use of embedded systems with an LED panel to motivate students to use programming languages and solve the course successfully. To analyze the successfulness of this approach, it was tested within a MOOC called "Java for beginners" with 11,712 participants. The result was evaluated by personal feedback of the students and user data was analyzed to measure the acceptance and motivation of students by solving the embedded system tasks. The result shows that the approach is well accepted by the students and they are more motivated by tasks with real hardware support.
Bauer, M., Malchow, M., Staubitz, T., Meinel, C.: Improving Collaborative Learning With Video Lectures.INTED2016 Proceedings. 10th International Technology, Education and Development Conference Valencia, Spain. 7-9 March, 2016. pp. 5511-5517. IATED (2016).
We have addressed the problems of independent e-lecture learning with an approach involving collaborative learning with lecture recordings. In order to make this type of learning possible, we have prototypically enhanced the video player of a lecture video platform with functionality that allows simultaneous viewing of a lecture on two or more computers. While watching the video, synchronization of the playback and every click event, such as play, pause, seek, and playback speed adjustment can be carried out. We have also added the option of annotating slides. With this approach, it is possible for learners to watch a lecture together, even though they are in different places. In this way, the benefits of collaborative learning can also be used when learning online. Now, it is more likely that learners stay focused on the lecture for a longer time (as the collaboration creates an additional obligation not to leave early and desert a friend). Furthermore, the learning outcome is higher because learners can ask their friends questions and explain things to each other as well as mark important points in the lecture video.
Che, X., Wang, C., Yang, H., Meinel, C.: Punctuation Prediction for Unsegmented Transcript Based on Word Vector.Proceedings of the Tenth International Conference on Language Resources and Evaluation (LREC 2016). pp. 654-658. , Portorož, Slovenia (2016).
In this paper we propose an approach to predict punctuation marks for unsegmented speech transcript. The approach is purely lexical, with pre-trained Word Vectors as the only input. A training model of Deep Neural Network (DNN) or Convolutional Neural Network (CNN) is applied to classify whether a punctuation mark should be inserted after the third word of a 5-words sequence and which kind of punctuation mark the inserted one should be. TED talks within IWSLT dataset are used in both training and evaluation phases. The proposed approach shows its effectiveness by achieving better result than the state-of-the-art lexical solution which works with same type of data, especially when predicting puncuation position only.
Shaabani, N., Meinel, C.: Detecting Maximum Inclusion Dependencies without Candidate Generation.Database and Expert Systems Applications: 27th International Conference, DEXA 2016, Porto, Portugal, September 5-8, 2016, Proceedings, Part II. p. 118--133 (2016).
Inclusion dependencies (INDs) within and across databases are an important relationship for many applications in data integration, schema (re-)design, integrity checking, or query optimization. Existing techniques for detecting all INDs need to generate IND candidates and test their validity in the given data instance. However, the major disadvantage of this approach is the exponentially growing number of data accesses in terms of the number of SQL queries as well as I/O operations. We introduce Mind2, a new approach for detecting n-ary INDs (n > 1) without any candidate generation. Mind2 implements a new characterization of the maximum INDs we developed in this paper. This characterization is based on set operations defined on certain metadata that Mind2generates by accessing the database only 2 x the number of valid unary INDs. Thus, Mind2 eliminates the exponential number of data accesses needed by existing approaches. Furthermore, the experiments show that Mind2 is significantly more scalable than hypergraph-based approaches.
Ambassa, P.L., Kayem, A.V.D.M., Wolthusen, S.D., Meinel, C.: Privacy Violations in Constrained Micro-Grids: Adversarial Cases.In Proceedings of the 30th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA 2016), March 23-25, 2016, Crans-Montana, Switzerland. p. 601-- 606 (2016).
Smart micro-grid architectures are small scale electricity provision networks composed of individual electricity providers and consumers. Supporting micro-grids with computationally limited devices, is a cost-effective approach to service provisioning in resource-limited settings. However, the limited availability of real time measurements and the unreliable communication network makes the use of Advanced Metering Infrastructure (AMI) for monitoring and control a challenging problem. Grid operation and stability are therefore reliant on inaccurate and incomplete information. Consequently, data gathering and analytics raise privacy concerns for grid users, which is undesirable. In this paper, we study adversarial scenarios for the privacy violations on micro-grids. We consider two types of privacy threats in constrained micro-grids, namely inferential and aggregation attacks. The reason is that both attacks capture scenarios that can be used to provoke energy theft and destabilize the grid. Grid destabilzation leads to distrust between suppliers and consumers. This work provides a roadmap towards a secure and resilient smart micro-grid energy networks.
Torkura, K., Meinel, C.: Towards Vulnerability Assessment as a Service in OpenStack Clouds.Proceedings of the 41st IEEE Conference on Local Computer Networks (LCN). IEEE, Dubai, UAE (2016).
Efforts towards improving security in cloud infrastructures recommend regulatory compliance approaches such as HIPAA and PCI DSS. Similarly, vulnerability assessments are imperatives for fulfilling these regulatory compliance requirements. Nevertheless, conducting vulnerability assessments in cloud environments requires approaches different from those found in traditional computing. Factors such as multi-tenancy, elasticity, self-service and cloud-specific vulnerabilities must be considered. Furthermore, the Anything-as-a-Service model of the cloud stimulates security automation and user-intuitive services. In this paper, we tackle the challenge of efficient vulnerability assessments at the system level, in particular for core cloud applications.Within this scope, we focus on the use case of a cloud administrator. We believe the security of the underlying cloud software is crucial to the overall health of a cloud infrastructure since these are the foundations upon which other applications within the cloud function. We demonstrate our approach using OpenStack and through our experiments prove that our prototype implementation is effective at identifying “OpenStacknative” vulnerabilities. We also automate the process of identifying insecure configurations in the cloud and initiate steps for deploying Vulnerability Assessment-as-a-Service in OpenStack.
Malchow, M., Bauer, M., Meinel, C.: Couch Learning Mode: Multiple-Video Lecture Playlist Selection out of a Lecture Video Archive for E-learning Students.Proceedings of the 2016 ACM on SIGUCCS Annual Conference. pp. 77-82. ACM (2016).
During a video recorded university class students have to watch several hours of video content. This can easily add up to several days of video content during a semester. Naturally, not all 90 minutes of a typical lecture are relevant for the exam. When the semester ends with a final exam students have to study more intensively the important parts of all the lectures. To simplify the learning process and design it to be more efficient we have introduced the Couch Learning Mode in our lecture video archive. With this approach students can create custom playlists out of the video lecture archive with a time frame for every selected video. Finally, students can lean back and watch all relevant video parts consecutively for the exam without being interrupted. Additionally, the students can share their playlists with other students or they can use the video search to watch all relevant lecture videos about a topic. This approach uses playlists and HTML5 technologies to realize the consecutive video playback. Furthermore, the powerful Lecture Butler search engine is used to find worthwhile video parts for certain topics. Our approach shows that we have more satisfied students using the manual playlist creation to view reasonable parts for an exam. Finally, students are keen on watching the top search results showing reasonable parts of lectures for a topic of interest. The Couch Learning Mode supports and motivates students to learn with video lectures for an exam and daily life.
Bauer, M., Malchow, M., Meinel, C.: Schrittweiser Umbau einer Lernvideo-Plattform zur Unterstützung von HTML5 und HTTP-Videostreaming.Tagungsband GML². p. 320 ff. (2016).
Krentz, K.-F., Meinel, C., Schnjakin, M.: POTR: Practical On-the-fly Rejection of Injected and Replayed 802.15.4 Frames.Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE, Salzburg, Austria (2016).
The practice of rejecting injected and replayed 802.15.4 frames only after they were received leaves 802.15.4 nodes vulnerable to broadcast and droplet attacks. Basically, in broadcast and droplet attacks, an attacker injects or replays plenty of 802.15.4 frames. As a result, victim 802.15.4 nodes stay in receive mode for extended periods of time and expend their limited energy. He et al. considered embedding one-time passwords in the synchronization headers of 802.15.4 frames so as to avoid that 802.15.4 nodes detect injected and replayed 802.15.4 frames in the first place. However, He et al.’s, as well as similar proposals lack support for broadcast frames and depend on special hardware. In this paper, we propose Practical On-the-fly Rejection (POTR) to reject injected and replayed 802.15.4 frames early during receipt. Unlike previous proposals, POTR supports broadcast frames and can be implemented with many off-the-shelf 802.15.4 transceivers. In fact, we implemented POTR with CC2538 transceivers, as well as integrated POTR into the Contiki operating system. Furthermore, we demonstrate that, compared to using no defense, POTR reduces the time that 802.15.4 nodes stay in receive mode upon receiving an injected or replayed 802.15.4 frame by a factor of up to 16. Beyond that, POTR has a small processing and memory overhead, and incurs no communication overhead.
Wenzel, M., Meinel, C.: Parallel network data processing in client side JavaScript applications.Proceedings of the 2015 International Conference on Collaboration Technologies and Systems (CTS2015). pp. 140-147. IEEE (2015).
In modern computer systems, multicore processors are prevalent, even on mobile devices. Since JavaScript WebWorkers provide execution parallelism in a web browser, they can help utilize multicore CPUs more effectively. However, WebWorker limitations include a lack of access to web browser's native XML processing capabilities and related Document Object Model (DOM). We present a JavaScript DOM and XML processing implementation that adds missing APIs to WebWorkers. This way, it is possible to use JavaScript code that relies on native APIs within WebWorkers. We show and evaluate the seamless integration of an external XMPP library to enable parallel network data and user input processing in a web based real-time remote collaboration system. Evaluation shows that our XML processing solution has the same linear execution time complexity as its native API counterparts. The proposed JavaScript solution is a general approach to enable parallel XML data processing within web browser-based applications. By implementing standards compliant DOM interfaces, our implementation is useful for existing libraries and applications to leverage the processing power of multicore systems.
Azodi, A., Jaeger, D., Cheng, F., Meinel, C.: Passive Network Monitoring using REAMS.Proceedings of the 6th International Conference on Information Science and Applications (ICISA 2015). pp. 205-215. Sprinter, Pattaya, Thailand (2015).
Azodi, A., Gawron, M., Sapegin, A., Cheng, F., Meinel., C.: Leveraging Event Structure for Adaptive Machine Learning on Big Data Landscapes.Proceedings of the International Conference on Mobile, Secure and Programmable Networking (MSPN'15). Springer (2015).
Modern machine learning techniques have been applied to many aspects of network analytics in order to discover patterns that can clarify or better demonstrate the behavior of users and systems within a given network. Often the information to be processed has to be converted to a different type in order for machine learning algorithms to be able to process them. To accurately process the information generated by systems within a network, the true intention and meaning behind the information must be observed. In this paper we propose different approaches for mapping network information such as IP addresses to integer values that attempts to keep the relation present in the original format of the information intact. With one exception, all of the proposed mappings result in (at most) 64 bit long outputs in order to allow atomic operations using CPUs with 64 bit registers. The mapping output size is restricted in the interest of performance. Additionally we demonstrate the benefits of the new mappings for one specific machine learning algorithm (k-means) and compare the algorithm's results for datasets with and without the proposed transformations.
Staubitz, T., Klement, H., Renz, J., Teusner, R., Meinel, C.: Towards Practical Programming Exercises and Automated Assessment in Massive Open Online Courses.Proceedings of the IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE2015). IEEE, Zhuhai, China (2015).
Perlich, A., Sapegin, A., Meinel, C.: Implementation of Data Security Requirements in a Web-Based Application for Interactive Medical Documentation.Proceedings of the International Conference on Health Informatics (HealthInf 2015) (2015).
Keeping data confidential is a deeply rooted requirement in medical documentation. However, there are increasing calls for patient transparency in medical record documentation. With Tele-Board MED, an interactive system for joint documentation of doctor and patient is developed. This web-based application designed for digital whiteboards will be tested in treatment sessions with psychotherapy patients and therapists. In order to ensure the security of patient data, security measures were implemented and they are illustrated in this paper. We followed the major information security objectives: confidentiality, integrity, availability and accountability. Next to technical aspects, such as data encryption, access restriction through firewall and password, and measures for remote maintenance, we address issues at organizational and infrastructural levels as well (e.g., patients’ access to notes). With this paper we want to increase the awareness of information security, and promote a security conception from the beginning of health software research projects. The measures described in this paper can serve as an example for other health software applications dealing with sensitive patient data, from early user testing phases on.
Sianipar, J.H., Meinel, C.: A verification mechanism for cloud brokerage system.Proceedings of the Second International Conference on Computer Science, Computer Engineering, and Social Media (CSCESM2015). pp. 143 - 148. IEEE Press, Lodz, Poland (2015).
In the existing cloud brokerage system, the client does not have the ability to verify the result of the cloud service selection. There are possibilities that the cloud broker can be biased in selecting the best Cloud Service Provider (CSP) for a client. A compromised or dishonest cloud broker can unfairly select a CSP for its own advantage by cooperating with the selected CSP. To address this problem, we propose a mechanism to verify the CSP selection result of the cloud broker. In this verification mechanism, properties of every CSP will also be verified. It uses a trusted third party to gather clustering result from the cloud broker. This trusted third party is also used as a base station to collect CSP properties in a multi-agents system. Software Agents are installed and running on every CSP. The CSP is monitored by agents as the representative of the customer inside the cloud. These multi-agents give reports to a third party that must be trusted by CSPs, customers and the Cloud Broker. The third party provides transparency by publishing reports to the authorized parties (CSPs and Customers).
Elsaid, M.E., Meinel, C.: Friendship based Storage Allocation for Online Social Networks Cloud Computing.Proceedings of the International Conference of Cloud Computing Technologies and Applications (CloudTech 2015). IEEE Press, Marrakesh, Morrocco (2015).
Berger, P., Hennig, P., Dummer, D., Ernst, A., Hille, T., Schulze, F., Meinel, C.: Extracting Image Context from Pinterest for Image Recommendation.Proceedings of the 8th IEEE International Conference on Social Computing and Networking (SocialCom2015). , Chengdu, China (2015).
Berger, P., Hennig, P., Eschrig, J., Roeder, D., Meinel, C.: Extraction and Analysis of Web Interviews.Proceedings of the IEEE/ACM International Conference on Web Intelligence (WI2015). IEEE Press, Singapore (2015).
Ussath, M., Cheng, F., Meinel, C.: Concept for a Security Investigation Framework.Proceedings of the 7th IFIP International Conference on New Technologies, Mobility, and Security (NTMS’15) (2015).
Torkura, K.A., Cheng, F., Meinel, C.: A Proposed Framework For Proactive Vulnerability Assessments in Cloud Deployments.Proceedings of the 10th International Conference for Internet Technology and Secured Transactions (ICITST2015). IEEE (2015).
Vulnerability scanners are deployed in computer networks and software to timely identify security flaws and misconfigurations. However, cloud computing has introduced new attack vectors that requires commensurate change of vulnerability assessment strategies. To investigate the effectiveness of these scanners in cloud environments, we first conduct a quantitative security assessment of OpenStack’s vulnerability lifecycle and discover severe risk levels resulting from prolonged patch release duration. More specifically, there are long time lags between OpenStack patch releases and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actions and creation of exploits such as zero-days. Mitigating these concern requires systems with current knowledge on events within the vulnerability lifecycle. However, current vulnerability scanners are designed to depend on information about publicly announced vulnerabilities which mostly includes only vulnerability disclosure dates. Accordingly, we propose a framework that would mitigate these risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories and Bug Tracking Systems. The information is thereafter used to automatically generate plugins armed with current information about zero-day exploits and unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks
Shaabani, N., Meinel, C.: Scalable Inclusion Dependency Discovery.Proceedings of the 20th International Conference of Database Systems for Advanced Applications (DASFAA2015). pp. 425-440. Springer (2015).
Inclusion dependencies within and across databases are an important relationship for many applications in anomaly detection, schema (re-)design, query optimization or data integration. When such dependencies are not available as explicit metadata, scalable and efficient algorithms have to discover them from a given data instance. We introduce a new idea for clustering the attributes of database relations. Based on this idea we have developed S-indd, an efficient and scalable algorithm for discovering all unary inclusion dependencies in large datasets. S-indd is scalable both in the number of attributes and in the number of rows. We show that previous approaches reveal themselves as special cases of S-indd. We exhaustively evaluate S-indd's scalability using many datasets with several thousands attributes and rows up to one million. The experiments show that S-indd is up to 11x faster than previous approaches.
Gawron, M., Cheng, F., Meinel, C.: Automatic Vulnerability Detection for Weakness Visualization and Advisory Creation.Proceedings of the 8th International Conference on Security of Information and Networks (SIN’15). pp. 229-236. ACM Press (2015).
The detection of vulnerabilities in computer systems and computer networks as well as the representation of the results are crucial problems. The presented method tackles the problem with an automated detection and an intuitive representation. For detecting vulnerabilities the approach uses a logical representation of preconditions and postconditions of vulnerabilities. Thus an automated analytical function could detect security leaks on a target system. The gathered information is used to provide security advisories and enhanced diagnostics for the system. Additionally the conditional structure allows us to create attack graphs to visualize the network structure and the integrated vulnerability information. Finally we propose methods to resolve the identified weaknesses whether to remove or update vulnerable applications and secure the target system. This advisories are created automatically and provide possible solutions for the security risks.
Torkura, K.A., Cheng, F., Meinel, C.: Application of Quantitative Security Metrics In Cloud Computing.Proceedings of the 10th International Conference for Internet Technology and Secured Transactions (ICITST2015). IEEE (2015).
Security issues are still prevalent in cloud computing particularly public cloud. Efforts by Cloud Service Providers to secure out-sourced resources are not sufficient to gain trust from customers. Service Level Agreements (SLAs) are currently used to guarantee security and privacy, however research into SLAs monitoring suggests levels of dissatisfaction from cloud users. Accordingly, enterprises favor private clouds such as OpenStack as they offer more control and security visibility. However, private clouds do not provide absolute security, they share some security challenges with public clouds and eliminate other challenges. Security metrics based approaches such as quantitative security assessments could be adopted to quantify security value of private and public clouds. Software quantitative security assessments provide extensive visibility into security postures and help assess whether or not security has improved or deteriorated. In this paper we focus on private cloud security using OpenStack as a case study, we conduct a quantitative assessment of OpenStack based on empirical data. Our analysis is multi-faceted, covering OpenStack major releases and services. We employ security metrics to determine the vulnerability density, vulnerability severity metrics and patching behavior. We show that OpenStack’s security has improved since inception, however concerted efforts are imperative for secure deployments, particularly in production environments.
Ambassa, P.L., Wolthusen, S.D., Kayem, A.V.D.M., Meinel, C.: Robust Snapshot Algorithm for Power Consumption Monitoring in Computationally Constrained Micro-Grids.In Proceedings, IEEE Power and Energy Society Innovative Smart Grid Technologies Asia 2015 (IEEE-ISGT-ASIA 2015), November 4-6, 2015, Bangkok, Thailand. p. 1--6 (2015).
We present an approach to monitoring power consumption in a distributed computationally constrained micro-grid. Computationally constrained micro-grids typically operate over low-powered computational devices on insecure and unreliable communication networks. Monitoring these networks is important in distinguishing faulty power reports from adversarially manipulated ones. We address this problem with a two-pronged approach, first by characterizing electrical appliances according to consumption behavior models. Second, we propose a delayed snapshot algorithm for collecting aggregated data on power consumption patterns. Our snapshot algorithm is demonstrably efficient in terms of message exchange and offers the added advantage of being resilient to malicious attacks aimed at communication disruption.
Hennig, P., Berger, P., Dullweber, C., Finke, M., Maschler, F., Risch, J., Meinel, C.: Social Media Story Telling.Proceedings of the 8th IEEE International Conference on Social Computing and Networking (SocialCom2015). , Chengdu, China (2015).
Cheng, F., Sapegin, A., Gawron, M., Meinel, C.: Analyzing Boundary Device Logs on the In-Memory Platform.Proceedings of the IEEE International Symposium on Big Data Security on Cloud (BigDataSecurity‘15). IEEE (2015).
The boundary devices, such as routers, firewalls, proxies, and domain controllers, etc., are continuously generating logs showing the behaviors of the internal and external users, the working state of the network as well as the devices themselves. To rapidly and efficiently analyze these logs makes great sense in terms of security and reliability. However, it is a challenging task due to the fact that a huge amount of data might be generated for being analyzed in very short time. In this paper, we address this challenge by applying complex analytics and modern in-memory database technology on the large amount of log data. Logs from different kinds of devices are collected, normalized, and stored in the In-Memory database. Machine learning approaches are then implemented to analyze the centralized big data to identify attacks and anomalies which are not easy to be detected from the individual log event. The proposed method is implemented on the In-Memory platform, i.e., SAP HANA Platform, and the experimental results show that it has the expected capabilities as well as the high performance.
Torkura, K.A., Cheng, F., Meinel, C.: Aggregating Vulnerability Information for Proactive Cloud Vulnerability Assessment.Journal of Internet Technology and Secured Transactions.4, (2015).
The current increase in software vulnerabilities necessitates concerted research in vulnerability lifecycles and how effective mitigative approaches could be implemented. This is especially imperative in cloud infrastructures considering the novel attack vectors introduced by this emerging computing paradigm. By conducting a quantitative security assessment of OpenStack’s vulnerability lifecycle, we discovered severe risk levels resulting from prolonged gap between vulnerability discovery and patch release. We also observed an additional time lag between patch release and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actors to develop zero-days exploits and other types of malicious software. Mitigating these concerns requires systems with current knowledge on events within the vulnerability lifecycle. However, current threat mitigation systems like vulnerability scanners are designed to depend on information from public vulnerability repositories which mostly do not retain comprehensive information on vulnerabilities. Accordingly, we propose a framework that would mitigate the afore-mentioned risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories, Bug Tracking Systems and other channels. These information is thereafter used to automatically generate plugins armed with current information about possible zeroday exploits and other unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks, Scanner Patch Time and Scanner Patch Discovery Time
Sapegin, A., Amirkhanyan, A., Gawron, M., Cheng, F., Meinel, C.: Poisson-based Anomaly Detection for Identifying Malicious User Behaviour.Proceedings of the International Conference on Mobile, Secure and Programmable Networking (MSPN'15). Springer (2015).
Nowadays, malicious user behaviour that does not trigger access violation or alert of data leak is difficult to be detected. Using the stolen login credentials the intruder doing espionage will first try to stay undetected: silently collect data from the company network and use only resources he is authorised to access. To deal with such cases, a Poisson-based anomaly detection algorithm is proposed in this paper. Two extra measures make it possible to achieve high detection rates and meanwhile reduce number of false positive alerts: (1) checking probability first for the group, and then for single users and (2) selecting threshold automatically. To prove the proposed approach, we developed a special simulation testbed that emulates user behaviour in the virtual network environment. The proof-of-concept implementation has been integrated into our prototype of a SIEM system — Real-time Event Analysis and Monitoring System, where the emulated Active Directory logs from Microsoft Windows domain are extracted and normalised into Object Log Format for further processing and anomaly detection. The experimental results show that our algorithm was able to detect all events related to malicious activity and produced zero false positive results. Forethought as the module for our self-developed SIEM system based on the SAP HANA in-memory database, our solution is capable of processing high volumes of data and shows high efficiency on experimental dataset.
Jaeger, D., Azodi, A., Cheng, F., Meinel, C.: Normalizing Security Events with a Hierarchical Knowledge Base.Proceedings of the 9th International Conference on Information Security Theory and Practice (WISTP'15). pp. 237-248. Springer Internation Publishing (2015).
An important technique for attack detection in complex company networks is the analysis of log data from various network components. As networks are growing, the number of produced log events increases dramatically, sometimes even to multiple billion events per day. The analysis of such big data highly relies on a full normalization of the log data in realtime. Until now, the important issue of full normalization of a large number of log events is only insufficiently handled by many software solutions and not well covered in existing research work. In this paper, we propose and evaluate multiple approaches for handling the normalization of a large number of typical logs better and more efficient. The main idea is to organize the normalization in multiple levels by using a hierarchical knowledge base (KB) of normalization rules. In the end, we achieve a performance gain of about 1000x with our presented approaches, in comparison to a naive approach typically used in existing normalization solutions. Considering this improvement, big log data can now be handled much faster and can be used to find and mitigate attacks in realtime.
Ambassa, P.L., Kayem, A.V.D.M., D.Wolthusen, S., Meinel, C.: Secure and Reliable Power Consumption Monitoring in Untrustworthy Micro-grids.In Proceedings, 1st International Conference on Future Network Systems and Security (FNSS 2015), June 11-13, 2015, Paris, France (Future Network Systems and Security, Communications in Computer and Information Science. p. 166-- 180. Springer International Publishing (2015).
Micro-grid architectures based on renewable energy sources offer a viable solution to electricity provision in regions that are not connected to the national power grid or that are severely affected by load shedding. The limited power generated in micro-grids however makes monitoring power consumption an important consideration in guaranteeing efficient and fair energy sharing. A further caveat is that adversarial data tampering poses a major impediment to fair energy sharing on small scale energy systems, like micro-grids, and can result in a complete breakdown of the system. In this paper, we present an innovative approach to monitoring home power consumption in smart micro-grids. This is done by taking into account power consumption measurement on a per appliance and/or device basis. Our approach works by employing a distributed snapshot algorithm to asynchronously collect the power consumption data reported by the appliances and devices. In addition, we provide a characterization of noise that affects the quality of the data making it difficult to differentiate measurement errors and power fluctuations from deliberate attempts to misreport consumption.
Wang, C., Yang, H., Che, X., Meinel, C.: Concept-Based Multimodal Learning for Topic Generation.Proceedings of the 21st International Conference on Multimedia Modeling (MMM2015). p. 385--395. Springer (2015).
In this paper, we propose a concept-based multimodal learning model (CMLM) for generating document topic through modeling textual and visual data. Our model considers cross-modal concept similarity and unlabeled image concept, it is capable of processing document which has modality missing. The model can extract semantic concepts from unlabeled image and combine with text modality to generate document topics. Our comparison experiments on news document topic generation shows, in multimodal scenario, CMLM can generate more representative topics than latent dirichet allocation (LDA) based topic for representing given document.
Malchow, M., Bauer, M., Meinel, C.: Lecture Butler - Teaching Reasonable Lectures from a Lecture Video Archive.Proceedings of the 2015 ACM Annual Conference on SIGUCCS. pp. 3-9. ACM (2015).
Lecture video archives offer a large variety of lecture recordings in different topics. Naturally, topics are described superficially, easily or detailed in different lectures. Users interested in certain topics have problems finding lectures describing a topic chronology from basic lectures to more detailed difficult lectures. The Lecture Butler is going to automatically offer e-learning students lectures for the topics of interest in chronological playlists. The approach is finding lecture information using title, description, OCR and ASR data. This data is indexed and searched by an in-memory database to fulfill the speed requirements for playlist creation. In the search results lectures are going to be ordered by lecture occurrence in the university semester time schedule or by given lecture level of difficulty. As a result students can automatically create playlists for their topic of interest in sequence of the lecture level. Hence, students are not overstrained by lectures when they start with basic lectures first. Basic lectures provide information to understand more complex lectures. The research shows that an automatic approach by adding the level of difficulty or university semester time table is going to show reasonable playlists to find topics of interest. This solves the main problem students encounter when they try to learn a topic step-by-step using recorded lectures. The approach will support and motivate students using e-learning opportunities.
Jaeger, D., Azodi, A., Cheng, F., Meinel, C.: Normalizing Security Events with a Hierarchical Knowledge Base.Proceedings of the 9th WISTP International Conference on Information Security Theory and Practice (WISTP'15) (2015).
An important technique for attack detection in complex company networks is the analysis of log data from various network components. As networks are growing, the number of produced log events increases dramatically, sometimes even to multiple billion events per day. The analysis of such big data highly relies on a full normalization of the log data in realtime. Until now, the important issue of full normalization of a large number of log events is only insufficiently handled by many software solutions and not well covered in existing research work. In this paper, we propose and evaluate multiple approaches for handling the normalization of a large number of typical logs better and more efficient. The main idea is to organize the normalization in multiple levels by using a hierarchical knowledge base (KB) of normalization rules. In the end, we achieve a performance gain of about 1000x with our presented approaches, in comparison to a naive approach typically used in existing normalization solutions. Considering this improvement, big log data can now be handled much faster and can be used to find and mitigate attacks in realtime.
Che, X., Yang, H., Meinel, C.: Table Detection from Slide Images.Pacific-Rim Symposium on Image and Video Technology. pp. 762-774. , Auckland, New Zealand (2015).
In this paper we propose a solution to detect tables from slide images. Presentation slides are one type of document with growing importance. But the layout difference between slides and traditional documents makes many existing table detection methods less effective on slides. The proposed solution works with both high-resolution slide images from digital files and low-resolution slide screenshots from videos. By taking OCR (Optical Character Recognition) as initial step, a heuristic analysis on page layout focuses not only on the table structure but also the textual content. The evaluation result shows that the proposed solution achieves an approximate accuracy of 80 %. It is way better than the open-source academic solution Tesseract and also outperforms the commercial software ABBYY FineReader, which is supposed to be one of the best table detection tools.
Graupner, H., Torkura, K., Berger, P., Schnjakin, M., Meinel, C.: Secure Access Control for Multi-Cloud Resources.Proceedings of the 40th IEEE Conference on Local Computer Networks (LCN). IEEE (2015).
Privacy, security, and trust concerns are continuously hindering the growth of cloud computing despite its attractive features. To mitigate these concerns, an emerging approach targets the use of multi-cloud architectures to achieve portability and reduce cost. Multi-cloud architectures however suffer several challenges including inadequate cross-provider APIs, insufficient support from cloud service providers, and especially non-unified access control mechanisms. Consequently, the available multicloud proposals are unhandy or insecure. This paper proposes two contributions. At first, we survey existing cloud storage provider interfaces. Following, we propose a novel technique that deals with the challenges of connecting modern authentication standards and multiple cloud authorization methods.
Bauer, M., Malchow, M., Meinel, C.: Enhance Teleteaching Videos with Semantic Technologies. In: Uskov, V.L., Howlett, R.J., and Jain, L.C. (eds.) Smart Education and Smart e-Learning. pp. 105-115. Springer International Publishing (2015).
Perlich, A., Meinel, C.: Automatic Treatment Session Summaries in Psychotherapy – a Step towards Therapist-Patient Cooperation.Proceedings of the International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH2015) (2015).
Therapeutic documentation is a crucial part in psychotherapy and should first and foremost support the patient’s therapy progress. Yet, the notes taken throughout a therapy, mainly serve the use of therapists. In line with the movement of patient empowerment, the calls for patients’ access to their records are growing louder and were incorporated into the German patients’ rights law. Hence, with Tele-Board MED, an interactive system for joint documentation of therapist and patient was developed. In this paper, we introduce one of its many features: the automatic creation of treatment session summaries. Our contribution also consists of the evaluation of its potential for practical use by psychotherapists. The aim of our work is twofold, namely the involvement of patients in the documentation, and the support of therapists with their documentation duties. The aspects of investigation include the therapists’ documentation habits (regarding time, amount, and method), their purposes to manually create session summaries and opinion about the automatically created summaries. It was discovered that the bigger part of the motivation for treatment session documentation lies in the therapists’ personal purposes, such as remembering a case right before the next session. Nevertheless therapists are willing to turn documentation in a cooperative activity if they had effective and efficient tools at hand. With the system presented, they can well imagine summarizing important issues together with the patient at the end of a session and also handing out printed summaries to them.
Renz, J., Bauer, M., Malchow, M., Staubitz, T., Meinel, C.: Optimizing the Video Experience in MOOCs.Proceedings of the 7th International Conference on Education and New Learning Technologies (EduLearn). IATED, Barcelona, Spain (2015).
Wang, C., Yang, H., Meinel, C.: Visual-Textual Late Semantic Fusion Using Deep Neural Network for Document Categorization.Proceedings of the 22nd International Conference on Neural Information Processing (ICONIP2015). p. 662--670. Springer (2015).
Multi-modality fusion has recently drawn much attention due to the fast increasing of multimedia data. Document that consists of multiple modalities i.e. image, text and video, can be better understood by machines if information from different modalities semantically combined. In this paper, we propose to fuse image and text information with deep neural network (DNN) based approach. By jointly fusing visual-textual feature and taking the correlation between image and text into account, fusion features can be learned for representing document. We investigated the fusion features in document categorization, found that DNN-based fusion outperforms mainstream algorithms include K-Nearest Neighbor(KNN), Support Vector Machine (SVM) and Naive Bayes (NB) and 3-layer Neural Network (3L-NN) in both early and late fusion strategies.
Amirkhanyan, A., Cheng, F., Meinel, C.: Real-Time Clustering of Massive Geodata for Online Maps to Improve Visual Analysis.Proceedings of the 11th International Conference on Innovations in Information Technology (IIT2015). IEEE, Dubai, UAE (2015).
Nowadays, we have a lot of data produced by social media services, but more and more often these data contain information about a location that gives us the wide range of possibilities to analyze them. Since we can be interested not only in the content, but also in the location where this content was produced. For good analyzing geo-spatial data, we need to find the best approaches for geo clustering. And the best approach means real-time clustering of massive geodata with high accuracy. In this paper, we present a new approach of clustering geodata for online maps, such as Google Maps, OpenStreetMap and others. Clustered geodata based on their location improve visual analysis of them and improve situational awareness. Our approach is the server-side online algorithm that does not need the entire data to start clustering. Also, this approach works in real-time and could be used for clustering of massive geodata for online maps in reasonable time. We implemented the proposed approach to prove the concept, and also, we provided experiments and evaluation of our approach.
Staubitz, T., Pfeiffer, T., Renz, J., Willems, C., Meinel, C.: Collaborative Learning in a MOOC Environment.Proceedings of the 8th annual International Conference of Education, Research and Innovation. pp. 8237-8246. IATED, Seville, Spain (2015).
Taheri, M., Meinel, C.: Pedagogical Evaluation of the Design Thinking MOOCs.Proceedings of the 3rd International Conference for Design Education Researchers (LearnXDesign2015). Aalto University, Chicago, Illinois, USA (2015).
Design Thinking and Massive Open Online Courses (MOOCs) have enjoyed a widespread attention and uptake by both institutes of higher education and media. These two increasingly popular phenomena have joined forces in the recent years with several reputable universities offering MOOCs on Design Thinking. However the MOOC model of learning and Design Thinking education seem very contradictory at the first glance: Design Thinking is taught in a learning-by-doing fashion in small teams and through various hands-on activities. In contrast, MOOCs are most often completed individually. Hence the seemingly unfitting characteristics of MOOCs and Design Thinking are worth further investigation. This paper presents the initial stage of a research project that explores the potential of teaching Design Thinking at scale. It offers a pedagogical evaluation of the existing Design Thinking MOOCs using the Taxonomy Table and the Seven Principles of Good Practice in Undergraduate Education. The results shed light on how Design Thinking is being taught today in a MOOC environment and the learning objectives that the course providers are expecting.
Berger, P., Hennig, P., Schönberg, M., Meinel, C.: Blog, Forum or Newspaper? Web Genre Detection using SVMs.Proceedings of the IEEE/ACM International Conference on Web Intelligence (WI2015). IEEE Press, Singapore (2015).
Sapegin, A., Gawron, M., Jaeger, D., Cheng, F., Meinel, C.: High-speed Security Analytics Powered by In-memory Machine Learning Engine.Proceedings of the 14th International Symposium on Parallel and Distributed Computing (ISPDC 2015). pp. 74 - 81. IEEE (2015).
Modern Security Information and Event Management systems should be capable to store and process high amount of events or log messages in different formats and from different sources. This requirement often prevents such systems from usage of computational-heavy algorithms for security analysis. To deal with this issue, we built our system based on an in-memory data base with an integrated machine learning library, namely SAP HANA. Three approaches, i.e. (1) deep normalisation of log messages (2) storing data in the main memory and (3) running data analysis directly in the database, allow us to increase processing speed in such a way, that machine learning analysis of security events becomes possible nearly in real-time. To prove our concepts, we measured the processing speed for the developed system on the data generated using Active Directory tested and showed the efficiency of our approach for high-speed analysis of security events.
Yang, H., Wang, C., Che, X., Luo, S., Meinel, C.: An Improved System For Real-Time Scene Text Recognition.Proceedings of the 5th ACM on International Conference on Multimedia Retrieval (ICMR 2015). pp. 657-660. , Shanghai, China (2015).
In this paper we showcase a system for real-time text detection and recognition. We apply deep features created by Convolutional Neural Networks (CNNs) for both text detection and word recognition task. For text detection we follow the common localization-verification scheme which already shown its excellent ability in numerous previous work. In text localization stage, textual regions are roughly detected by using a MSERs (Maximally Stable Extremal Regions) detector with high recall rate. False alarms are then eliminated by using a CNNs classifier, and remaining text regions are further grouped into words. In the word recognition stage, we developed an skeleton-based text binarization method for segmenting text from its background. A CNNs based recognizer is then applied for recognizing character. The initial experiments show the powerful ability of deep features for text classification comparing with commonly used visual features. Our current implementation demonstrates real-time performance for recognizing scene text by using a standard PC with webcam.
Gawron, M., Cheng, F., Meinel, C.: Automatic Detection of Vulnerabilities for Advanced Security Analytics.Proceedings of the 17th Asia-Pacific Network Operations and Management Symposium (APNOMS’15). pp. 471-474. IEEE (2015).
The detection of vulnerabilities in computer systems and computer networks as well as the weakness analysis are crucial problems. The presented method tackles the problem with an automated detection. For identifying vulnerabilities the approach uses a logical representation of preconditions and postconditions of vulnerabilities. The conditional structure simulates requirements and impacts of each vulnerability. Thus an automated analytical function could detect security leaks on a target system based on this logical format. With this method it is possible to scan a system without much expertise, since the automated or computer-aided vulnerability detection does not require special knowledge about the target system. The gathered information is used to provide security advisories and enhanced diagnostics which could also detect attacks that exploit multiple vulnerabilities of the system.
Malchow, M., Bauer, M., Meinel, C.: Enhance Lecture Archive Search with OCR Slide Detection and In-Memory Database Technology.2015 IEEE 18th International Conference on Computational Science and Engineering (CSE). pp. 176-183. IEEE (2015).
On the Web there are a lot of frequently used video lecture archives which have grown up fast during the last couple of years. This fact led to a lot of lecture recordings which include knowledge for a variety of subjects. The typical way of searching these videos is by title and description. Unfortunately, not all important keywords and facts are mentioned in the title or description if they are available. Furthermore, there is no possibility to analyze how important those detected keywords are for the whole video. Another lecture archive specific virtue is that every regular university lecture is repeated yearly. Normally this will lead to duplicate lecture recordings. In search results doubling is disturbing for students when they want to watch the most recent lectures from the search result. This paper deals with the idea to resolve these problems by analyzing the recorded lecture slides with Optical Character Recognition (OCR). In addition to the name and description the OCR data will be used for a full text analysis to create an index for the lecture archive search. Furthermore, a fuzzy search is introduced. This will solve the issue of misspelled search requests and OCR detection defects. Additionally, this paper deals with the performance issues of a full text search with an in-memory database, issues in OCR detection, handling duplicate recordings of lectures repeated every year. Finally, an evaluation of the search performance in comparison with other database ideas besides the in-memory database is performed. Additionally, a user acceptability survey for the search results to increase the learning experience on lecture archives was performed. As a result, this paper shows how to handle the big amount of OCR data for a full text live search performed on an in-memory database in reasonable time. During this search a fuzzy search is performed additionally to resolve spelling mistakes and OCR detection problems. In conclusion this paper shows a solution for an enhanced video lecture archive search that supports students in online research processes and enhances their learning experience.
Matthies, C., Pirl, L., Azodi, A., Meinel, C.: Beat your Mom at Solitaire –- A Review of Reverse Engineering Techniques and Countermeasures.Proceedings of the 6th International Conference on Software Engineering and Service Science, (ICSESS 2015). pp. 1094-1097. , Beijing, China (2015).
Malchow, M., Bauer, M., Meinel, C.: Self-Test Integration in Lecture Video Archives.ICERI2015 Proceedings - 8th International Conference of Education, Research and Innovation. pp. 7631-7638. IATED (2015).
Lecture video archives offer hundreds of lectures. Students have to watch lecture videos in a lecture archive without any feedback. They do not know if they understood everything correctly in comparison to MOOCs (Massive Open Online Course) where a direct feedback with self-tests or assignments is common. In contrast to MOOCs, video lecture archives normally do not offer self-test or assignment sections after every video. Due to this behavior of lecture archives questions have to be made visible on the video page. Furthermore, lecture recording videos are typically longer than videos in MOOCs. So, it is not so reasonable and sometimes even demotivating to ask a lot of questions after a long video when not all information is already memorized by the student. The approach of this paper is to overcome these self-test problems in lecture video archives and to finally solve them in a reasonable way to increase the learning experience and support students to learn more efficient with recorded lecture videos.
Torkura, K.A., Meinel, C.: Towards Cloud-Aware Vulnerability Assessments.Proceedings of the 11th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS2015). IEEE (2015).
Vulnerability assessments are best practices for computer security and requirements for regulatory compliance. Potential and existing security holes can be identified during vulnerability assessments and security breaches could be averted. However, the unique nature of cloud computing environments requires more dynamic assessment techniques. The proliferation of cloud services and cloud-aware applications introduce more cloud vulnerabilities. But, current measures for identification, mitigation and prevention of cloud vulnerabilities do not suffice. Our investigations indicate a possible reason for this inefficiency to lapses in availability of precise, cloud vulnerability information. We observed also that most research efforts in the context of cloud vulnerability concentrate on IaaS, leaving other cloud models largely unattended. Similarly, most cloud assessment efforts tackle general cloud vulnerabilities rather than cloud specific vulnerabilities. Yet, mitigating cloud specific vulnerabilities is important for cloud security. Hence, this paper proposes a new approach that addresses the mentioned issues by monitoring, acquiring and adapting publicly available cloud vulnerability information for effective vulnerability assessments. We correlate vulnerability information from public vulnerability databases and develop Network Vulnerability Tests for specific cloud vulnerabilities. We have implemented, evaluated and verified the suitability of our approach.
Amirkhanyan, A., Sapegin, A., Cheng, F., Meinel, C.: Simulation User Behavior on A Security Testbed Using User Behavior States Graph.Proceedings of the 8th International Conference on Security of Information and Networks (SIN’15). pp. 217-223. ACM Press (2015).
For testing new methods of network security or new algorithms of security analytics, we need the experimental environments as well as the testing data which are much as possible similar to the real-world data. Therefore, the researchers are always trying to find the best approaches and recommendations of creating and simulating testbeds, because the issue of automation of the testbed creation is a crucial goal to accelerate research progress. One of the ways to generate data is simulate the user behavior on the virtual machines, but the challenge is how to describe what we want to simulate. In this paper, we present a new approach of describing user behavior for the simulation tool. This approach meets requirements of simplicity and extensibility. And it could be used for generating user behavior scenarios to simulate them on Windows-family virtual machines. The proposed approached is applied to our developed simulation tool that we use for solving a problem of the lack of data for research in network security and security analytics areas by generating log dataset that could be used for testing new methods of network security and new algorithms of security analytics.
Che, X., Yang, H., Meinel, C.: Adaptive E-Lecture Video Outline Extraction Based on Slides Analysis.Proceedings of 2015 International Conference on Advances in Web-Based Learning (ICWL2015). pp. 59-68. , Guangzhou, China (2015).
In this paper, we propose an automated adaptive solution to generate logical, accurate and detailed tree-structure outline for video-based online lectures, by extracting the attached slides and reconstructing their content. The proposed solution begins with slide-transition detection and optical character recognition, and then proceeds by a static method of analyzing the layout of single slide and the logical relations within the slides series. Some features about the under-processing slides series, such as a �xed title position, will be �gured out and applied in the adaptive rounds to improve the outline quality. The result of our experiments shows that the general accuracy of the �nal lecture outline reaches 85%, which is about 13% higher than the static method.
Berger, P., Hennig, P., Bunk, S., Korsch, D., Kurzynski, D., Meinel, C.: Finding Demand for Products in the Social Web.Proceedings of the 8th IEEE International Conference on Social Computing and Networking (SocialCom2015). , Chengdu, China (2015).
Krentz, K.-F., Meinel, C.: Handling Reboots and Mobility in 802.15.4 Security.Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015). ACM, Los Angeles, CA, USA (2015).
To survive reboots, 802.15.4 security normally requires an 802.15.4 node to store both its anti-replay data and its frame counter in non-volatile memory. However, the only non-volatile memory on most 802.15.4 nodes is flash memory, which is energy consuming, slow, as well as prone to wear. Establishing session keys frees 802.15.4 nodes from storing anti-replay data and frame counters in non-volatile memory. For establishing pairwise session keys for use in 802.15.4 security in particular, Krentz et al. proposed the Adaptable Pairwise Key Establishment Scheme (APKES). Yet, APKES neither supports reboots nor mobile nodes. In this paper, we propose the Adaptive Key Establishment Scheme (AKES) to overcome these limitations of APKES. Above all, AKES makes 802.15.4 security survive reboots without storing data in non-volatile memory. Also, we implemented AKES for Contiki and demonstrate its memory and energy efficiency. Of independent interest, we resolve the issue that 802.15.4 security stops to work if a node's frame counter reaches its maximum value, as well as propose a technique for reducing the security-related per frame overhead.
Wang, C., Yang, H., Meinel, C.: Does Multilevel Semantic Representation Improve Text Categorization?Proceedings of the 26th International Conference on Database and Expert Systems Applications (DEXA 2015). pp. 319-333. Springer (2015).
This paper presents a novel approach for text categorization by fusing “Bag-of-words” (BOW) word feature and multilevel semantic feature (SF). By extending Online LDA (OLDA) as multilevel topic model for learning a semantic space with different topic granularity, multilevel semantic features are extracted for representing text component. The effectiveness of our approach is evaluated on both large scale Wikipedia corpus and middle-sized 20newsgroups dataset. The former experiment shows that our approach is able to preform semantic feature extraction on large scale dataset. It also demonstrates the topics generated from different topic level have different semantic scopes, which is more appropriate to represent text content. Our classification experiments on 20newsgroups achieved 82.19 % accuracy, which illustrates the effectiveness of fusing BOW and SF features. The further investigation on word and semantic feature fusion proves that Support Vector Machine (SVM) is more sensitive to semantic feature than Naive Bayes (NB), K Nearest Neighbor(KNN), Decision Tree (DT). It is shown that appropriately fusing low-level word feature and high-level semantic feature can achieve equally well or even better result than state-of-the-art with reduced feature dimension and computational complexity
Hennig, P., Berger, P., Brehm, M., Grasnick, B., Herdt, J., Meinel, C.: Hot spot detection - An interactive cluster heat map for sentiment analysis.Proceedings of the 2015 IEEE International Conference on Data Science and Advanced Analytics (DSAA 2015). , Paris, France (2015).
Wang, C., Yang, H., Meinel, C.: Deep Semantic Mapping for Cross-Modal Retrieval.Proceedings of the 27th IEEE International Conference on Tools with Artificial Intelligence (ICTAI2015) (2015).
Cross-Modal mapping plays an essential role in multimedia information retrieval systems. However, most of existing work paid much attention on learning mapping functions but neglected the exploration of high-level semantic representation of modalities. Inspired by recent success of deep learning, in this paper, deep CNN (convolutional neural networks) features and topic features are utilized as visual and textual semantic representation respectively. To investigate the highly non-linear semantic correlation between image and text, we propose a regularized deep neural network(RE-DNN) for semantic mapping across modalities. By imposing intra-modal regularization as supervised pre-training, we finally learn a joint model which captures both intra-modal and inter-modal relationships. Our approach is superior to previous work in follows: (1) it explores high-level semantic correlations, (2) it requires little prior knowledge for model training, (3) it is able to tackle modality missing problem. Extensive experiments on benchmark Wikipedia dataset show RE-DNN outperforms the state-of-the-art approaches in cross-modal retrieval.
Luo, S., Yang, H., Meinel, C.: Reward-based Intermittent Reinforcement in Gamification for E-learning.Proceedings of the 7th International Conference on Computer Supported Education. pp. 177-184. , Lisbon, Portugal (2015).
Nowadays gamification is a hot topic in the world, a lot of websites, applications and researches adapt this method to arouse users' motivation. From the past experience, gamification indeed has a positive influence on users' motivation especially in e-learning field. However, the gamification method either is hard to be applied to professional content called meaningful gamification or is negative on user's intrinsic motivation called reward-based gamification. So we study the game addiction mechanism and propose the reward-based intermittent reinforcement method in gamification to take advantage of user independence feature in the latter one and eliminate the negative influence on user's intrinsic motivation. In order to investigate the practicability and integrate effectiveness, we implement this model in our tele-teaching platform.
v. Löwis, M., Staubitz, T., Teusner, R., Renz, J., Tannert, S., Meinel, C.: Scaling Youth Development Training in IT Using an xMOOC Platform.Proceedings of the IEEE Frontiers in Education. IEEE, El Paso, TX, USA (2015).
