Refine
Document Type
- Master's Thesis (55) (remove)
Has Fulltext
- yes (55)
Is part of the Bibliography
- no (55) (remove)
Keywords
- IT-Sicherheit (6)
- Maschinelles Lernen (4)
- Computersicherheit (3)
- Deep learning (3)
- E-Learning (3)
- Künstliche Intelligenz (3)
- Automatisierung (2)
- Change Management (2)
- Digitalisierung (2)
- E-Commerce (2)
- Electronic Commerce (2)
- Homomorphic Encryption (2)
- Identitätsverwaltung (2)
- Internet der Dinge (2)
- JavaScript (2)
- Machine Learning (2)
- Marketing (2)
- Risikoanalyse (2)
- Risk Analysis (2)
- Social Media (2)
- security (2)
- 5G (1)
- AI (1)
- ARTE (1)
- ARTE GEIE (1)
- Access Management (1)
- Adversarial Attacks (1)
- Algorithmus (1)
- Amazon Echo (1)
- Angriff (1)
- Archiv (1)
- Archivierung (1)
- Artificial Intelligence (1)
- Ausstellung (1)
- Automatisiertes Fahren (1)
- Autonomes Fahrzeug (1)
- Autonomie (1)
- B2C (1)
- Benutzeroberfläche (1)
- Berichterstattung (1)
- Black Forest Formula (1)
- Blockchain (1)
- Bot Classification (1)
- Business-to-Consumer (1)
- CO2-Bilanz (1)
- Carbon Footprint (1)
- ChatGPT (1)
- Chiffrierung (1)
- Client-side (1)
- Cloud Computing (1)
- Content Management (1)
- Content Marketing (1)
- Corporate Social Responsibility (1)
- Customer Centricity (1)
- Cyber Maturity Assessment Model (1)
- CyberDeception (1)
- Cybersecurity (1)
- DAM (1)
- Datenverarbeitung (1)
- Decarbonization (1)
- Didaktik (1)
- Digital Asset Management (1)
- Digital Leadership (1)
- Digitale Medien (1)
- Digitale Teamführung (1)
- Eingruppierung (1)
- Eltern (1)
- Empfehlungssystem (1)
- Empfehlungssysteme (1)
- Energiemanagement (1)
- Energy management (1)
- Express.js (1)
- Fahrassistenzsysteme (1)
- Fahrerablenkung (1)
- Fotografie (1)
- Gebäudeleittechnik (1)
- Generationen (1)
- Gesundheitskommunikation (1)
- Glasfaser (1)
- Godot (1)
- Green House effect (1)
- Green Production (1)
- HTTP Live Streaming (1)
- Homomorphe Kryptosysteme (1)
- Homomorphe Verschlüsselung (1)
- Homomorphic Encryption Schemes (1)
- Human Firewewall (1)
- Humorvolle Kommunikation (1)
- Hybrid approach (1)
- ISMS (1)
- Identity Management (1)
- Incentivization (1)
- Influencer Marketing (1)
- Information Security (1)
- Informationsbeschaffung (1)
- Informationssicherheit (1)
- Infotainment (1)
- Inhaltsanalyse (1)
- Instagram (1)
- Interessentengewinnung (1)
- Internet of Things (1)
- Intrexx (1)
- IoT (1)
- Java (1)
- Javascript (1)
- Klassifikation (1)
- Kommunikation (1)
- Kommunikationskonzept (1)
- Kommunikationsstrategie (1)
- Konfigurationen (1)
- Kryptologie (1)
- LINUX (1)
- Leadgenerierung (1)
- Learning Experience Plattform (1)
- Lebensgeschichte (1)
- Leistungsbedarf (1)
- Lernvideos (1)
- Lichtsetzung (1)
- Livestreaming (1)
- Low Carbon network (1)
- Machine Firewall (1)
- MarTech (1)
- Markenimage (1)
- Markenkommunikation (1)
- Marketing Automation (1)
- Maturity Model (1)
- Mediennutzung (1)
- Medienwissenschaft (1)
- Mikrofon (1)
- Mitarbeitendenbeteiligung (1)
- Mobilfunk (1)
- Nachhaltigkeit (1)
- Navigation (1)
- Node.js (1)
- Node.js security (1)
- Nudge (1)
- Nudging (1)
- OSINT (1)
- Open Source (1)
- Open Source Intelligence (1)
- Operante Konditionierung (1)
- Optical Fiber Network (1)
- Optical Network (1)
- Organisationsentwicklung (1)
- PQC (1)
- Penetration Testing (1)
- Penetrationstest (1)
- Phising detection (1)
- Platformer (1)
- Positionsschätzung (1)
- Post-Quanten Kryptographie (1)
- Power Consumption (1)
- Preissteigerung (1)
- Privacy and Security (1)
- Public-Key-Verschlüsselung (1)
- Purpose (1)
- Quantencomputer (1)
- RTMP (1)
- Ransomware (1)
- Redakteur (1)
- Regression (1)
- Reinforcement Learning (1)
- Rest-API (1)
- SEO (1)
- SOC (1)
- Schlagfertige Kommunikation (1)
- Schreiben (1)
- Security (1)
- Security Operation Center (1)
- Security Operation Centers (1)
- Security Operations Center (1)
- Sicherheit (1)
- Smart Home (1)
- Social Media Marketing (1)
- Social-Media-Marketing (1)
- Software (1)
- Softwareeinführung (1)
- Sound (1)
- Stand Alone (1)
- Static Code Analysis (1)
- Streaming (1)
- Suchmaschinenoptimierung (1)
- Supervised Learning (1)
- Surveillance (1)
- Sustainability (1)
- Synthetischer Datensatz (1)
- Teambildung (1)
- Teamentwicklung (1)
- Terminal (1)
- Text (1)
- Threat Modeling (1)
- Tor (1)
- Twitch.tv (1)
- Unsupervised Learning (1)
- Unternehmen (1)
- Unternehmenskommunikation (1)
- Unüberwachtes Lernen (1)
- Verhaltensökonomie (1)
- Verschlüsselung (1)
- Videospiel (1)
- Videostreaming (1)
- Virtuelle Teamentwicklung (1)
- Virtuelle Teams (1)
- Volkshochschule (1)
- Vulnerabilities (1)
- Vulnerability Management (1)
- Vulnerability Tracking (1)
- Vulnerability identification (1)
- WEITER.mit.BILDUNG@BW (1)
- Wars (1)
- Wassermangel (1)
- Web development (1)
- Web-Applications (1)
- Web-Seite (1)
- Webentwicklung (1)
- Werbung (1)
- Zugriffskontrolle (1)
- Zugriffsverwaltung (1)
- access management (1)
- android-security (1)
- audio (1)
- classification (1)
- confidentiality (1)
- cyber attack (1)
- fingerprinting (1)
- identity management (1)
- machine learning (1)
- microphone (1)
- mitigations (1)
- optimization (1)
- permissions (1)
- privacy (1)
- sound (1)
- web application security (1)
- Überwachtes Lernen (1)
Institute
- Fakultät Medien (M) (ab 22.04.2021) (55) (remove)
Open Access
- Closed (35)
- Closed Access (17)
- Open Access (3)
- Diamond (2)
Linux and Linux-based operating systems have been gaining more popularity among the general users and among developers. Many big enterprises and large companies are using Linux for servers that host their websites, some even require their developers to have knowledge about Linux OS. Even in embedded systems one can find many Linux-based OS that run them. With its increasing popularity, one can deduce the need to secure such a system that many personnel rely on, be it to protect the data that it stores or to protect the integrity of the system itself, or even to protect the availability of the services it offers. Many researchers and Linux enthusiasts have been coming up with various ways to secure Linux OS, however new vulnerabilities and new bugs are always found, by malicious attackers, with every update or change, which calls for the need of more ways to secure these systems.
This Thesis explores the possibility and feasibility of another way to secure Linux OS, specifically securing the terminal of such OS, by altering the commands of the terminal, getting in the way of attackers that have gained terminal access and delaying, giving more time for the response teams and for forensics to stop the attack, minimize the damage, restore operations, and to identify collect and store evidence of the cyber-attack. This research will discuss the advantages and disadvantages of various security measures and compare and contrast with the method suggested in this research.
This research is significant because it paints a better picture of what the state of the art of Linux and Linux-based operating systems security looks like, and it addresses the concerns of security enthusiasts, while exploring new uncharted area of security that have been looked at as a not so significant part of protecting the OSes out of concern of the various limitations and problems it entails. This research will address these concerns while exploring few ways to solve them, as well as addressing the ideal areas and situations in which the proposed method can be used, and when would such method be more of a burden than help if used.
On a regular basis, we hear of well-known online services that have been abused or compromised as a result of data theft. Because insecure applications jeopardize users' privacy as well as the reputation of corporations and organizations, they must be effectively secured from the outset of the development process. The limited expertise and experience of involved parties, such as web developers, is frequently cited as a cause of risky programs. Consequently, they rarely have a full picture of the security-related decisions that must be made, nor do they understand how these decisions affect implementation accurately.
The selection of tools and procedures that can best assist a certain situation in order to protect an application against vulnerabilities is a critical decision. Regardless of the level of security that results from adhering to security standards, these factors inadvertently result in web applications that are insufficiently secured. JavaScript is a language that is heavily relied on as a mainstream programming language for web applications with several new JavaScript frameworks being released every year.
JavaScript is used on both the server-side in web applications development and the client-side in web browsers as well.
However, JavaScript web programming is based on a programming style in which the application developer can, and frequently must, automatically integrate various bits of code from third parties. This potent combination has resulted in a situation today where security issues are frequently exploited. These vulnerabilities can compromise an entire server if left unchecked. Even though there are numerous ad hoc security solutions for web browsers, client-side attacks are also popular. The issue is significantly worse on the server side because the security technologies available for server-side JavaScript application frameworks are nearly non-existent.
Consequently, this thesis focuses on the server-side aspect of JavaScript; the development and evaluation of robust server-side security technologies for JavaScript web applications. There is a clear need for robust security technologies and security best practices in server-side JavaScript that allow fine-grained security.
However, more than ever, there is this requirement of reducing the associated risks without hindering the web application in its functionality.
This is the problem that will be tackled in this thesis: the development of secure security practices and robust security technologies for JavaScript web applications, specifically, on the server-side, that offer adequate security guarantees without putting too many constraints on their functionality.
Though the basic concept of a ledger that anyone can view and verify has been around for quite some time, today’s blockchains bring much more to the table including a way to incentivize users. The coins given to the miner or validator were the first source of such incentive to make sure they fulfilled their duties. This thesis draws inspiration from other peer efforts and uses this same incentive to achieve certain goals. Primarily one where users are incentivised to discuss their opinions and find scientific or logical backing for their standpoint. While traditional chains form a consensus on a version of financial "truth", the same can be applied to ideological truths too. To achieve this, creating a modified or scaled proof of stake consensus mechanism is explored in this work. This new consensus mechanism is a Reputation Scaled - Proof of Stake. This reputation can be built over time by voting for the winning side consistently or by sticking to one’s beliefs strongly. The thesis hopes to bridge the gap in current consensus algorithms and incentivize critical reasoning.
The progress in machine learning has led to advanced deep neural networks. These networks are widely used in computer vision tasks and safety-critical applications. The automotive industry, in particular, has experienced a significant transformation with the integration of deep learning techniques and neural networks. This integration contributes to the realization of autonomous driving systems. Object detection is a crucial element in autonomous driving. It contributes to vehicular safety and operational efficiency. This technology allows vehicles to perceive and identify their surroundings. It detects objects like pedestrians, vehicles, road signs, and obstacles. Object detection has evolved from being a conceptual necessity to an integral part of advanced driver assistance systems (ADAS) and the foundation of autonomous driving technologies. These advancements enable vehicles to make real-time decisions based on their understanding of the environment, improving safety and driving experiences. However, the increasing reliance on deep neural networks for object detection and autonomous driving has brought attention to potential vulnerabilities within these systems. Recent research has highlighted the susceptibility of these systems to adversarial attacks. Adversarial attacks are well-designed inputs that exploit weaknesses in the deep learning models underlying object detection. Successful attacks can cause misclassifications and critical errors, posing a significant threat to the functionality and safety of autonomous vehicles. With the rapid development of object detection systems, the vulnerability to adversarial attacks has become a major concern. These attacks manipulate inputs to deceive the target system, significantly compromising the reliability and safety of autonomous vehicles. In this study, we focus on analyzing adversarial attacks on state-of-the-art object detection models. We create adversarial examples to test the models’ robustness. We also check if the attacks work on a different object detection model meant for similar tasks. Additionally, we extensively evaluate recent defense mechanisms to see how effective they are in protecting deep neural networks (DNNs) from adversarial attacks and provide a comprehensive overview of the most commonly used defense strategies against adversarial attacks, highlighting how they can be implemented practically in real-world situations.
Much of the research in the field of audio-based machine learning has focused on recreating human speech via feature extraction and imitation, known as deepfakes. The current state of affairs has prompted a look into other areas, such as the recognition of recording devices, and potentially speakers, by only analysing sound files. Segregation and feature extraction are at the core of this approach.
This research focuses on determining whether a recorded sound can reveal the recording device with which it was captured. Each specific microphone manufacturer and model, among other characteristics and imperfections, can have subtle but compounding effects on the results, whether it be differences in noise, or the recording tempo and sensitivity of the microphone while recording. By studying these slight perturbations, it was found to be possible to distinguish between microphones based on the sounds they recorded.
After the recording, pre-processing, and feature extraction phases we completed, the prepared data was fed into several different machine learning algorithms, with results ranging from 70% to 100% accuracy, showing Multi-Layer Perceptron and Logistic Regression to be the most effective for this type of task.
This was further extended to be able to tell the difference between two microphones of the same make and model. Achieving the identification of identical models of a microphone suggests that the small deviations in their manufacturing process are enough of a factor to uniquely distinguish them and potentially target individuals using them. This however does not take into account any form of compression applied to the sound files, as that may alter or degrade some or most of the distinguishing features that are necessary for this experiment.
Building on top of prior research in the area, such as by Das et al. in in which different acoustic features were explored and assessed on their ability to be used to uniquely fingerprint smartphones, more concrete results along with the methodology by which they were achieved are published in this project’s publicly accessible code repository.
Entwicklung eines Kommunikationskonzepts für Black Forest Formula an der Hochschule Offenburg
(2021)
Die vorliegende Masterthesis befasst sich mit der Entwicklung eines Kommunikationskonzepts für das Black Forest Formula Projekt an der Hochschule Offenburg. Die bisherigen kommunikativen Aktivitäten werden im Rahmen dieser Arbeit überarbeitet und erweitert, sodass ein konsistentes Gesamtkonzept für die Kommunikation entsteht. Hierzu werden die einzelnen Phasen eines Konzeptionsprozesses durchlaufen. Das Ziel ist eine langfristige Planung, welche die Interessen der verschiedenen Gruppen innerhalb und außerhalb des Projekts berücksichtigt, um deren Unterstützung zu sichern. Des Weiteren wird durch die Ausrichtung auf festgelegte Kommunikationsziele eine Verbesserung der internen und externen Kommunikation von Black Forest Formula angestrebt. Die Arbeit richtet sich daher insbesondere an die leitenden Mitglieder des Teams und soll diesen als Handlungsempfehlung dienen. Darüber hinaus ist die Arbeit auch für all jene interessant, die sich mit dem Ablauf und den Methoden zur Entwicklung von Kommunikationskonzepten befassen möchten.
The identification of vulnerabilities is an important element of the software development process to ensure the security of software. Vulnerability identification based on the source code is a well studied field. To find vulnerabilities on the basis of a binary executable without the corresponding source code is more challenging. Recent research has shown how such detection can be performed statically and thus runtime efficiently by using deep learning methods for certain types of vulnerabilities.
This thesis aims to examine to what extent this identification can be applied sufficiently for a variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. For this purpose, a dataset with 50,651 samples of 23 different vulnerabilities in the form of a standardised LLVM Intermediate Representation was prepared. The vectorised features of a Word2Vec model were then used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). For this purpose, a binary classification was trained for the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of vulnerabilities, as well as a strong limitation of the analysis scope for further analysis steps.
Cloud computing is a combination of technologies, including grid computing and distributed computing, that use the Internet as a network for service delivery. Organizations can select the price and service models that best accommodate their demands and financial restrictions. Cloud service providers choose the pricing model for their cloud services, taking the size, usage, user, infrastructure, and service size into account. Thus, cloud computing’s economic and business advantages are driving firms to shift more applications to the cloud, boosting future development. It enlarges the possibilities of current IT systems.
Over the past several years, the ”cloud computing” industry has exploded in popularity, going from a promising business concept to one of the fastest expanding areas of the IT sector. Most enterprises are hosting or installing web services in a cloud architecture for management simplicity and improved availability. Virtual environments are applied to accomplish multi-tenancy in the cloud. A vulnerability in a cloud computing environment poses a direct threat to the users’ privacy and security. In our digital age, the user has many identities. At all levels, access rights and digital identities must be regulated and controlled.
Identity and access management(IAM) are the process of managing identities and regulating access privileges. It is considered as a front-line soldier of IT security. It is the goal of identity and access management systems to protect an organization’s assets by limiting access to just those who need it and in the appropriate cases. It is required for all businesses with thousands of users and is the best practice for ensuring user access control. It identifies, authenticates, and authorizes people to access an organization’s resources. This, in turn, enhances access management efficiency. Authentication, authorization, data protection, and accountability are just a few of the areas in which cloud-based web services have security issues. These features come under identity and access management.
The implementation of identity and access management(IAM) is essential for any business. It’s becoming more and more business-centric, so we need more than technical know-how to succeed. Organizations may save money on identity management and, more crucially, become much nimbler in their support of new business initiatives if they have developed sophisticated IAM capabilities. We used these features of identity and access management to validate the robustness of the cloud computing environment with a comparison of traditional identity and access management.
Die rasante Digitalisierung verändert die Hochschule Offenburg nachhaltig. Jedes Semester entstehen zahlreiche akademische Arbeiten und Prüfungsdaten, die von hoher Bedeutung für die Qualitätssicherung und den Bildungsprozess sind. Bisher fehlte jedoch eine effiziente Lösung zur Archivierung dieser Daten. Meine Masterarbeit präsentiert ein neues Archivierungskonzept, das eine zentrale, digitale Plattform schafft. Diese ermöglicht es Lehrenden und Studierenden, leicht auf ihre Daten zuzugreifen, sei es für Projektarbeiten, Seminarleistungen oder Prüfungen. Ich stelle nicht nur das Konzept vor, sondern auch die Umsetzung eines Prototyps auf Intrexx, einer Low-Code-Entwicklungsplattform. Mein Ziel ist es, ein Handbuch für zukünftige Entwickler zu hinterlassen, um zur digitalen Transformation der Hochschule beizutragen und die Bildungsprozesse zu optimieren.