004 Informatik
Refine
Year of publication
Document Type
- Bachelor Thesis (21)
- Master's Thesis (19)
- Conference Proceeding (5)
- Book (1)
- Doctoral Thesis (1)
Conference Type
- Konferenzartikel (5)
Keywords
- IT-Sicherheit (6)
- JavaScript (6)
- Deep learning (3)
- HTML 5.0 (3)
- App <Programm> (2)
- Internet der Dinge (2)
- Internet of Things (2)
- Mensch-Maschine-Kommunikation (2)
- Netzwerk (2)
- Smartphone (2)
Institute
- Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021) (22)
- Fakultät Medien (M) (ab 22.04.2021) (16)
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (6)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (2)
- Fakultät Wirtschaft (W) (1)
- IMLA - Institute for Machine Learning and Analytics (1)
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (1)
Open Access
- Closed Access (47) (remove)
This thesis focuses on the development and implementation of a Datagram Transport Layer Security (DTLS) communication framework within the ns-3 network simulator, specifically targeting the LoRaWAN model network. The primary aim is to analyse the behaviour and performance of DTLS protocols across different network conditions within a LoRaWAN context. The key aspects of this work include the following.
Utilization of ns-3: This thesis leverages ns-3’s capabilities as a powerful discrete event network simulator. This platform enables the emulation of diverse network environments, characterized by varying levels of latency, packet loss, and bandwidth constraints.
Emulation of Network Challenges: The framework specifically addresses unique challenges posed by certain network configurations, such as duty cycle limitations. These constraints, which limit the time allocated for data transmission by each device, are crucial in understanding the real-world performance of DTLS protocols.
Testing in Multi-client-server Scenarios: A significant feature of this framework is its ability to test DTLS performance in complex scenarios involving multiple clients and servers. This is vital for assessing the behaviour of a protocol under realistic network conditions.
Realistic Environment Simulation: By simulating challenging network conditions, such as congestion, limited bandwidth, and resource constraints, the framework provides a realistic environment for thorough evaluation. This allows for a comprehensive analysis of DTLS in terms of security, performance, and scalability.
Overall, this thesis contributes to a deeper understanding of DTLS protocols by providing a robust tool for their evaluation under various and challenging network conditions.
The evolution of cellular networks from its first generation (1G) to its fourth generation (4G) was driven by the demand of user-centric downlink capacity also technically called Mobile Broad-Band (MBB). With its fifth generation (5G), Machine Type Communication (MTC) has been added into the target use cases and the upcoming generation of cellular networks is expected to support them. However, such support requires improvements in the existing technologies in terms of latency, reliability, energy efficiency, data rate, scalability, and capacity.
Originally, MTC was designed for low-bandwidth high-latency applications such as, environmental sensing, smart dustbin, etc. Nowadays there is an additional demand around applications with low-latency requirements. Among other well-known challenges for recent cellular networks such as data rate energy efficiency, reliability etc., latency is also not suitable for mission-critical applications such as real-time control of machines, autonomous driving, tactile Internet etc. Therefore, in the currently deployed cellular networks, there is a necessity to reduce the latency and increase the reliability offered by the networks to support use cases such as, cooperative autonomous driving or factory automation, that are grouped under the denomination Ultra-Reliable Low-Latency Communication (URLLC).
This thesis is primarily concerned with the latency into the Universal Terrestrial Radio Access Network (UTRAN) of cellular networks. The overall work is divided into five parts. The first part presents the state of the art for cellular networks. The second part contains a detailed overview of URLLC use cases and the requirements that must be fulfilled by the cellular networks to support them. The work in this thesis is done as part of a collaboration project between IRIMAS lab in Université de Haute-Alsace, France and Institute for Reliable Embedded Systems and Communication Electronics (ivESK) in Offenburg University of Applied Sciences, Germany. The selected use cases of URLLC are part of the research interests of both partner institutes. The third part presents a detailed study and evaluation of user- and control-plane latency mechanisms in current generation of cellular networks. The evaluation and analysis of these latencies, performed with the open-source ns-3 simulator, were conducted by exploring a broad range of parameters that include among others, traffic models, channel access parameters, realistic propagation models, and a broad set of cellular network protocol stack parameters. These simulations were performed with low-power, low-cost, and wide-range devices, commonly called IoT devices, and standardized for cellular networks. These devices use either LTE-M or Narrowband-IoT (NB-IoT) technologies that are designed for connected things. They differ mainly by the provided bandwidth and other additional characteristics such as coding scheme, device complexity, and so on.
The fourth part of this thesis shows a study, an implementation, and an evaluation of latency reduction techniques that target the different layers of the currently used Long Term Evolution (LTE) network protocol stack. These techniques based on Transmission Time Interval (TTI) reduction and Semi-Persistent Scheduling (SPS) methods are implemented into the ns-3 simulator and are evaluated through realistic simulations performed for a variety of low-latency use cases focused on industry automation and vehicular networking. For testing the proposed latency reduction techniques in cellular networks, since ns-3 does not support NB-IoT in its current release, an NB-IoT extension for LTE module was developed. This makes it possible to explore deployment limitations and issues.
In the last part of this thesis, a flexible deployment framework called Hybrid Scheduling and Flexible TTI for the proposed latency reduction techniques is presented, implemented and evaluated through realistic simulations. With help of the simulation evaluation, it is shown that the improved LTE network proposed and implemented in the simulator can support low-latency applications with low cost, higher range, and narrow bandwidth devices. The work in this thesis points out the potential improvement techniques, their deployment issues and paves the way towards the support for URLLC applications with upcoming cellular networks.
On a regular basis, we hear of well-known online services that have been abused or compromised as a result of data theft. Because insecure applications jeopardize users' privacy as well as the reputation of corporations and organizations, they must be effectively secured from the outset of the development process. The limited expertise and experience of involved parties, such as web developers, is frequently cited as a cause of risky programs. Consequently, they rarely have a full picture of the security-related decisions that must be made, nor do they understand how these decisions affect implementation accurately.
The selection of tools and procedures that can best assist a certain situation in order to protect an application against vulnerabilities is a critical decision. Regardless of the level of security that results from adhering to security standards, these factors inadvertently result in web applications that are insufficiently secured. JavaScript is a language that is heavily relied on as a mainstream programming language for web applications with several new JavaScript frameworks being released every year.
JavaScript is used on both the server-side in web applications development and the client-side in web browsers as well.
However, JavaScript web programming is based on a programming style in which the application developer can, and frequently must, automatically integrate various bits of code from third parties. This potent combination has resulted in a situation today where security issues are frequently exploited. These vulnerabilities can compromise an entire server if left unchecked. Even though there are numerous ad hoc security solutions for web browsers, client-side attacks are also popular. The issue is significantly worse on the server side because the security technologies available for server-side JavaScript application frameworks are nearly non-existent.
Consequently, this thesis focuses on the server-side aspect of JavaScript; the development and evaluation of robust server-side security technologies for JavaScript web applications. There is a clear need for robust security technologies and security best practices in server-side JavaScript that allow fine-grained security.
However, more than ever, there is this requirement of reducing the associated risks without hindering the web application in its functionality.
This is the problem that will be tackled in this thesis: the development of secure security practices and robust security technologies for JavaScript web applications, specifically, on the server-side, that offer adequate security guarantees without putting too many constraints on their functionality.
The identification of vulnerabilities is an important element of the software development process to ensure the security of software. Vulnerability identification based on the source code is a well studied field. To find vulnerabilities on the basis of a binary executable without the corresponding source code is more challenging. Recent research has shown how such detection can be performed statically and thus runtime efficiently by using deep learning methods for certain types of vulnerabilities.
This thesis aims to examine to what extent this identification can be applied sufficiently for a variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. For this purpose, a dataset with 50,651 samples of 23 different vulnerabilities in the form of a standardised LLVM Intermediate Representation was prepared. The vectorised features of a Word2Vec model were then used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). For this purpose, a binary classification was trained for the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of vulnerabilities, as well as a strong limitation of the analysis scope for further analysis steps.
Drohnensteuerungen sind häufig sehr komplex und verbunden mit Hardwarekontrollern. Mittels heutiger Technologien, wie zum Beispiel der künstlichen Intelligenz oder der Sensoren Technologie, können diese jedoch vermehrt modifiziert und an die Bedürfnisse der Nutzer angepasst werden. Eine der kommenden Technologien hierfür ist das Hand Capture. Das Ziel dieser Bachelorarbeit ist es, die Technologie des Hand Capture mit einfachen Mitteln zu rekonstruieren und mittels dieser eine virtuelle Drohne in einem Simulationsspiel durch drei unterschiedliche Level steuern zu können. Außerdem sollen die aktuellen Hand Capture sowie Drohnensteuerungsmöglichkeiten aufgezeigt werden. Zur Realisierung des Hand Capture werden zwei Handkontroller angefertigt, die über jeweils einen Beschleunigungssensor an jeder Hand verfügen. Diese sind verbunden mit einem Arduino Mikrocontroller, der die Beschleunigungssensoren über das I²C-Protokoll ausliest. Um die virtuelle Drohnensteuerung und deren Simulation umzusetzen, wird die Echtzeit-3D-Entwicklungsplattform Unity verwendet. Zwischen Unity und dem Arduino wird über den seriellen Port durch eine USB-Schnittstelle eine bidirektionale Kommunikation aufgebaut, über welche die ausgemessenen Werte übertragen werden können. Zuvor werden diese Werte aber noch im Arduino in Roll- und Pitchneigungen umgewandelt, sodass Unity diese einfacher als Steuerbefehle für die Drohne interpretieren kann. Das Ergebnis ist eine funktionsfähige Drohnensteuerung, welche die Grundbewegungen der Drohne abdeckt. Zusätzlich zu der Drohnensteuerung werden in Unity drei Level erstellt, die es dem Nutzer ermöglichen, die Steuerung zu erlernen und die Drohne mit hoher Geschwindigkeit zu fliegen sowie in einem großen, offenen Level zu manövrieren. Einzelne Playtests der Simulation in denen die Level problemlos bewältigt werden konnten, bestätigen, dass die Drohnensteuerung die Aspekte: Übertragungsgeschwindigkeit, Präzision, Benutzerfreundlichkeit und Anzahl der Steuer- und Eingabemöglichkeiten erfüllt und somit als eine alternative Steuerungsmöglichkeit funktioniert.
In this work, an implementation of the somewhat homomorphic BV encryption scheme is presented. During the implementation, care was taken to ensure that the resulting program will be as efficient as possible i.e. fast and resource-saving. The basis for this is the work of Arndt Bieberstein, who implemented the BV scheme with respect to functionality. The presented implementation supports the basics of the BV scheme, namely (symmetric and asymmetric) encryption, decryption and evaluation of addition as well as multiplication. Additionally, it supports the encoding of positive and negative numbers, various gaussian sampling methods, basically infinitely large polynomial coefficients, the generation of suitable parameters for a use case, threading and relinearization to reduce the size of a ciphertext after multiplications. After presenting the techniques used in the implementation, it’s actual efficiency is determined by measuring the timings of the operations for various parameters.
Annotated training data is essential for supervised learning methods. Human annotation is costly and laborsome especially if a dataset consists of hundreds of thousands of samples and annotators need to be hired. Crowdsourcing emerged as a solution that makes it easier to get access to large amounts of human annotators. Introducing paid external annotators however introduces malevolent annotations, both intentional and unintentional. Both forms of malevolent annotations have negative effects on further usage of the data and can be summarized as spam. This work explores different approaches to post-hoc detection of spamming users and which kinds of spam can be detected by them. A manual annotation checking process resulted in the creation of a small user spam dataset which is used in this thesis. Finally an outlook for future improvements of these approaches will be made.
Due to the increasing aging of the population, the number of elderly people requiring care is growing in most European countries. However, the number of caregivers working in nursing homes and on daily care services is declining in countries like Germany or Italy. This limits the time for interpersonal communication. Furthermore, as a result of the Covid-19 pandemic, social distancing during contact restrictions became more important, causing an additional reduction of personal interaction. This social isolation can strongly increase emotional stress. Robotic assistance could contribute to addressing this challenge on three levels: (1) supporting caregivers to respond individually to the needs of patients and residents in nursing homes; (2) observing patients’ health and emotional state; (3) complying with high hygiene standards and minimizing human contact if required. To further the research on emotional aspects and the acceptance of robotic assistance in care, we conducted two studies where elderly participants interacted with the social robot Misa. Facial expression and voice analysis were used to identify and measure the emotional state of the participants during the interaction. While interpersonal contact plays a major role in elderly care, the findings reveal that robotic assistance generates added value for both caregivers and patients and that they show emotions while interacting with them.