1.
Bin Tareaf, R., Berger, P., Hennig, P., Jung, J., Meinel, C.: Identifying Audience Attributes - Predicting Age, Gender and Personality for Enhanced Article Writing. ACM - International Conference on Cloud and Big Data Computing. pp. 79–88. ACM Press, London, UK (2017).
In order to create an effective article, having great content is essential. However, to achieve this, the writer needs to target a specific audience. A target audience refers to a group of readers that a writer intends to reach with his content. Defining a target audience is substantial because it has a direct effect on adjusting writing style and content of the article. Nowadays, writers rely solely on annotated attributes of articles, such as location and language to understand his/her audience. The aim of this work is to identify the audience attributes of articles, especially not-annotated attributes. Among others, this work focuses on the detection of three key audience attributes of related articles: age, gender, and personality. We compare between multiple machine learning classifiers to detect these attributes. Finally, we demonstrate a prototypical application that enables writers to run existing algorithms such as trend detection and showing related articles that are specific to a defined target audience based on the newly detected attributes.
2.
Bethge, J., Hahn, S., Döllner, J.: Improving Layout Quality by Mixing Treemap-Layouts Based on Data-Change Characteristics. In: Hullin, M., Klein, R., Schultz, T., and Yao, A. (eds.) Vision, Modeling & Visualization. The Eurographics Association (2017).
This paper presents a hybrid treemap layout approach that optimizes layout-quality metrics by combining state-of-the-art treemap layout algorithms. It utilizes machine learning to predict those metrics based on data metrics describing the characteristics and changes of the dataset. For this, the proposed approach uses a neural network which is trained on artificially generated dataset,s containing a total of 15.8 million samples. The resulting model is integrated into an approach called Smart-Layouting. This approach is evaluated on real-world data from 100 publicly available software repositories. Compared to other state-of-the-art treemap algorithms it reaches an overall better result. Additionally, this approach can be customized by an end user’s needs. The customization allows for specifying weights for the importance of each layout-quality metric. The results indicate, that the algorithm is able to adapt successfully towards a given set of weights.
3.
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States. Proceedings of the 22nd IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
4.
Seitz, K., Serth, S., Krentz, K.-F., Meinel, C.: Demo: Enabling En-Route Filtering for End-to-End Encrypted CoAP Messages. 15th ACM Conference on Embedded Networked Sensor Systems (SenSys 2017). ACM, Delft, The Netherlands (2017).
IoT devices usually are battery-powered and directly connected to the Internet. This makes them vulnerable to so-called path-based denial-of-service (PDoS) attacks. For example, in a PDoS attack an adversary sends multiple Constrained Application Protocol (CoAP) messages towards an IoT device, thereby causing each IoT device along the path to expend energy for forwarding this message. Current end-to-end security solutions, such as DTLS or IPsec, fail to prevent such attacks since they only filter out inauthentic CoAP messages at their destination. This demonstration shows an approach to allow en-route filtering where a trusted gateway has all necessary information to check the integrity, decrypt and, if necessary, drop a message before forwarding it to the constrained mote. Our approach preserves precious resources of IoT devices in the face of path-based denial-of-service attacks by remote attackers.
5.
Krentz, K.-F., Meinel, C., Graupner, H.: Countering Three Denial-of-Sleep Attacks on ContikiMAC. Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2017). Junction, Uppsala, Sweden (2017).
Like virtually all media access control (MAC) protocols for 802.15.4 networks, also ContikiMAC is vulnerable to various denial-of-sleep attacks. The focus of this paper is on countering three specific denial-of-sleep attacks on ContikiMAC, namely ding-dong ditching, pulse-delay attacks, and collision attacks. Ding-dong ditching is when attackers emit interference, inject frames, or replay frames so as to mislead ContikiMAC into staying in receive mode for extended periods of time and hence consuming much energy. Pulse-delay attacks are actually attacks on time synchronization, but can also be launched against ContikiMAC’s phase-lock optimization to cause an increased energy consumption. Lastly, in collision attacks, an attacker provokes retransmissions via jamming. In this paper, to counter these three kinds of denial-of-sleep attacks, we propose two optimizations to ContikiMAC. The dozing optimization, on the one hand, significantly reduces the energy consumption under ding-dong ditching. Beyond that, the dozing optimization helps during normal operation as it reduces the energy consumption of true wake ups, too. The secure phase-lock optimization, on the other hand, is a version of ContikiMAC’s phase-lock optimization that resists pulse-delay attacks. Additionally, the secure phase-lock optimization makes ContikiMAC resilient to collision attacks, as well as more energy efficient. We implemented and evaluated both optimizations using the Contiki operating system and OpenMotes.
6.
Yang, H., Fritzsche, M., Bartz, C., Meinel, C.: BMXNet: An Open-Source Binary Neural Network Implementation Based on MXNet. Proceedings of the 2017 ACM on Multimedia Conference. ACM, New York, NY, USA (2017).
7.
Krentz, K.-F., Meinel, C., Graupner, H.: Secure Self-Seeding with Power-Up SRAM States. IEEE Symposium on Computers and Communications (ISCC 2017). IEEE, Heraklion, Greece (2017).
Generating seeds on Internet of things (IoT) devices is challenging because these devices typically lack common entropy sources, such as user interaction or hard disks. A promising replacement is to use power-up static random-access memory (SRAM) states, which are partly random due to manufacturing deviations. Thus far, there, however, seems to be no method for extracting close-to-uniformly distributed seeds from power-up SRAM states in an information-theoretically secure and practical manner. Moreover, the min-entropy of power-up SRAM states reduces with temperature, thereby rendering this entropy source vulnerable to so-called freezing attacks. In this paper, we mainly make three contributions. First, we propose a new method for extracting uniformly distributed seeds from power-up SRAM states. Unlike current methods, ours is information-theoretically secure, practical, and freezing attack-resistant rolled into one. Second, we point out a trick that enables using power-up SRAM states not only for self-seeding at boot time, but also for reseeding at runtime. Third, we compare the energy consumption of seeding an IoT device either with radio noise or power-up SRAM states. While seeding with power-up SRAM states turned out to be more energy efficient, we argue for mixing both these entropy sources.
8.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-Norm Unit for Brain Lesions Detection. Springer (2017).
9.
Che, X., Luo, S., Yang, H., Meinel, C.: Automatic lecture subtitle generation and how it helps. 2017 IEEE 17th International Conference on Advanced Learning Technologies (ICALT). pp. 34–38. IEEE (2017).
10.
Serth, S., Podlesny, N.J., Bornstein, M., Lindemann, J., Latt, J., Selke, J., Schlosser, R., Boissier, M., Uflacker, M.: An interactive platform to simulate dynamic pricing competition on online marketplaces. 2017 IEEE 21st International Enterprise Distributed Object Computing Conference (EDOC). pp. 61–66. IEEE (2017).
11.
Sianipar, J., Willems, C., Meinel, C.: Signed URL for an Isolated Web Server in a Virtual Laboratory. Proceedings of the 9th International Conference on Education Technology and Computers, ICETC 2017, Barcelona, Spain, December 20-22, 2017. pp. 218–222 (2017).
12.
Rezaei, M., Yang, H., Meinel, C.: Deep Neural Network with l2-norm Unit for Brain Lesions Detection. International Conference on Neural Information Processing. Springer (2017).
13.
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform - A Toolset. In Proceedings of ACM Learning at Scale Conference (L@S2017)(ACM), accepted as WIP. ACM (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course. Furthermore, today’s jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the platform’s OPS-team, which prepares the courses in accordance with the requirements of the teaching teams. The evaluation is based on the analysis of data, which has been collected in five courses that have been conducted on one of our platforms during 2015 and 2016 and interviews with the platform’s OPS-team.
14.
Teusner, R., Wittstruck, N., Staubitz, T.: Video Conferencing as a Peephole to MOOC Participants. 2017 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE). IEEE (2017).
Distance education gained considerable attention with the rise of Massive Open Online Courses (MOOCs). Given the significant role collaboration plays in practical computer science education on campus, it becomes evident that nowadays online course platforms mostly lack the necessary collaborative capabilities. We present a solution to support collaborative programming through video conferencing for practical exercises employed in MOOC contexts. Two user surveys showed that albeit users value the possibilities, privacy concerns remain. We therefore propose to additionally use the technology to face another challenge: MOOCs usually are conceptualized and produced to a large extent before the actual course runtime. Reaction on current events within the course is possible but requires insights on students’ problems. Course conductors can use the tutoring mode in our WebIDE to understand struggling students and potentially uncover topics that lack additional background material or need additional training exercises.
15.
Grella, C.T., Staubitz, T., Teusner, R., Meinel, C.: Can MOOCs Support Secondary Education in Computer Science?. In: Auer, M.E., Guralnick, D., and Uhomoibhi, J. (eds.) Interactive Collaborative Learning. pp. 478–493. Springer International Publishing, Cham (2017).
Despite the importance of competencies in computer science for participation in the digital transformation of nearly all sectors, there is still a lack of learning material and technically experienced teachers in German schools. In the paper at hand, we investigate the potential of Massive Open Online Courses (MOOCs) for secondary education. Schools can profit from this learning content and format provided by well-known institutions. However, German schools provide some challenging conditions, which have to be taken into account for a meaningful integration of e-learning elements. Our statistical and qualitative results are based on the representative data of the National Educational Panel Study (NEPS), the learning data of more than 100,000 online learners from over 150 countries, and the outcomes of several workshops with teachers and school administrators.
16.
Boissier, M., Schlosser, R., Podlesny, N., Serth, S., Bornstein, M., Latt, J., Lindemann, J., Selke, J., Uflacker, M.: Data-driven repricing strategies in competitive markets: An interactive simulation platform. Proceedings of the Eleventh ACM Conference on Recommender Systems. pp. 355–357. ACM (2017).
17.
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language identification using deep convolutional recurrent neural networks. International conference on neural information processing. pp. 880–889. Springer (2017).
18.
Yang, H., Fritzsche, M., Bartz, C., Meinel, C.: Bmxnet: An open-source binary neural network implementation based on mxnet. Proceedings of the 25th ACM international conference on Multimedia (2017).
19.
Che, X., Ring, N., Raschkowski, W., Yang, H., Meinel, C.: Traversal-free word vector evaluation in analogy space. Proceedings of the 2nd Workshop on Evaluating Vector Space Representations for NLP. pp. 11–15 (2017).
20.
Rezaei, M., Harmuth, K., Gierke, W., Kellermeier, T., Fischer, M., Yang, H., Meinel, C.: A conditional adversarial network for semantic segmentation of brain tumor. International MICCAI Brainlesion Workshop. pp. 241–252. Springer (2017).
21.
Perlich, A., Meinel, C.: Juggling Doctor and Patient Needs in Mental Health Record Design. Informatics Empowers Healthcare Transformation (2017).
Providing patients access to mental health records is a controversial topic that gains growing attention in research and practice. While it has great potential in increasing the patient engagement, skepticism is prevailing among therapists who fear detrimental effects and face a lack of feasibility when treatment notes are handwritten. We aim at empowering both therapists to new documentation approaches and patients to higher engagement, and develop the collaborative documentation system Tele-Board MED (TBM) as an adjunct to talk-based mental health interventions. We present an evaluation of TBM by comparing four prototypes and testing scenarios, reaching from early simulations to attempts of real-life implementations in clinical routines. This paper delivers a systematic need comparison of therapists as primary users and patients as secondary users, both during and beyond treatment sessions. While patient feedback is thoroughly positive, the therapist needs are only partially addressed; the benefits remain hidden behind the perceived effort.
22.
Meinel, C., Renz, J., Grella, C., Karn, N., Hagedorn, C.: Die Cloud für Schulen in Deutschland. Konzept und Pilotierung der Schul-Cloud. Technische Berichte des Hasso-Plattner-Instituts für Softwaresystemtechnik an der Universität Potsdam. 56 (2017).
Die digitale Entwicklung durchdringt unser Bildungssystem, doch Schulen sind auf die Veränderungen kaum vorbereitet: Überforderte Lehrer/innen, infrastrukturell schwach ausgestattete Unterrichtsräume und unzureichend gewartete Computernetzwerke sind keine Seltenheit. Veraltete Hard- und Software erschweren digitale Bildung in Schulen eher, als dass sie diese ermöglichen: Ein zukunftssicherer Ansatz ist es, die Rechner weitgehend aus den Schulen zu entfernen und Bildungsinhalte in eine Cloud zu überführen. Zeitgemäßer Unterricht benötigt moderne Technologie und eine zukunftsorientierte Infrastruktur. Eine Schul-Cloud (https://hpi.de/schul-cloud) kann dabei helfen, die digitale Transformation in Schulen zu meistern und den fächerübergreifenden Unterricht mit digitalen Inhalten zu bereichern. Den Schüler/innen und Lehrkräften kann sie viele Möglichkeiten eröffnen: einen einfachen Zugang zu neuesten, professionell gewarteten Anwendungen, die Vernetzung verschiedener Lernorte, Erleichterung von Unterrichtsvorbereitung und Differenzierung
23.
Rezaei, M., Yang, H., Meinel, C.: Deep neural network with l2-norm unit for brain lesions detection. International Conference on Neural Information Processing. pp. 798–807. Springer (2017).
24.
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language Identification Using Deep Convolutional Recurrent Neural Networks. International Conference on Neural Information Processing. Springer (2017).
25.
Rohloff, T., Renz, J., Bothe, M., Meinel, C.: Supporting Multi-Device E-Learning Patterns with Second Screen Mobile Applications. Proceedings of the 16th World Conference on Mobile and Contextual Learning (mLearn 2017). pp. 25:1–25:8. Association for Computing Machinery (2017).
Many providers of Massive Open Online Course (MOOC) platforms released mobile applications in the recent years to enable learning offline and on the go, for a more ubiquitous learning experience. However, mainly the MOOC content was optimized for small screens, but mobile devices provide the opportunity to enrich the MOOC experience even further by enabling new forms of learning. Based on a previous learning patterns evaluation and a user survey, this paper presents a second screen prototype for the MOOC platform of the Hasso Plattner Institute, whereby the mobile application can be used as a learning companion while using the web platform on a computer. Four different actions were implemented which can be done next to watching a video lecture. The evaluation showed that the prototype was helpful and made learning more efficient, as reported by users, and also ideas for further improvements were proposed.
26.
Bin Tareaf, R., Berger, P., Hennig, P., Koall, S., Kohstall, J., Meinel, C.: Information Propagation Speed and Patterns in Social Networks: a Case Study Analysis of German Tweets. JCP 2018. pp. 761–770. ACM & Journal of Computer (ISSN: 1796-203X), Jeju Island, South Korea (2017).
In this paper, we present our experiences in analyzing Twitter data. The analysis has shown that information diffuses over time through the Twitter network in certain patterns. Furthermore, it has shown those friend relationships significantly influence the information propagation speed on Twitter. Since it was launched in 2006, the microblogging service grew tremendously. Tweets are sent by users all around the world. Results show that there are two major patterns. While these patterns accommodate us to understand the diffusion of information through Twitter in an even better plan, the analysis of friend networks provides information on who influences the network, concerning the number of re-tweets and the time between a tweet and its re-tweets. The approaches have been evaluated both technically, based on how certain a topic matches one of the patterns and how prominent friends are compared to other users, and conceptually, based on existing, well-known approaches in measuring the speed and scale of information diffusion on Twitter.
27.
Staubitz, T., Meinel, C.: Collaboration and Teamwork on a MOOC Platform: A Toolset. Proceedings of the Fourth (2017) ACM Conference on Learning @ Scale. pp. 165–168. ACM, Cambridge, Massachusetts, USA (2017).
Teamwork is an an important topic in education. It fosters deep learning and allows educators to assign interesting tasks, which would be too complex to be solved by single participants due to the time restrictions defined by the context of a course.Furthermore, today's jobs require an increasing amount of team skills. On the other hand, teamwork comes with a variety of issues of its own. Particularly in large scale settings, such as MOOCs, teamwork is challenging. Courses often end with dysfunctional teams due to drop-outs or insufficient matching. The paper at hand presents a set of three tools that we have recently added to our system to enable teamwork in our courses. This toolset consists of the TeamBuilder, a tool to match successful teams based on a variable set of parameters, CollabSpaces, providing teams with a secluded area to communicate and collaborate within the course context, and a TeamPeerAssessment tool, which allows to provide teams with complex tasks and which allows assessment that sufficiently scales for the MOOC context. The presented tools are evaluated in terms of success rates of the created teams and workload reduction for the courses' teaching teams.
28.
Sianipar, J., Willems, C., Meinel, C.: Team Placement in Crowd-Resourcing Virtual Laboratory for IT Security e-Learning. Proceedings of the 2017 International Conference on Cloud and Big Data Computing, ICCBDC 2017, London, United Kingdom, September 17 - 19, 2017. pp. 60–66 (2017).
29.
Torkura, K.A., Sukmana, M.I., Meinel, C.: Integrating Continuous Security Assessments in Microservices and Cloud Native Applications. Proceedings of the10th International Conference on Utility and Cloud Computing. pp. 171–180. ACM (2017).
Cloud Native Applications (CNA) consists of multiple collaborating microservice instances working together towards common goals. These microservices leverage the underlying cloud infrastructure to enable several properties such as scalability and resiliency. CNA are complex distributed applications, vulnerable to several security issues affecting microservices and traditional cloud-based applications. For example, each microservice instance could be developed with different technologies e.g. programming languages and databases. This diversity of technologies increases the chances for security vulnerabilities in microservices. Moreover, the fast-paced development cycles of CNA increases the probability of insufficient security tests in the development pipelines, and consequent deployment of vulnerable microservices. Furthermore, cloud native environments are ephemeral, microservices are dynamically launched and de-registered, this factor creates a discoverability challenge for traditional security assessment techniques. Hence, security assessments in such environments require new approaches which are specifically adapted and integrated to CNA. In fact, such techniques are to be cloud native i.e. well integrated into the cloud’s fabric. In this paper, we tackle the above-mentioned challenges through the introduction of a novel Security Control concept - the Security Gateway. To support the Security Gateway concept, two other concepts are proposed: dynamic document store and security health endpoints.We have implemented these concepts using cloud native design patterns and integrated them into the CNA workflow. Our experimental evaluations validate the efficiency of our proposals, the time overhead due to the security gateway is minimal and the vulnerability detection rate surpasses that of traditional security assessment approaches. Our proposal can therefore be employed to secure CNA and microservice-based implementations.
30.
Kayem, A., Meinel, C., Wolthusen, S.: A Smart Micro-Grid Architecture for Resource Constrained Environments. Proceedings, 31st International Conference on Advanced Information Networking and Applications (AINA 2017), Taipei, Taiwan. IEEE (2017).
Micro-grids offer a cost-effective approach to providing reliable power supply in isolated and disadvantaged communities. These communities present a special case where access to national power networks is either non-existent or intermittent due to load-shedding to provision urban areas and/or due to high interconnection costs. By necessity, such micro-grids rely on renewable energy sources that are variable and so only partly predictable. Ensuring reliable power provisioning and billing must therefore be supported by demand management and fair-billing policies. Furthermore, since trusted centralized grid management is not always possible, using a distributed model offers a viable solution approach. However, such a distributed system may be subject to subversion attacks aimed at power theft. In this paper, we present a novel and innovative distributed architecture for power distribution and billing on micro-grids. The architecture is designed to operate efficiently over a lossy communication network, which is an advantage for disadvantaged communities. Since lossy networks are undependable, differentiating system failures from adversarial manipulations is important because grid stability is to a large extent dependent on user participation. To this end, we provide a characterization of potential adversarial models to underline how these can be differentiated from failures.
31.
Mayer, L., von Schmieden, K., Taheri, M., Meinel, C.: Supporting Design Thinking Education in Organizations With Digital Learning Units – A Testing Set-Up. Presented at the (2017).
This research note addresses the design and testing set-up of a prototype learning unit (protoLU). We explain the advantages of adapting Massive Open Online Courses (MOOCs) to digital learning units for professional working environments and introduce the use case for vocational design thinking trainings. Consequently, we describe the case of a protoLU created to support a physical, two-phase design thinking workshop. The protoLU aimed at refreshing participant knowledge, fostering skill transfer and to inspire through behavioral modeling. With our research set-up we intend to gather results for iterating the protoLU and learn more about the needs of design thinking learner teams in independent teamwork phases.
32.
Najafi, P., Sapegin, A., Cheng, F., Meinel, C.: Guilt-by-Association: Detecting Malicious Entities via Graph Mining. International Conference on Security and Privacy in Communication Systems. pp. 88–107. Springer (2017).
In this paper, we tackle the problem of detecting malicious domains and IP addresses using graph inference. In this regard, we mine proxy and DNS logs to construct an undirected graph in which vertices represent domain and IP address nodes, and the edges represent relationships describing an association between those nodes. More specifically, we investigate three main relationships: subdomainOf, referredTo, andresolvedTo. We show that by providing minimal ground truth information, it is possible to estimate the marginal probability of a domain or IP node being malicious based on its association with other malicious nodes. This is achieved by adopting belief propagation, i.e., an efficient and popular inference algorithm used in probabilistic graphical models. We have implemented our system in Apache Spark and evaluated using one day of proxy and DNS logs collected from a global enterprise spanning over 2 terabytes of disk space. In this regard, we show that our approach is not only efficient but also capable of achieving high detection rate (96% TPR) with reasonably low false positive rates (8% FPR). Furthermore, it is also capable of fixing errors in the ground truth as well as identifying previously unknown malicious domains and IP addresses. Our proposal can be adopted by enterprises to increase both the quality and the quantity of their threat intelligence and blacklists using only proxy and DNS logs.
33.
Staubitz, T., Teusner, R., Meinel, C.: openHPI’s Coding Tool Family: CodeOcean, CodeHarbor, CodePilot. Automatische Bewertung von Programmieraufgaben (ABP) (2017).
The Hasso Plattner Institute successfully runs a self-developed Massive Open Online Course (MOOC) platform—openHPI—since 2012. MOOCs, even more than classic classroom situations, depend on automated solutions to assess programming exercises. Manual evaluation is not an option due to the massive amount of users that participate in these courses. The paper at hand maps the landscape of tools that are used on openHPI in the context of automated grading of programming exercises. Furthermore, it provides a sneak preview to new features that will be integrated ion the near future. Particularly, we will introduce CodeHarbor, our platform to share auto-gradeable exercises between various online code execution platforms.
34.
Gawron, M., Cheng, F., Meinel, C.: Automatic Vulnerability Classification using Machine Learning. Proceedings of the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS 2017). Springer (2017).
35.
Krentz, K.-F., Meinel, C., Graupner, H.: More Lightweight, yet Stronger 802.15.4 Security through an Intra-Layer Optimization. Proceedings of the 10th International Symposium on Foundations & Practice of Security (FPS 2017). Springer, Nancy, France (2017).
802.15.4 security protects against the replay, injection, and eavesdropping of 802.15.4 frames. A core concept of 802.15.4 security is the use of frame counters for both nonce generation and anti-replay protection. While being functional, frame counters (i) cause an increased energy consumption as they incur a per-frame overhead of 4 bytes and (ii) only provide sequential freshness. The Last Bits (LB) optimization does reduce the per-frame overhead of frame counters, yet at the cost of an increased RAM consumption and occasional energy- and time-consuming resynchronization actions. Alternatively, the timeslotted channel hopping (TSCH) media access control (MAC) protocol of 802.15.4 avoids the drawbacks of frame counters by replacing them with timeslot indices, but findings of Yang et al. question the security of TSCH in general. In this paper, we assume the use of ContikiMAC, which is a popular asynchronous MAC protocol for 802.15.4 networks. Under this assumption, we propose an Intra-Layer Optimization for 802.15.4 Security (ILOS), which intertwines 802.15.4 security and ContikiMAC. In effect, ILOS reduces the security-related per-frame overhead even more than the LB optimization, as well as achieves strong freshness. Furthermore, unlike the LB optimization, ILOS neither incurs an increased RAM consumption nor requires resynchronization actions. Beyond that, ILOS integrates with and advances other security supplements to ContikiMAC. We implemented ILOS using OpenMotes and the Contiki operating system.
36.
Renz, J., Rohloff, T., Meinel, C.: Automatisierte Qualitätssicherung in MOOCs durch Learning Analytics. In: Ullrich, C. and Wessner, M. (eds.) Joint Proceedings of the Pre-Conference Workshops of DeLFI and GMW 2017. CEUR-WS.org (2017).
Dieser Beitrag beschreibt wie mithilfe von Learning Analytics Daten eine automatisierte Qualitätssicherung in MOOCs durchgeführt werden kann. Die Ergebnisse sind auch für andere skalierende E-Learning Systeme anwendbar. Hierfür wird zunächst beschrieben, wie in den untersuchten Systemen (die als verteilte Dienste in einer Microservice-Architektur implementiert sind) Learning Analytics Werkzeuge umgesetzt sind. Darauf aufbauend werden Konzept und Implementierung einer automatisierten Qualitätssicherung beschrieben. In einer ersten Evaluation wird die Nutzung der Funktion auf einer Instanz der am HPI entwickelten MOOC-Plattform untersucht. Anschließend wird ein Ausblick auf Erweiterungen und zukünftige Forschungsfragen gegeben.
37.
Bartz, C., Herold, T., Yang, H., Meinel, C.: Language Identification Using Deep Convolutional Recurrent Neural Networks. In: Liu, D., Xie, S., Li, Y., Zhao, D., and El-Alfy, E.-S.M. (eds.) Neural Information Processing. pp. 880–889. Springer International Publishing, Guangzhou, China (2017).
Language Identification (LID) systems are used to classify the spoken language from a given audio sample and are typically the first step for many spoken language processing tasks, such as Automatic Speech Recognition (ASR) systems. Without automatic language detection, speech utterances cannot be parsed correctly and grammar rules cannot be applied, causing subsequent speech recognition steps to fail. We propose a LID system that solves the problem in the image domain, rather than the audio domain. We use a hybrid Convolutional Recurrent Neural Network (CRNN) that operates on spectrogram images of the provided audio snippets. In extensive experiments we show, that our model is applicable to a range of noisy scenarios and can easily be extended to previously unknown languages, while maintaining its classification accuracy. We release our code and a large scale training set for LID systems to the community.
38.
Staubitz, T., Teusner, R., Meinel, C.: Towards a Repository for Open Auto-Gradable Programming Exercises. 2017 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE) (2017).
Auto-gradable hands-on programming exercises are a key element for scalable programming courses. A variety of auto-graders already exist, however, creating suitable high- quality exercises in a sufficient amount is a very time-consuming and tedious task. One way to approach this problem is to enable sharing auto-gradable exercises between several interested parties. School-teachers, MOOC1 instructors, workshop providers, and university level teachers need programming exercises to provide their students with hands-on experience. Auto-gradability of these exercises is an important requirement. The paper at hand introduces a tool that enables the sharing of such exercises and addresses the various needs and requirements of the different stakeholders.
39.
Torkura, K.A., Sukmana, M.I., Cheng, F., Meinel, C.: Leveraging Cloud Native Design Patterns for Security-as-a-Service Applications. Proceedings of the 2nd IEEE International Conference on Smart Cloud (SmartCloud). IEEE (2017).
This paper discusses a new approach for designing and deploying Security-as-a-Service (SecaaS) applications using cloud native design patterns. Current SecaaS approaches do not efficiently handle the increasing threats to computer systems and applications. For example, requests for security assessments drastically increase after a high-risk security vulnerability is disclosed. In such scenarios, SecaaS applications are unable to dynamically scale to serve requests. A root cause of this challenge is employment of architectures not specifically fitted to cloud environments. Cloud native design patterns resolve this challenge by enabling certain properties e.g. massive scalability and resiliency via the combination of microservice patterns and cloud-focused design patterns. However adopting these patterns is a complex process, during which several security issues are introduced. In this work, we investigate these security issues, we redesign and deploy a monolithic SecaaS application using cloud native design patterns while considering appropriate, layered security counter-measures i.e. at the application and cloud networking layer. Our prototype implementation out-performs traditional, monolithic applications with an average Scanner Time of 6 minutes, without compromising security. Our approach can be employed for designing secure, scalable and performant SecaaS applications that effectively handle unexpected increase in security assessment requests.
40.
Serth, S., Podlesny, N., Bornstein, M., Lindemann, J., Latt, J., Selke, J., Schlosser, R., Boissier, M., Uflacker, M.: An Interactive Platform to Simulate Dynamic Pricing Competition on Online Marketplaces. 21st IEEE International Enterprise Distributed Object Computing Conference, EDOC 2017, Quebec City, QC, Canada, October 10-13, 2017. pp. 61–66. IEEE (2017).
E-commerce marketplaces are highly dynamic with constant competition. While this competition is challenging for many merchants, it also provides plenty of opportunities, e.g., by allowing them to automatically adjust prices in order to react to changing market situations. For practitioners however, testing automated pricing strategies is time-consuming and potentially hazardously when done in production. Researchers, on the other side, struggle to study how pricing strategies interact under heavy competition. As a consequence, we built an open continuous time framework to simulate dynamic pricing competition called Price Wars. The microservice-based architecture provides a scalable platform for large competitions with dozens of merchants and a large random stream of consumers. Our platform stores each event in a distributed log. This allows to provide different performance measures enabling users to compare profit and revenue of various repricing strategies in real-time. For researchers, price trajectories are shown which ease evaluating mutual price reactions of competing strategies. Furthermore, merchants can access historical marketplace data and apply machine learning. By providing a set of customizable, artificial merchants, users can easily simulate both simple rule-based strategies as well as sophisticated data-driven strategies using demand learning to optimize their pricing strategies.
41.
Boissier, M., Schlosser, R., Podlesny, N., Serth, S., Bornstein, M., Latt, J., Lindemann, J., Selke, J., Uflacker, M.: Data-Driven Repricing Strategies in Competitive Markets: An Interactive Simulation Platform. Proceedings of the Eleventh ACM Conference on Recommender Systems (RecSys ’17). pp. 355–357. ACM, New York, NY, USA (2017).
Modern e-commerce platforms pose both opportunities as well as hurdles for merchants. While merchants can observe markets at any point in time and automatically reprice their products, they also have to compete simultaneously with dozens of competitors. Currently, retailers lack the possibility to test, develop, and evaluate their algorithms appropriately before releasing them into the real world. At the same time, it is challenging for researchers to investigate how pricing strategies interact with each other under heavy competition. To study dynamic pricing competition on online marketplaces, we built an open simulation platform. To be both flexible and scalable, the platform has a microservice-based architecture and handles large numbers of competing merchants and arriving consumers. It allows merchants to deploy the full width of pricing strategies, from simple rule-based strategies to more sophisticated data-driven strategies using machine learning. Our platform enables analyses of how a strategy’s performance is affected by customer behavior, price adjustment frequencies, the competitors’ strategies, and the exit/entry of competitors. Moreover, our platform allows to study the long-term behavior of self-adapting strategies.
42.
Kayem, A., Meinel, C.: Clustering Heuristics for Efficient t-closeness Anonymisation. In: Benslimane, D., Damiani, E., Grosky, W.I., Hameurlain, A., Sheth, A.P., and Wagner, R.R. (eds.) Proceedings of the 28th International Conference on Database and Expert Systems Applications. pp. 27–34. Springer (2017).
Anonymisation based on \(t\)-closeness is a privacy-preserving method of publishing micro-data that is safe from skewness, and similarity attacks. The \(t\)-closeness privacy requirement for publishing microdata requires that the distance between the distribution of a sensitive attribute in an equivalence class, and the distribution of sensitive attributes in the whole micro-data set, be no greater than a threshold value of \(t\). An equivalence class is a set records that are similar with respect to certain identifying attributes (quasi-identifiers), and a micro- data set is said to be \(t\)-close when all such equivalence classes satisfy \(t\)-closeness. However, the \(t\)-closeness anonymisation problem is NP-Hard. As a performance efficient alternative, we propose a \(t\)-clustering algorithm with an average time complexity of \(O(m^2 log n)\) where \(n\) and \(m\) are the number of tuples and attributes, respectively. We address privacy disclosures by using heuristics based on noise additions to distort the anonymised datasets, while minimising information loss. Our experiments indicate that our proposed algorithm is time efficient and practically scalable.
43.
Shaabani, N., Meinel, C.: Incremental Discovery of Inclusion Dependencies. Proceedings of the 29th International Conference on Scientific and Statistical Database Management (SSDBM’17). pp. 2:1–2:12. ACM (2017).
Inclusion dependencies form one of the most fundamental classes of integrity constraints. Their importance in classical data management is reinforced by modern applications such as data profiling, data cleaning, entity resolution and schema matching. Their discovery in an unknown dataset is at the core of any data analysis effort. Therefore, several research approaches have focused on their efficient discovery in a given, static dataset. However, none of these approaches are appropriate for applications on dynamic datasets, such as transactional datasets, scientific applications, and social network. In these cases, discovery techniques should be able to efficiently update the inclusion dependencies after an update in the dataset, without reprocessing the entire dataset. We present the first approach for incrementally updating the unary inclusion dependencies. In particular, our approach is based on the concept of attribute clustering from which the unary inclusion dependencies are efficiently derivable. We incrementally update the clusters after each update of the dataset. Updating the clusters does not need to access the dataset because of special data structures designed to efficiently support the updating process. We perform an exhaustive analysis of our approach by applying it to large datasets with several hundred attributes and more than 116,200,000 million tuples. The results show that the incremental discovery significantly reduces the runtime needed by the static discovery. This reduction in the runtime is up to 99.9996 % for both the insert and the delete.
44.
Serth, S., Haarmann, S., Faber, L.: Serving Live Multimedia for the Linked Open Data Cloud. In: Eibl, M. and Gaedke, M. (eds.) GI-Edition-Lecture Notes in Informatics 275: Informatik 2017, 47. Jahrestagung der Gesellschaft für Informatik e.V. (GI). pp. 2487–2498. Gesellschaft für Informatik e.V. (GI), Bonn, Germany (2017).
DBpedia is a community-driven project to extract semantic data fromWikipedia articles. It publishes the results as RDF data in the Linked Open Data Cloud.With DBpedia Live, the community enabled live updates of linked data using the OAI-PMH protocol to receive and process changes on Wikipedia. The MediaWiki foundation discontinued their support for OAI-PMH in March 2016 causing DBpedia Live to no longer receive live updates. In this work, we use RCStream, the new MediaWiki protocol to notify other systems of changes, to re-enable live updates in DBpedia Live. Currently, users need to consume two DBpedia resources to access general information and multimedia files about one entity. On the one hand DBpedia holds the structured information. On the other DBpedia Commons holds most multimedia information. We improve the integration of multimedia data into DBpedia by introducing a new extractor to the DBpedia Extraction Framework that extracts most multimedia data from a Wikipedia page. Additionally, we present two further extractors that link pages in DBpedia with pages in DBpedia Commons and vice versa. All our changes are available in the DBpedia Extraction Framework and in use, e.g. for DBpedia Live.
45.
Rezaei, M., Yang, H., Meinel, C.: Deep Learning for Medical Image Analysis. arXiv preprint arXiv:1708.08987. 10 (2017).