Refine
Year of publication
Document Type
- Master's Thesis (200) (remove)
Has Fulltext
- yes (200)
Is part of the Bibliography
- no (200)
Keywords
- IT-Sicherheit (8)
- E-Learning (7)
- Deep learning (6)
- Maschinelles Lernen (6)
- Internet der Dinge (5)
- Künstliche Intelligenz (5)
- Marketing (5)
- Computersicherheit (4)
- Internet of Things (4)
- JavaScript (4)
Institute
- Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021) (57)
- Fakultät Medien (M) (ab 22.04.2021) (51)
- Fakultät Maschinenbau und Verfahrenstechnik (M+V) (37)
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (33)
- Fakultät Wirtschaft (W) (15)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (13)
- INES - Institut für nachhaltige Energiesysteme (4)
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (4)
- IDEeP - Institute for Digital Engineering and Production (ab 12.10.2022) (1)
- IUAS - Institute for Unmanned Aerial Systems (1)
Open Access
- Closed Access (101)
- Closed (68)
- Open Access (31)
- Diamond (5)
Organizations striving to achieve success in the long term must have a positive brand image which will have direct implications on the business. In the face of the rising cyber threats and intense competition, maintaining a threat-free domain is an important aspect of preserving that image in today's internet world. Domain names are often near-synonyms for brand names for numerous companies. There are likely thousands of domains that try to impersonate the big companies in a bid to trap unsuspecting users, usually falling prey to attacks such as phishing or watering hole. Because domain names are important for organizations for running their business online, they are also particularly vulnerable to misuse by malicious actors. So, how can you ensure that your domain name is protected while still protecting your brand identity? Brand Monitoring, for example, may assist. The term "Brand Monitoring" applies only to keep tabs on an organization's brand performance, reception, and overall online presence through various online channels and platforms [1]. There has been a rise in the need of maintaining one's domain clear of any linkages to malicious activities as the threat environment has expanded. Since attackers are targeting domain names of organizations and luring unsuspecting users to visit malicious websites, domain monitoring becomes an important aspect. Another important aspect of brand abuse is how attackers leverage brand logos in creating fake and phishing web pages. In this Master Thesis, we try to solve the problem of classification of impersonated domains using rule-based and machine learning algorithms and automation of domain monitoring. We first use a rule-based classifier and Machine Learning algorithms to classify the domains gathered into two buckets – "Parked" and "Non-Parked". In the project's second phase, we will deploy object detection models (Scale Invariant Feature Transform - SIFT and Multi-Template Matching – MTM) to detect brand logos from the domains of interest.
Even though the internet has only been there for a short period, it has grown tremendously. To- day, a significant portion of commerce is conducted entirely online because of increased inter- net users and technological advancements in web construction. Additionally, cyberattacks and threats have expanded significantly, leading to financial losses, privacy breaches, identity theft, a decrease in customers’ confidence in online banking and e-commerce, and a decrease in brand reputation and trust. When an attacker pretends to be a genuine and trustworthy institution, they can steal private and confidential information from a victim. Aside from that, phishing has been an ongoing issue for a long time. Billions of dollars have been shed on the global economy. In recent years, there has been significant progress in the development of phishing detection and identification systems to protect against phishing attacks. Phishing detection technologies frequently produce binary results, i.e., whether a phishing attempt was made or not, with no explanation. On the other hand, phishing identification methodologies identify phishing web- pages by visually comparing webpages with predetermined authentic references and reporting phishing together with its target brand, resulting in findings that are understandable. However, technical difficulties in the field of visual analysis limit the applicability of currently available solutions, preventing them from being both effective (with high accuracy) and efficient (with little runtime overhead). Here, we evaluate existed framework called Phishpedia. This hybrid deep learning system can recognize identity logos from webpage screenshots and match logo variants of the same brand with high precision. Phishpedia provides high accuracy with low run- time. Lastly, unlike other methods, Phishpedia does not require training on any phishing sam- ples whatsoever. Phishpedia exceeds baseline identification techniques (EMD, PhishZoo, and LogoSENSE), inaccurately detecting phishing pages in lengthy testing using accurate phishing data. The effectiveness of Phishpedia was tested and compared against other standard machine learning algorithms and some state-of-the-art algorithms. The given solutions performed better than different algorithms in the given dataset, which is impressive.
Technology advancement has played a vital role in business development; however, it has opened a broad attack surface. Passwords are one of the essential concepts used in applications for authentication. Companies manage many corporate applications, so the employees must meet the password criteria, which leads to password fatigue. This thesis addressed this issue and how we can overcome this problem by theoretically implementing an IAM solution. In this, we disused MFA, SSO, biometrics, strong password policies and access control. We introduced the IAM framework that should be considered while implementing the IAM solution. Implementing an IAM solution adds an extra layer of security.
Das Thema dieser Masterthesis lautet „Camera Stream Solution – Marktübersicht, Lösungsansätze, Prototyp“. Mit dieser Arbeit wird eine Videostreaming-Lösung für die Herrenknecht-Plattform CONNECTED realisiert. Dabei geht es um die Bildschirmaufnahme von Navigations- und Steuerungsbildschirmen auf Tunnelbohrmaschinen und die Übertragung dieser Aufnahmen in die Cloud. Letztlich wird ermöglicht die Aufnahmen in nahezu Echtzeit als Videostream in einem Videoplayer wiederzugeben.
Zu Beginn werden die Grundlagen zur Datenübertragung im Internet sowie zum Streaming erläutert. Im Anschluss wird eine Marktübersicht verschiedener Streaming-Komponenten gegeben sowie einige Lösungsansätze vorgestellt und anhand ausgewählter Kriterien verglichen. Im nächsten Schritt wird die Implementierung eines Prototyps behandelt. Dieser nutzt unter anderem ffmpeg für die Bildschirmaufnahme und die Kodierung sowie die Streaming-Protokolle RTMP (Real Time Messaging Protocol) und HLS (HTTP Live Streaming). Zur Realisierung der Architektur gehört auch die Entwicklung einer REST-API und eines REST-Clients in C#.
Mit dem Projekt wird eine „echte“ Streaming-Lösung für die Kundenplattform CONNECTED entwickelt, die einen Videostream mit 24 Bildern pro Sekunde bietet, um die bisherige Darstellung von Screenshots auf der Plattform zu ersetzen.
Diese Arbeit beschäftigt sich mit der simulativen Untersuchung von Strömung und Wärmeübergang im Kontext von Vorkammerzündsystemen. Dies geschieht im Rahmen der Entwicklung eines Gasmotors mit gasgespülter Vorkammer. Entscheidene Größen für die Strömung und Arbeitsweise in einer Vorkammerzündkerze sind die Geometrie und Anordnung der Überströmbohrungen, das Vorkammervolumen und die Form der Vorkammer. Die Betrachtung wird dafür aufgeteilt in die Themen Spaltströmungen, Wärmeübergang und drallbehaftete Strömungen. Diese werden zunächst isoliert betrachtet und letztendlich in einem Anwendungsfall zusammengeführt. Für die Betrachtung von Spaltströmungen werden unterschiedliche Platten mit Bohrlöchern zu verschiedenen Drücken, Durchmessern und Plattenstärken durchströmt und der Wärmeübergang und der Drall werden mithilfe einer durch Leitbleche gelenkte Strömung in einem beheizten Rohr untersucht. Die Zusammenführung der Themen wird anhand einer Anströmvorrichtung für Brenngase auf Motorzylinder durchgeführt. Dabei erreichen die Gase hohe Temperaturen und aufgrund von hohen Drücken und Spaltströmungen große Geschwindigkeiten.
Für die Simulation werden die Programme Ansys Fluent und Ansys Forte verwendet. Während ersteres primär für die Simulation von Strömungen verwendet wird, ist Forte speziell aufgebaut, um in Verbrennungsmotoren neben der Berechnung der Strömung auch die Einspritzung von Kraftstoff, die Verbrennung dessen und die resultierenden Schadstoffe zu berechnen. Da die Ergebnisse aus Forte eine große Gewichtung in der Beurteilung der Entwicklungsarbeit des Gasmotors hat, muss Forte selbst validiert werden. Dies wird durchgeführt anhand der angesprochenen Teilthemen und verglichen mit Messungen aus der Literatur und Simulationsergebnissen in Fluent.
Server Side Rendering (SSR), Single Page Application (SPA), and Static Site Generation (SSG) are the three most popular ways of making modern Web applications today. If we go deep into these processes, this can be helpful for the developers and clients. Developers benefit since they do not need to learn other programming languages and can instead utilize their own experience to build different kinds of Web applications; for example, a developer can use only JavaScript in the three approaches. On the other hand, clients can give their users a better experience.
This Master Thesis’s purpose was to compare these processes with a demo application for each and give users a solid understanding of which process they should follow. We discussed the step-by-step process of making three applications in the above mentioned categories. Then we compared those based on criteria such as performance, security, Search Engine Optimization, developer preference, learning curve, content and purpose of the Web, user interface, and user experience. It also talked about the technologies such as JavaScript, React, Node.js, and Next.js, and why and where to use them. The goals we specified before the program creation were fulfilled and can be validated by comparing the solutions we gave for user problems, which was the application’s primary purpose.
The rapid pace of innovation and technological advancements has led to the emergence of start-up companies in various sectors. To remain competitive and sustainable, start-ups need to make informed business decisions that can enhance their operations and profitability. Business Intelligence (BI) has become an essential tool for businesses of all sizes in managing their operations and gaining a competitive edge.
This master thesis explores the role of Business Intelligence in start-up companies. The study aims to investigate the use of BI in start-up companies, the drivers and the inhibitors for its adoption and their relationship with price. The research conducted for this thesis involves a review of relevant literature on Business Intelligence, start-up companies, and related topics. The study also includes structured survey with entrepreneurs, start-up company executives, and BI experts to gain data for a quantitative analysis of the topic.
The thesis aims to contribute to the existing body of knowledge on Business Intelligence and its role in start-up companies. The research conducted for this thesis can be of value to start-up entrepreneurs, investors, and other stakeholders who seek to improve their understanding of the benefits and challenges of implementing BI in start-up companies.
Encryption techniques allow storing and transferring of sensitive information securely by using encryption at rest and encryption in transit, respectively. However, when computation is performed on these sensitive data, the data needs to be decrypted first and encrypted again after performing the computations. During the computations, the sensitive data becomes vulnerable to attackers as it's in decrypted form. Homomorphic encryption, a special type of encryption technique that allows computation on encrypted data can be used to solve the above-mentioned problem. The best way to achieve maximum security with homomorphic encryption is to perform at least the homomorphic encryption and decryption on the client side (browser) of a web application by not trusting the server. At present time there are many libraries with different homomorphic schemes available for homomorphic encryption. However, there are very few to no JavaScript libraries available to perform homomorphic encryption on the client side of any web application. This thesis mainly focuses on the JavaScript implementation of client-side homomorphic encryption. The fully homomorphic encryption scheme BFV is selected for the implementation. After implementing the fully homomorphic encryption scheme based on the “py-fhe” library, tests are also carried out in order to determine the applicability (in terms of time consumption, security and correctness) of this implementation in a web application by comparing the performance and security for different test cases and different settings.
The effects of climate change, including severe storms, heat waves, and melting glaciers, are highlighted as an urgent concern, emphasising the need to decrease carbon emissions to restrict global warming to 1.5°C. To accomplish this goal, it is vital to substitute fossil fuel-based power plants with renewable energy sources like solar, wind, hydro, and biofuels. Despite some progress being made, the proportion of renewables used in generating electricity is still lower than the levels needed for 2030 and 2050. Decarbonising the power grid is also critical in lowering the energy consumption of buildings, which is responsible for a substantial percentage of worldwide electricity usage. Even though there has been substantial expansion in the worldwide renewable energy market in the past 15 years, the transition to renewable energy sources also requires taking into account the importance of energy trading.
Peer-to-peer (P2P) electricity trading is an emerging type of energy exchange that can revolutionise the energy sector by providing a more decentralised and efficient way of trading energy. This research deals about P2P electricity trading in a carbon-neutral scenario. 'Python for Power System Analysis' (PyPSA) was used to develop models through which the P2P effect was tested. Data for the entire state of Baden-Württemberg (BW) was collected. Three scenarios were taken into consideration while developing models: 2019 (base), 2030 (coal phase-out), and 2040(climate neutral). Alongside this, another model with no P2P trading was developed to make a comparison. In addition, the use case of community storage in a P2P trading network is also presented.
The research concludes that P2P has a significant positive effect on a pathway to achieve climate neutrality. The findings show that the share of renewables in electricity generation is increasing compared to conventional sources in BW, which can be traded to meet the demand. From the storage analysis, it can be concluded that community storage can be effectively utilised in P2P trading. While the emissions are reduced, the operating costs are also reduced when the grid has P2P trading available. By highlighting the benefits of P2P trading, this research contributed to the growing body of research on the effectiveness of P2P trading in an electricity network grid.
Risk-based Cybermaturity Assessment Model - Protecting the company against ransomware attacks
(2023)
Ransomware has become one of the most catastrophic attacks in the previous decade, hurting businesses of all sorts worldwide. So, no organization is safe, and most companies are reviewing their ransomware defensive solutions to avoid business and operational hazards. IT departments are using cybersecurity maturity assessment frameworks like CMMC, C2M2, CMMI, NIST, CIS, CPP, and others to analyze organization security capabilities. In addition to maturity assessment models for the process layer and human pillar, there are much research on the analysis, identification, and defense of cyber threats in product/software layers that propose state-of-the-art approaches.
This motivates a comprehensive ransomware cyber security solution. Then, a crucial question arises: “How companies can measure the security maturity of controls in a specific danger for example for Ransomware attack?” Several studies and frameworks addressed this subject.
Complexity of understanding the ransomware attack, Lack of comprehensive ransomware defense solutions and Lack of cybermaturity assessment model for ransomware defense solutions are different aspects of problem statement in this study. By considering the most important limitations to developing a ransomware defense cybermaturity assessment method, this study developed a cybermaturity assessment methodology and implemented a Toolkit to conduct cyber security self-assessment specifically for ransomware attack to provide a clearer vision for enterprises to analyze the security maturity of controls regardless of industry or size.