TY - GEN A1 - Sianipar, Johannes Harungguan A1 - Willems, Christian A1 - Meinel, Christoph T1 - Virtual machine integrity verification in Crowd-Resourcing Virtual Laboratory T2 - 2018 IEEE 11th Conference on Service-Oriented Computing and Applications (SOCA) N2 - In cloud computing, users are able to use their own operating system (OS) image to run a virtual machine (VM) on a remote host. The virtual machine OS is started by the user using some interfaces provided by a cloud provider in public or private cloud. In peer to peer cloud, the VM is started by the host admin. After the VM is running, the user could get a remote access to the VM to install, configure, and run services. For the security reasons, the user needs to verify the integrity of the running VM, because a malicious host admin could modify the image or even replace the image with a similar image, to be able to get sensitive data from the VM. We propose an approach to verify the integrity of a running VM on a remote host, without using any specific hardware such as Trusted Platform Module (TPM). Our approach is implemented on a Linux platform where the kernel files (vmlinuz and initrd) could be replaced with new files, while the VM is running. kexec is used to reboot the VM with the new kernel files. The new kernel has secret codes that will be used to verify whether the VM was started using the new kernel files. The new kernel is used to further measuring the integrity of the running VM. KW - Virtual Machine KW - Integrity Verification KW - Crowd-Resourcing KW - Cloud Computing Y1 - 2019 SN - 978-1-5386-9133-5 U6 - https://doi.org/10.1109/SOCA.2018.00032 SN - 2163-2871 SP - 169 EP - 176 PB - IEEE CY - New York ER - TY - GEN A1 - Podlesny, Nikolai Jannik A1 - Kayem, Anne V. D. M. A1 - Meinel, Christoph T1 - Attribute Compartmentation and Greedy UCC Discovery for High-Dimensional Data Anonymisation T2 - Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy N2 - High-dimensional data is particularly useful for data analytics research. In the healthcare domain, for instance, high-dimensional data analytics has been used successfully for drug discovery. Yet, in order to adhere to privacy legislation, data analytics service providers must guarantee anonymity for data owners. In the context of high-dimensional data, ensuring privacy is challenging because increased data dimensionality must be matched by an exponential growth in the size of the data to avoid sparse datasets. Syntactically, anonymising sparse datasets with methods that rely of statistical significance, makes obtaining sound and reliable results, a challenge. As such, strong privacy is only achievable at the cost of high information loss, rendering the data unusable for data analytics. In this paper, we make two contributions to addressing this problem from both the privacy and information loss perspectives. First, we show that by identifying dependencies between attribute subsets we can eliminate privacy violating attributes from the anonymised dataset. Second, to minimise information loss, we employ a greedy search algorithm to determine and eliminate maximal partial unique attribute combinations. Thus, one only needs to find the minimal set of identifying attributes to prevent re-identification. Experiments on a health cloud based on the SAP HANA platform using a semi-synthetic medical history dataset comprised of 109 attributes, demonstrate the effectiveness of our approach. Y1 - 2019 SN - 978-1-4503-6099-9 U6 - https://doi.org/10.1145/3292006.3300019 SP - 109 EP - 119 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Giese, Holger Burkhard T1 - Software Engineering for Smart Cyber-Physical Systems BT - Challenges and Opportunities T2 - Proceedings of the 12th Innovations on Software Engineering Conference N2 - Currently, a transformation of our technical world into a networked technical world where besides the embedded systems with their interaction with the physical world the interconnection of these nodes in the cyber world becomes a reality can be observed. In parallel nowadays there is a strong trend to employ artificial intelligence techniques and in particular machine learning to make software behave smart. Often cyber-physical systems must be self-adaptive at the level of the individual systems to operate as elements in open, dynamic, and deviating overall structures and to adapt to open and dynamic contexts while being developed, operated, evolved, and governed independently. In this presentation, we will first discuss the envisioned future scenarios for cyber-physical systems with an emphasis on the synergies networking can offer and then characterize which challenges for the design, production, and operation of these systems result. We will then discuss to what extent our current capabilities, in particular concerning software engineering match these challenges and where substantial improvements for the software engineering are crucial. In today's software engineering for embedded systems models are used to plan systems upfront to maximize envisioned properties on the one hand and minimize cost on the other hand. When applying the same ideas to software for smart cyber-physical systems, it soon turned out that for these systems often somehow more subtle links between the involved models and the requirements, users, and environment exist. Self-adaptation and runtime models have been advocated as concepts to covers the demands that result from these subtler links. Lately, both trends have been brought together more thoroughly by the notion of self-aware computing systems. We will review the underlying causes, discuss some our work in this direction, and outline related open challenges and potential for future approaches to software engineering for smart cyber-physical systems. KW - Software Engineering KW - Cyber-Physical Systems KW - Self-aware computing systems Y1 - 2019 SN - 978-1-4503-6215-3 U6 - https://doi.org/10.1145/3299771.3301650 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Sukmana, Muhammad Ihsan Haikal A1 - Torkura, Kennedy A. A1 - Graupner, Hendrik A1 - Cheng, Feng A1 - Meinel, Christoph T1 - Unified Cloud Access Control Model for Cloud Storage Broker T2 - 33rd International Conference on Information Networking (ICOIN 2019) N2 - Cloud Storage Broker (CSB) provides value-added cloud storage service for enterprise usage by leveraging multi-cloud storage architecture. However, it raises several challenges for managing resources and its access control in multiple Cloud Service Providers (CSPs) for authorized CSB stakeholders. In this paper we propose unified cloud access control model that provides the abstraction of CSP's services for centralized and automated cloud resource and access control management in multiple CSPs. Our proposal offers role-based access control for CSB stakeholders to access cloud resources by assigning necessary privileges and access control list for cloud resources and CSB stakeholders, respectively, following privilege separation concept and least privilege principle. We implement our unified model in a CSB system called CloudRAID for Business (CfB) with the evaluation result shows it provides system-and-cloud level security service for cfB and centralized resource and access control management in multiple CSPs. KW - Cloud Storage Broker KW - Cloud access control and resource management KW - Unified cloud model KW - Privilege separation concept KW - Least privilege principle KW - Role-based access control Y1 - 2019 SN - 978-1-5386-8350-7 U6 - https://doi.org/10.1109/ICOIN.2019.8717982 SN - 1976-7684 SP - 60 EP - 65 PB - IEEE CY - Los Alamitos ER - TY - GEN A1 - Hernandez, Netzahualcoyotl A1 - Demiray, Burcu A1 - Arnrich, Bert A1 - Favela, Jesus T1 - An Exploratory Study to Detect Temporal Orientation Using Bluetooth's sensor T2 - PervasiveHealth'19: Proceedings of the 13th EAI International Conference on Pervasive Computing Technologies for Healthcare N2 - Mobile sensing technology allows us to investigate human behaviour on a daily basis. In the study, we examined temporal orientation, which refers to the capacity of thinking or talking about personal events in the past and future. We utilise the mksense platform that allows us to use the experience-sampling method. Individual's thoughts and their relationship with smartphone's Bluetooth data is analysed to understand in which contexts people are influenced by social environments, such as the people they spend the most time with. As an exploratory study, we analyse social condition influence through a collection of Bluetooth data and survey information from participant's smartphones. Preliminary results show that people are likely to focus on past events when interacting with close-related people, and focus on future planning when interacting with strangers. Similarly, people experience present temporal orientation when accompanied by known people. We believe that these findings are linked to emotions since, in its most basic state, emotion is a state of physiological arousal combined with an appropriated cognition. In this contribution, we envision a smartphone application for automatically inferring human emotions based on user's temporal orientation by using Bluetooth sensors, we briefly elaborate on the influential factor of temporal orientation episodes and conclude with a discussion and lessons learned. KW - Mobile sensing KW - Temporal orientation KW - Social environment KW - Human behaviour KW - Bluetooth Y1 - 2019 SN - 978-1-4503-6126-2 U6 - https://doi.org/10.1145/3329189.3329223 SN - 2153-1633 SP - 292 EP - 297 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Perscheid, Cindy A1 - Uflacker, Matthias T1 - Integrating Biological Context into the Analysis of Gene Expression Data T2 - Distributed Computing and Artificial Intelligence, Special Sessions, 15th International Conference N2 - High-throughput RNA sequencing produces large gene expression datasets whose analysis leads to a better understanding of diseases like cancer. The nature of RNA-Seq data poses challenges to its analysis in terms of its high dimensionality, noise, and complexity of the underlying biological processes. Researchers apply traditional machine learning approaches, e. g. hierarchical clustering, to analyze this data. Until it comes to validation of the results, the analysis is based on the provided data only and completely misses the biological context. However, gene expression data follows particular patterns - the underlying biological processes. In our research, we aim to integrate the available biological knowledge earlier in the analysis process. We want to adapt state-of-the-art data mining algorithms to consider the biological context in their computations and deliver meaningful results for researchers. KW - Gene expression KW - Machine learning KW - Feature selection KW - Association rule mining KW - Biclustering KW - Knowledge bases Y1 - 2019 SN - 978-3-319-99608-0 SN - 978-3-319-99607-3 U6 - https://doi.org/10.1007/978-3-319-99608-0_41 SN - 2194-5357 SN - 2194-5365 VL - 801 SP - 339 EP - 343 PB - Springer CY - Cham ER - TY - GEN A1 - Hesse, Günter A1 - Matthies, Christoph A1 - Sinzig, Werner A1 - Uflacker, Matthias T1 - Adding Value by Combining Business and Sensor Data BT - an Industry 4.0 Use Case T2 - Database Systems for Advanced Applications N2 - Industry 4.0 and the Internet of Things are recent developments that have lead to the creation of new kinds of manufacturing data. Linking this new kind of sensor data to traditional business information is crucial for enterprises to take advantage of the data’s full potential. In this paper, we present a demo which allows experiencing this data integration, both vertically between technical and business contexts and horizontally along the value chain. The tool simulates a manufacturing company, continuously producing both business and sensor data, and supports issuing ad-hoc queries that answer specific questions related to the business. In order to adapt to different environments, users can configure sensor characteristics to their needs. KW - Industry 4.0 KW - Internet of Things KW - Data integration Y1 - 2019 SN - 978-3-030-18590-9 SN - 978-3-030-18589-3 U6 - https://doi.org/10.1007/978-3-030-18590-9_80 SN - 0302-9743 SN - 1611-3349 VL - 11448 SP - 528 EP - 532 PB - Springer CY - Cham ER - TY - GEN A1 - Bartz, Christian A1 - Yang, Haojin A1 - Bethge, Joseph A1 - Meinel, Christoph T1 - LoANs BT - Weakly Supervised Object Detection with Localizer Assessor Networks T2 - Computer Vision – ACCV 2018 Workshops N2 - Recently, deep neural networks have achieved remarkable performance on the task of object detection and recognition. The reason for this success is mainly grounded in the availability of large scale, fully annotated datasets, but the creation of such a dataset is a complicated and costly task. In this paper, we propose a novel method for weakly supervised object detection that simplifies the process of gathering data for training an object detector. We train an ensemble of two models that work together in a student-teacher fashion. Our student (localizer) is a model that learns to localize an object, the teacher (assessor) assesses the quality of the localization and provides feedback to the student. The student uses this feedback to learn how to localize objects and is thus entirely supervised by the teacher, as we are using no labels for training the localizer. In our experiments, we show that our model is very robust to noise and reaches competitive performance compared to a state-of-the-art fully supervised approach. We also show the simplicity of creating a new dataset, based on a few videos (e.g. downloaded from YouTube) and artificially generated data. Y1 - 2019 SN - 978-3-030-21074-8 SN - 978-3-030-21073-1 U6 - https://doi.org/10.1007/978-3-030-21074-8_29 SN - 0302-9743 SN - 1611-3349 VL - 11367 SP - 341 EP - 356 PB - Springer CY - Cham ER - TY - GEN A1 - Seidel, Felix A1 - Krentz, Konrad-Felix A1 - Meinel, Christoph T1 - Deep En-Route Filtering of Constrained Application Protocol (CoAP) Messages on 6LoWPAN Border Routers T2 - 2019 IEEE 5th World Forum on Internet of Things (WF-IoT) N2 - Devices on the Internet of Things (IoT) are usually battery-powered and have limited resources. Hence, energy-efficient and lightweight protocols were designed for IoT devices, such as the popular Constrained Application Protocol (CoAP). Yet, CoAP itself does not include any defenses against denial-of-sleep attacks, which are attacks that aim at depriving victim devices of entering low-power sleep modes. For example, a denial-of-sleep attack against an IoT device that runs a CoAP server is to send plenty of CoAP messages to it, thereby forcing the IoT device to expend energy for receiving and processing these CoAP messages. All current security solutions for CoAP, namely Datagram Transport Layer Security (DTLS), IPsec, and OSCORE, fail to prevent such attacks. To fill this gap, Seitz et al. proposed a method for filtering out inauthentic and replayed CoAP messages "en-route" on 6LoWPAN border routers. In this paper, we expand on Seitz et al.'s proposal in two ways. First, we revise Seitz et al.'s software architecture so that 6LoWPAN border routers can not only check the authenticity and freshness of CoAP messages, but can also perform a wide range of further checks. Second, we propose a couple of such further checks, which, as compared to Seitz et al.'s original checks, more reliably protect IoT devices that run CoAP servers from remote denial-of-sleep attacks, as well as from remote exploits. We prototyped our solution and successfully tested its compatibility with Contiki-NG's CoAP implementation. Y1 - 2019 SN - 978-1-5386-4980-0 SN - 978-1-5386-4981-7 U6 - https://doi.org/10.1109/WF-IoT.2019.8767262 SP - 201 EP - 206 PB - Institute of Electrical and Electronics Engineers CY - New York ER - TY - GEN A1 - Trapp, Matthias A1 - Döllner, Jürgen Roland Friedrich T1 - Real-time Screen-space Geometry Draping for 3D Digital Terrain Models T2 - 2019 23rd International Conference Information Visualisation (IV) N2 - A fundamental task in 3D geovisualization and GIS applications is the visualization of vector data that can represent features such as transportation networks or land use coverage. Mapping or draping vector data represented by geometric primitives (e.g., polylines or polygons) to 3D digital elevation or 3D digital terrain models is a challenging task. We present an interactive GPU-based approach that performs geometry-based draping of vector data on per-frame basis using an image-based representation of a 3D digital elevation or terrain model only. KW - Geometry Draping KW - Geovisualization KW - GPU-based Real-time Rendering Y1 - 2019 SN - 978-1-7281-2838-2 SN - 978-1-7281-2839-9 U6 - https://doi.org/10.1109/IV.2019.00054 SN - 2375-0138 SN - 1550-6037 SP - 281 EP - 286 PB - Inst. of Electr. and Electronics Engineers CY - Los Alamitos ER -