TY - GEN A1 - Welearegai, Gebrehiwet B. A1 - Schlueter, Max A1 - Hammer, Christian T1 - Static security evaluation of an industrial web application T2 - Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing N2 - JavaScript is the most popular programming language for web applications. Static analysis of JavaScript applications is highly challenging due to its dynamic language constructs and event-driven asynchronous executions, which also give rise to many security-related bugs. Several static analysis tools to detect such bugs exist, however, research has not yet reported much on the precision and scalability trade-off of these analyzers. As a further obstacle, JavaScript programs structured in Node. js modules need to be collected for analysis, but existing bundlers are either specific to their respective analysis tools or not particularly suitable for static analysis. KW - JavaScript KW - WALA KW - SAFE KW - comparison Y1 - 2019 SN - 978-1-4503-5933-7 U6 - https://doi.org/10.1145/3297280.3297471 SP - 1952 EP - 1961 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Chakraborty, Dhiman A1 - Hammer, Christian A1 - Bugiel, Sven T1 - Secure Multi-Execution in Android T2 - Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing N2 - Mobile operating systems, such as Google's Android, have become a fixed part of our daily lives and are entrusted with a plethora of private information. Congruously, their data protection mechanisms have been improved steadily over the last decade and, in particular, for Android, the research community has explored various enhancements and extensions to the access control model. However, the vast majority of those solutions has been concerned with controlling the access to data, but equally important is the question of how to control the flow of data once released. Ignoring control over the dissemination of data between applications or between components of the same app, opens the door for attacks, such as permission re-delegation or privacy-violating third-party libraries. Controlling information flows is a long-standing problem, and one of the most recent and practical-oriented approaches to information flow control is secure multi-execution. In this paper, we present Ariel, the design and implementation of an IFC architecture for Android based on the secure multi-execution of apps. Ariel demonstrably extends Android's system with support for executing multiple instances of apps, and it is equipped with a policy lattice derived from the protection levels of Android's permissions as well as an I/O scheduler to achieve control over data flows between application instances. We demonstrate how secure multi-execution with Ariel can help to mitigate two prominent attacks on Android, permission re-delegations and malicious advertisement libraries. KW - Android KW - Information flow control KW - secure multi-execution Y1 - 2019 SN - 978-1-4503-5933-7 U6 - https://doi.org/10.1145/3297280.3297469 SP - 1934 EP - 1943 PB - Association for Computing Machinery CY - New York ER - TY - JOUR A1 - Dombrowski, Sebastian A1 - Ermakova, Tatiana A1 - Fabian, Benjamin T1 - Graph-based analysis of cloud connectivity at the internet protocol level JF - International Journal of Communication Networks and Distributed Systems (IJCNDS) N2 - Internet connectivity of cloud services is of exceptional importance for both their providers and consumers. This article demonstrates the outlines of a method for measuring cloud-service connectivity at the internet protocol level from a client's perspective. For this, we actively collect connectivity data via traceroute measurements from PlanetLab to several major cloud services. Furthermore, we construct graph models from the collected data, and analyse the connectivity of the services based on important graph-based measures. Then, random and targeted node removal attacks are simulated, and the corresponding vulnerability of cloud services is evaluated. Our results indicate that cloud service hosts are, on average, much better connected than average hosts. However, when interconnecting nodes are removed in a targeted manner, cloud connectivity is dramatically reduced. KW - cloud computing KW - connectivity KW - availability KW - reliability KW - internet topology KW - graph analysis KW - complex networks Y1 - 2019 U6 - https://doi.org/10.1504/IJCNDS.2019.100644 SN - 1754-3916 SN - 1754-3924 VL - 23 IS - 1 SP - 117 EP - 142 PB - Inderscience Enterprises Ltd CY - Geneva ER - TY - GEN A1 - Renz, Jan A1 - Meinel, Christoph T1 - The "Bachelor Project" BT - Project Based Computer Science Education T2 - 2019 IEEE Global Engineering Education Conference (EDUCON) N2 - One of the challenges of educating the next generation of computer scientists is to teach them to become team players, that are able to communicate and interact not only with different IT systems, but also with coworkers and customers with a non-it background. The “bachelor project” is a project based on team work and a close collaboration with selected industry partners. The authors hosted some of the teams since spring term 2014/15. In the paper at hand we explain and discuss this concept and evaluate its success based on students' evaluation and reports. Furthermore, the technology-stack that has been used by the teams is evaluated to understand how self-organized students in IT-related projects work. We will show that and why the bachelor is the most successful educational format in the perception of the students and how this positive results can be improved by the mentors. KW - computer science education KW - project based learning KW - bachelor project Y1 - 2019 SN - 978-1-5386-9506-7 U6 - https://doi.org/10.1109/EDUCON.2019.8725140 SN - 2165-9567 SP - 580 EP - 587 PB - IEEE CY - New York ER - TY - GEN A1 - Staubitz, Thomas A1 - Teusner, Ralf A1 - Meinel, Christoph T1 - MOOCs in Secondary Education BT - Experiments and Observations from German Classrooms T2 - 2019 IEEE Global Engineering Education Conference (EDUCON) N2 - Computer science education in German schools is often less than optimal. It is only mandatory in a few of the federal states and there is a lack of qualified teachers. As a MOOC (Massive Open Online Course) provider with a German background, we developed the idea to implement a MOOC addressing pupils in secondary schools to fill this gap. The course targeted high school pupils and enabled them to learn the Python programming language. In 2014, we successfully conducted the first iteration of this MOOC with more than 7000 participants. However, the share of pupils in the course was not quite satisfactory. So we conducted several workshops with teachers to find out why they had not used the course to the extent that we had imagined. The paper at hand explores and discusses the steps we have taken in the following years as a result of these workshops. KW - MOOC KW - Secondary Education KW - School KW - Teamwork KW - K-12 KW - Programming course KW - Java KW - Python Y1 - 2019 SN - 978-1-5386-9506-7 U6 - https://doi.org/10.1109/EDUCON.2019.8725138 SN - 2165-9567 SP - 173 EP - 182 PB - IEEE CY - New York ER - TY - GEN A1 - Halfpap, Stefan A1 - Schlosser, Rainer T1 - A Comparison of Allocation Algorithms for Partially Replicated Databases T2 - 2019 IEEE 35th International Conference on Data Engineering (ICDE) N2 - Increasing demand for analytical processing capabilities can be managed by replication approaches. However, to evenly balance the replicas' workload shares while at the same time minimizing the data replication factor is a highly challenging allocation problem. As optimal solutions are only applicable for small problem instances, effective heuristics are indispensable. In this paper, we test and compare state-of-the-art allocation algorithms for partial replication. By visualizing and exploring their (heuristic) solutions for different benchmark workloads, we are able to derive structural insights and to detect an algorithm's strengths as well as its potential for improvement. Further, our application enables end-to-end evaluations of different allocations to verify their theoretical performance. Y1 - 2019 SN - 978-1-5386-7474-1 SN - 978-1-5386-7475-8 U6 - https://doi.org/10.1109/ICDE.2019.00226 SN - 1084-4627 SN - 2375-026X SN - 1063-6382 SP - 2008 EP - 2011 PB - IEEE CY - New York ER - TY - GEN A1 - Halfpap, Stefan A1 - Schlosser, Rainer T1 - Workload-Driven Fragment Allocation for Partially Replicated Databases Using Linear Programming T2 - 2019 IEEE 35th International Conference on Data Engineering (ICDE) N2 - In replication schemes, replica nodes can process read-only queries on snapshots of the master node without violating transactional consistency. By analyzing the workload, we can identify query access patterns and replicate data depending to its access frequency. In this paper, we define a linear programming (LP) model to calculate the set of partial replicas with the lowest overall memory capacity while evenly balancing the query load. Furthermore, we propose a scalable decomposition heuristic to calculate solutions for larger problem sizes. While guaranteeing the same performance as state-of-the-art heuristics, our decomposition approach calculates allocations with up to 23% lower memory footprint for the TPC-H benchmark. KW - database replication KW - allocation problem KW - linear programming Y1 - 2019 SN - 978-1-5386-7474-1 SN - 978-1-5386-7475-8 U6 - https://doi.org/10.1109/ICDE.2019.00188 SN - 1084-4627 SN - 2375-026X SN - 1063-6382 SP - 1746 EP - 1749 PB - IEEE CY - New York ER - TY - GEN A1 - Kruse, Sebastian A1 - Kaoudi, Zoi A1 - Quiane-Ruiz, Jorge-Arnulfo A1 - Chawla, Sanjay A1 - Naumann, Felix A1 - Contreras-Rojas, Bertty T1 - Optimizing Cross-Platform Data Movement T2 - 2019 IEEE 35th International Conference on Data Engineering (ICDE) N2 - Data analytics are moving beyond the limits of a single data processing platform. A cross-platform query optimizer is necessary to enable applications to run their tasks over multiple platforms efficiently and in a platform-agnostic manner. For the optimizer to be effective, it must consider data movement costs across different data processing platforms. In this paper, we present the graph-based data movement strategy used by RHEEM, our open-source cross-platform system. In particular, we (i) model the data movement problem as a new graph problem, which we prove to be NP-hard, and (ii) propose a novel graph exploration algorithm, which allows RHEEM to discover multiple hidden opportunities for cross-platform data processing. Y1 - 2019 SN - 978-1-5386-7474-1 SN - 978-1-5386-7475-8 U6 - https://doi.org/10.1109/ICDE.2019.00162 SN - 1084-4627 SN - 1063-6382 SP - 1642 EP - 1645 PB - IEEE CY - New York ER - TY - GEN A1 - Schlosser, Rainer A1 - Kossmann, Jan A1 - Boissier, Martin T1 - Efficient Scalable Multi-Attribute Index Selection Using Recursive Strategies T2 - 2019 IEEE 35th International Conference on Data Engineering (ICDE) N2 - An efficient selection of indexes is indispensable for database performance. For large problem instances with hundreds of tables, existing approaches are not suitable: They either exhibit prohibitive runtimes or yield far from optimal index configurations by strongly limiting the set of index candidates or not handling index interaction explicitly. We introduce a novel recursive strategy that does not exclude index candidates in advance and effectively accounts for index interaction. Using large real-world workloads, we demonstrate the applicability of our approach. Further, we evaluate our solution end to end with a commercial database system using a reproducible setup. We show that our solutions are near-optimal for small index selection problems. For larger problems, our strategy outperforms state-of-the-art approaches in both scalability and solution quality. Y1 - 2019 SN - 978-1-5386-7474-1 U6 - https://doi.org/10.1109/ICDE.2019.00113 SN - 1084-4627 SP - 1238 EP - 1249 PB - IEEE CY - New York ER - TY - GEN A1 - Brinkmann, Maik A1 - Heine, Moreen T1 - Can Blockchain Leverage for New Public Governance? BT - a Conceptual Analysis on Process Level T2 - Proceedings of the 12th International Conference on Theory and Practice of Electronic Governance N2 - New Public Governance (NPG) as a paradigm for collaborative forms of public service delivery and Blockchain governance are trending topics for researchers and practitioners alike. Thus far, each topic has, on the whole, been discussed separately. This paper presents the preliminary results of ongoing research which aims to shed light on the more concrete benefits of Blockchain for the purpose of NPG. For the first time, a conceptual analysis is conducted on process level to spot benefits and limitations of Blockchain-based governance. Per process element, Blockchain key characteristics are mapped to functional aspects of NPG from a governance perspective. The preliminary results show that Blockchain offers valuable support for governments seeking methods to effectively coordinate co-producing networks. However, the extent of benefits of Blockchain varies across the process elements. It becomes evident that there is a need for off-chain processes. It is, therefore, argued in favour of intensifying research on off-chain governance processes to better understand the implications for and influences on on-chain governance. KW - Blockchain KW - New Public Governance KW - Blockchain Governance KW - Co-production KW - Conceptual Fit KW - Blockchain-enabled Governance Y1 - 2019 SN - 978-1-4503-6644-1 U6 - https://doi.org/10.1145/3326365.3326409 SP - 338 EP - 341 PB - Association for Computing Machinery CY - New York ER -