Refine
Year of publication
Document Type
- Master's Thesis (61) (remove)
Language
- English (61) (remove)
Has Fulltext
- yes (61)
Is part of the Bibliography
- no (61)
Keywords
- IT-Sicherheit (6)
- Maschinelles Lernen (4)
- Deep learning (3)
- security (3)
- Cloud Computing (2)
- Computersicherheit (2)
- Energiemanagement (2)
- Energiewende (2)
- Homomorphic Encryption (2)
- Identitätsverwaltung (2)
Institute
- Fakultät Medien (M) (ab 22.04.2021) (25)
- Fakultät Maschinenbau und Verfahrenstechnik (M+V) (14)
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (12)
- Fakultät Wirtschaft (W) (10)
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (3)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (2)
- Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021) (2)
- INES - Institut für nachhaltige Energiesysteme (2)
- IUAS - Institute for Unmanned Aerial Systems (1)
Open Access
- Closed (31)
- Closed Access (24)
- Open Access (6)
- Diamond (2)
Threat Modeling is a vital approach to implementing ”Security by Design” because it enables the discovery of vulnerabilities and mitigation of threats during the early stage of the Software Development Life Cycle as opposed to later on when they will be more expensive to fix. This thesis makes a review of the current threat Modeling approaches, methods, and tools. It then creates a meta-model adaptation of a fictitious cloud-based shop application which is tested using STRIDE and PASTA to check for vulnerabilities, weaknesses, and impact risk. The Analysis is done using Microsoft Threat Modeling Tool and IriusRisk. Finally, an evaluation of the results is made to ascertain the effectiveness of the processes involved with highlights of the challenges in threat modeling and recommendations on how security developers can make improvements.
The Internet of Things is spreading significantly in every sector, including the household, a variety of industries, healthcare, and emergency services, with the goal of assisting all of those infrastructures by providing intelligent means of service delivery. An Internet of Vulnerabilities (IoV) has emerged as a result of the pervasiveness of the Internet of Things (IoT), which has led to a rise in the use of applications and devices connected to the IoT in our day-to-day lives. The manufacture of IoT devices are growing at a rapid pace, but security and privacy concerns are not being taken into consideration. These intelligent Internet of Things devices are especially vulnerable to a variety of attacks, both on the hardware and software levels, which leaves them exposed to the possibility of use cases. This master’s thesis provides a comprehensive overview of the Internet of Things (IoT) with regard to security and privacy in the area of applications, security architecture frameworks, a taxonomy of various cyberattacks based on various architecture models, such as three-layer, four-layer, and five-layer. The fundamental purpose of this thesis is to provide recommendations for alternate mitigation strategies and corrective actions by using a holistic rather than a layer-by-layer approach. We discussed the most effective solutions to the problems of privacy and safety that are associated with the Internet of Things (IoT) and presented them in the form of research questions. In addition to that, we investigated a number of further possible directions for the development of this research.
This thesis focuses on the development and implementation of a Datagram Transport Layer Security (DTLS) communication framework within the ns-3 network simulator, specifically targeting the LoRaWAN model network. The primary aim is to analyse the behaviour and performance of DTLS protocols across different network conditions within a LoRaWAN context. The key aspects of this work include the following.
Utilization of ns-3: This thesis leverages ns-3’s capabilities as a powerful discrete event network simulator. This platform enables the emulation of diverse network environments, characterized by varying levels of latency, packet loss, and bandwidth constraints.
Emulation of Network Challenges: The framework specifically addresses unique challenges posed by certain network configurations, such as duty cycle limitations. These constraints, which limit the time allocated for data transmission by each device, are crucial in understanding the real-world performance of DTLS protocols.
Testing in Multi-client-server Scenarios: A significant feature of this framework is its ability to test DTLS performance in complex scenarios involving multiple clients and servers. This is vital for assessing the behaviour of a protocol under realistic network conditions.
Realistic Environment Simulation: By simulating challenging network conditions, such as congestion, limited bandwidth, and resource constraints, the framework provides a realistic environment for thorough evaluation. This allows for a comprehensive analysis of DTLS in terms of security, performance, and scalability.
Overall, this thesis contributes to a deeper understanding of DTLS protocols by providing a robust tool for their evaluation under various and challenging network conditions.
It is generally agreed that the development and deployment of an important amount of IoT devices throughout the world has revolutionized our lives in a way that we can rely on these devices to complete certain tasks that may have not been possible just years ago which also brought a new level of convenience and value to our lives.
This technology is allowing us in a smart home environment to remotely control doors, windows, and fridges, purchase online, stream music easily with the use of voice assistants such as Amazon Echo Alexa, also close a garage door from anywhere in the world to cite some examples as this technology has added value to several domains ranging from household environments, cites, industries by exchanging and transferring data between these devices and customers. Many of these devices’ sensors, collect and share information in real-time which enables us to make important business decisions.
However, these devices pose some risks and also some security and privacy challenges that need to be addressed to reach their full potential or be considered to be secure. That is why, comprehensive risk analysis techniques are essential to enhance the security posture of IoT devices as they can help evaluate the robustness and reliability towards potential susceptibility to risks, and vulnerabilities that IoT devices in a smart home setting might possess.
This approach relies on the basis of ISO/IEC 27005 methodology and risk matrix method to highlight the level of risks, impact, and likelihood that an IoT device in smart home settings can have, map the related vulnerability, threats and risks and propose the necessary mitigation strategies or countermeasures that can be taken to secure a device and therefore satisfying some security principles. Around 30 risks were identified on Amazon Echo and the related IoT system using the methodology. A detailed list of countermeasures is proposed as a result of the risk analysis. These results, in turn, can be used to elevate the security posture of the device.
The progress in machine learning has led to advanced deep neural networks. These networks are widely used in computer vision tasks and safety-critical applications. The automotive industry, in particular, has experienced a significant transformation with the integration of deep learning techniques and neural networks. This integration contributes to the realization of autonomous driving systems. Object detection is a crucial element in autonomous driving. It contributes to vehicular safety and operational efficiency. This technology allows vehicles to perceive and identify their surroundings. It detects objects like pedestrians, vehicles, road signs, and obstacles. Object detection has evolved from being a conceptual necessity to an integral part of advanced driver assistance systems (ADAS) and the foundation of autonomous driving technologies. These advancements enable vehicles to make real-time decisions based on their understanding of the environment, improving safety and driving experiences. However, the increasing reliance on deep neural networks for object detection and autonomous driving has brought attention to potential vulnerabilities within these systems. Recent research has highlighted the susceptibility of these systems to adversarial attacks. Adversarial attacks are well-designed inputs that exploit weaknesses in the deep learning models underlying object detection. Successful attacks can cause misclassifications and critical errors, posing a significant threat to the functionality and safety of autonomous vehicles. With the rapid development of object detection systems, the vulnerability to adversarial attacks has become a major concern. These attacks manipulate inputs to deceive the target system, significantly compromising the reliability and safety of autonomous vehicles. In this study, we focus on analyzing adversarial attacks on state-of-the-art object detection models. We create adversarial examples to test the models’ robustness. We also check if the attacks work on a different object detection model meant for similar tasks. Additionally, we extensively evaluate recent defense mechanisms to see how effective they are in protecting deep neural networks (DNNs) from adversarial attacks and provide a comprehensive overview of the most commonly used defense strategies against adversarial attacks, highlighting how they can be implemented practically in real-world situations.
This Master's Thesis discusses intelligent sensor networks considering autonomous sensor placement strategies and system health management. Sensor networks for an intelligent system design process have been researched recently. These networks consist of a distributed collective of sensing units, each with the abilities of individual sensing and computation. Such systems can be capable of self-deployment and must be scalable, long-lived and robust. With distributed sensor networks, intelligent sensor placement for system design and online system health management are attractive areas of research. Distributed sensor networks also cause optimization problems, such as decentralized control, system robustness and maximization of coverage in a distributed system. This also includes the discovery and analysis of points of interest within an environment. The purpose of this study was to investigate a method to control sensor placement in a world with several sources and multiple types of information autonomously. This includes both controlling the movement of sensor units and filtering of the gathered information depending on individual properties to increase system performance, defined as a good coverage. Additionally, online system health management was examined in this study regarding the case of agent failures and autonomous policy reconfiguration if sensors are added to or removed from the system. Two different solution strategies were devised, one where the environment was fully observable, and one with only partial observability. Both strategies use evolutionary algorithms based on artificial neural networks for developing control policies. For performance measurement and policy evaluation, different multiagent objective functions were investigated. The results of the study show that in the case of a world with multiple types of information, individual control strategies performed best because of their abilities to control the movement of a sensor entity and to filter the sensed information. This also includes system robustness in case of sensor failures where other sensing units must recover system performance. Additionally, autonomous policy reconfiguration after adding or removing of sensor agents was successful. This highlights that intelligent sensor agents are able to adapt their individual control policies considering new circumstances.
AI-based Ground Penetrating Radar Signal Processing for Thickness Estimation of Subsurface Layers
(2023)
This thesis focuses on the estimation of subsurface layer thickness using Ground Penetrating Radar (GPR) A-scan and B-scan data through the application of neural networks. The objective is to develop accurate models capable of estimating the thickness of up to two subsurface layers.
Two different approaches are explored for processing the A-scan data. In the first approach, A-scans are compressed using Principal Component Analysis (PCA), and a regression feedforward neural network is employed to estimate the layers’ thicknesses. The second approach utilizes a regression one-dimensional Convolutional Neural Network (1-D CNN) for the same purpose. Comparative analysis reveals that the second approach yields superior results in terms of accuracy.
Subsequently, the proposed 1-D CNN architecture is adapted and evaluated for Step Frequency Continuous Wave (SFCW) radar, expanding its applicability to this type of radar system. The effectiveness of the proposed network in estimating subsurface layer thickness for SFCW radar is demonstrated.
Furthermore, the thesis investigates the utilization of GPR B-scan images as input data for subsurface layer thickness estimation. A regression CNN is employed for this purpose, although the results achieved are not as promising as those obtained with the 1-D CNN using A-scan data. This disparity is attributed to the limited availability of B-scan data, as B-scan generation is a resource-intensive process.
Global energy demand is still on an increase during the last decade, with a lot of impact on the climate change due to the intensive use of conventional fossil-based fuels power plants to cover this demand. Most recently, leaders of the globe met in 2015 to come out with the Paris Agreement, stating that the countries will start to take a more responsible and effective behaviour toward the global warming and climate change issues. Many studies have discussed how the future energy system will look like with respecting the countries’ targets and limits of greenhouse gases and their CO2 emissions. However, these studies rarely discussed the industry sector in detail even though it is one of the major role players in the energy sector. Moreover, many studies have simulated and modelled the energy system with huge jumps of intervals in terms of years and environmental goals. In the first part of this study, a model will be developed for the German electrical grid with high spatial and temporal resolutions and different scenarios of it will be analysed meticulously on shorter periods (annual optimization), with different flexibilities and used technologies and degrees of innovations within each scenario. Moreover, the challenge in this research is to adequately map the diverse and different characteristics of the medium-sized industrial sector. In order to be able to take a first step in assessing the relevance of the industrial sector in Germany for climate protection goals, the industrial sector will be mapped in PyPSA-Eur (an open-source model data set of the European energy system at the level of the transmission network) by detailing the demand for different types of industry and assigning flexibilities to the industrial types. Synthetically generated load profiles of various industrial types are available. Flexibilities in the industrial sector are described by the project partner Fraunhofer IPA in the GaIN project and can be used. Using a scenario analysis, the development of the industrial sector and the use of flexibilities are then to be assessed quantitatively.
The Lattice Boltzmann Method is a useful tool to calculate fluid flow and acoustic effects at the same time. Although the acoustic perturbation is much smaller than normal pressure differences in fluid flow, this direct calculation is a great advantage of the Lattice Boltzmann Method (LBM). But each border used in calculation produces a multitude of reflections with the acoustic waves, which lead to an unusable result. Therefore, it is worked on different absorbing techniques.
In this thesis three absorbing layer techniques are described, explained and reviewed with different simulations. The absorbing layers are implemented in a basic LBM code in C++, and with this umpteen simulations within a box were performed to compare the different absorbing layers. The Doppler effect and a cylinder flow are also examined to compare the damping efficiencies.
The three studied absorbing techniques are the sponge layer, the perfectly matched layer and a force based Term II absorbing layer. The sponge layer is easy to implement but gives worse results than a calculation without any absorbing layer. The perfectly matched layer and a force based absorbing term provide very good results but the perfectly matched layer has problems with instability. The force based absorbing layer represents the best compromise between the additional computation time due the absorbing layer and the achieved damping efficiency.
Truth is the first causality of war”, is a very often used statement. What rather intrigues the mind is what causes the causality of truth. If one dives deeper, one may also wonder why is this so-called truth the first target in a war. Who all see the truth before it dies. These questions rarely get answered as the media and general public tends to focus more on the human and economic losses in a war or war like situation. What many fail to realize is that these truthful pieces of information are critical to how a situation further develops. One correct information may change the course of the whole war saving millions and one mis-information may do the opposite.
Since its inception, some studies have been conducted to propose and develop new applications for OSINT in various fields. In addition to OSINT, Artificial Intelligence is a worldwide trend that is being used in conjunction witThe question here is, what is this information. Who transmits this and how? What is the source. Although, there has been an extensive use of the information provided by the secret services of any nation, which have come handy to many, another kind of information system is using the one that is publicly available, but in different pieces. This kind of information may come from people posting on social media, some publicly available records and much more. The key part in this publicly available information is that these are just pieces of information available across the globe from various different sources. This could be seen as small pieces of a puzzle that need to be put together to see the bigger picture. This is where OSINT comes in place.
h other areas (AI). AI is the branch of computer science that is in charge of developing intelligent systems. In terms of contribution, this work presents a 9-step systematic literature review as well as consolidated data to support future OSINT studies. It was possible to understand where the greatest concentration of publications was, which countries and continents developed the most research, and the characteristics of these publications using this information. What are the trends for the next OSINT with AI studies? What AI subfields are used with OSINT? What are the most popular keywords, and how do they relate to others over time?A timeline describing the application of OSINT is also provided. It was also clear how OSINT was used in conjunction with AI to solve problems in various areas with varying objectives. Private investigators and journalists are no longer the primary users of open-source intelligence gathering and analysis (OSINT) techniques. Approximately 80-90 percent of data analysed by intelligence agencies is now derived from publicly available sources. Furthermore, the massive expansion of the internet, particularly social media platforms, has made OSINT more accessible to civilians who simply want to trawl the Web for information on a specific individual, organisation, or product. The General Data Protection Regulation (GDPR) of the European Union was implemented in the United Kingdom in May 2018 through the new Data Protection Act, with the goal of protecting personal data from unauthorised collection, storage, and exploitation. This document presents a preliminary review of the literature on GDPR-related work.
The reviewed literature is divided into six sections: ’What is OSINT?’, ’What are the risks?’ and benefits of OSINT?’, ’What is the rationale for data protection legislation?’, ’What are the current legislative frameworks in the UK and Europe?’, ’What is the potential impact of the GDPR on OSINT?’, and ’Have the views of civilian and commercial stakeholders been sought and why is this important?’. Because OSINT tools and techniques are available to anyone, they have the unique ability to be used to hold power accountable. As a result, it is critical that new data protection legislation does not impede civilian OSINT capabilities.
In this paper we see how OSINT has played an important role in the wars across the globe in the past. We also see how OSINT is used in our everyday life. We also gain insights on how OSINT is playing a role in the current war going on between Russia and Ukraine. Furthermore, we look into some of these OSINT tools and how they work. We also consider a use case where OSINT is used as an anti terrorism tool. At the end, we also see how OSINT has evolved over the years, and what we can expect in the future as to what OSINT may look like.