Institut für Informatik und Computational Science
Refine
Year of publication
- 2020 (22) (remove)
Document Type
- Article (22) (remove)
Is part of the Bibliography
- yes (22)
Keywords
- Answer Set Programming (2)
- E-Learning (2)
- Fault tolerance (2)
- IT-Infrastruktur (2)
- answer set programming (2)
- Android hybrid apps (1)
- Conformant Planning (1)
- DMR (1)
- DNA hairpin formation (1)
- Digitale Medien (1)
Many Android applications embed webpages via WebView components and execute JavaScript code within Android. Hybrid applications leverage dedicated APIs to load a resource and render it in a WebView. Furthermore, Android objects can be shared with the JavaScript world. However, bridging the interfaces of the Android and JavaScript world might also incur severe security threats: Potentially untrusted webpages and their JavaScript might interfere with the Android environment and its access to native features.
No general analysis is currently available to assess the implications of such hybrid apps bridging the two worlds. To understand the semantics and effects of hybrid apps, we perform a large-scale study on the usage of the hybridization APIs in the wild. We analyze and categorize the parameters to hybridization APIs for 7,500 randomly selected and the 196 most popular applications from the Google Playstore as well as 1000 malware samples. Our results advance the general understanding of hybrid applications, as well as implications for potential program analyses, and the current security situation: We discovered thousands of flows of sensitive data from Android to JavaScript, the vast majority of which could flow to potentially untrustworthy code. Our analysis identified numerous web pages embedding vulnerabilities, which we exemplarily exploited. Additionally, we discovered a multitude of applications in which potentially untrusted JavaScript code may interfere with (trusted) Android objects, both in benign and malign applications.
E-Assessment etablieren
(2020)
Elektronische Lernstandserhebungen, sogenannte E-Assessments, bieten für Lehrende und Studierende viele Vorteile z. B. hinsichtlich schneller Rückmeldungen oder kompetenzorientierter Fragenformate, und ermöglichen es, unabhängig von Ort und Zeit Prüfungen zu absolvieren. In diesem Beitrag werden die Einführung von summativen Lernstandserhebungen, sogenannter E-Klausuren, am Beispiel der Universität Potsdam, der Aufbau einer länderübergreifenden Initiative für E-Assessment sowie technische Möglichkeiten für dezentrale elektronische Klausuren vorgestellt. Dabei werden der aktuelle Stand, die Ziele und die gewählte stufenweise Umsetzungsstrategie der Universität Potsdam skizziert. Darauf aufbauend folgt eine Beschreibung des Vorgehens, der Kooperationsmöglichkeiten für den Wissens- und Erfahrungsaustausch sowie Herausforderungen der E-Assessment- Initiative. Abschließend werden verschiedene E-Klausurformen und technische Möglichkeiten zur Umsetzung komplexer Prüfungsumgebungen klassifiziert sowie mit ihren charakteristischen Vor- und Nachteilen diskutiert und eine integrierte Lösung vorgeschlagen.
The notion of coherence relations is quite widely accepted in general, but concrete proposals differ considerably on the questions of how they should be motivated, which relations are to be assumed, and how they should be defined. This paper takes a "bottom-up" perspective by assessing the contribution made by linguistic signals (connectives), using insights from the relevant literature as well as verification by practical text annotation. We work primarily with the German language here and focus on the realm of contrast. Thus, we suggest a new inventory of contrastive connective functions and discuss their relationship to contrastive coherence relations that have been proposed in earlier work.
Arousal is one of the dimensions of core affect and frequently used to describe experienced or observed emotional states. While arousal ratings of facial expressions are collected in many studies it is not well understood how arousal is displayed in or interpreted from facial expressions. In the context of socioemotional disorders such as Autism Spectrum Disorder, this poses the question of a differential use of facial information for arousal perception. In this study, we demonstrate how automated face-tracking tools can be used to extract predictors of arousal judgments. We find moderate to strong correlations among all measures of static information on one hand and all measures of dynamic information on the other. Based on these results, we tested two measures, average distance to the neutral face and average facial movement speed, within and between neurotypical individuals (N = 401) and individuals with autism (N = 19). Distance to the neutral face was predictive of arousal in both groups. Lower mean arousal ratings were found for the autistic group, but no difference in correlation of the measures and arousal ratings could be found between groups. Results were replicated in an high autistic traits group. The findings suggest a qualitatively similar perception of arousal for individuals with and without autism. No correlations between valence ratings and any of the measures could be found, emphasizing the specificity of our tested measures. Distance and speed predictors share variability and thus speed should not be discarded as a predictor of arousal ratings.
MUP
(2020)
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
User Experience (UX) describes the holistic experience of a user before, during, and after interaction with a platform, product, or service. UX adds value and attraction to their sole functionality and is therefore highly relevant for firms. The increased interest in UX has produced a vast amount of scholarly research since 1983. The research field is, therefore, complex and scattered. Conducting a bibliometric analysis, we aim at structuring the field quantitatively and rather abstractly. We employed citation analyses, co-citation analyses, and content analyses to evaluate productivity and impact of extant research. We suggest that future research should focus more on business and management related topics.
Das größte der fächerübergreifenden Projekte im Potsdamer Projekt Qualitätspakt Lehre hatte die flächendeckende Etablierung von digitalen Medien als einen integralen Bestandteil von Lehre und Studium zum Gegenstand. Im Teilprojekt E-Learning in Studienbereichen (eLiS) wurden dafür Maßnahmen in den Feldern Organisations-, technische und Inhaltsentwicklung zusammengeführt. Der vorliegende Beitrag präsentiert auf Basis von Ausgangslage und Zielsetzungen die Ergebnisse rund um die Digitalisierung von Lehre und Studium an der Universität Potsdam. Exemplarisch werden fünf Dienste näher vorgestellt, die inzwischen größtenteils in den Regelbetrieb der Hochschule übergegangen sind: die Videoplattform Media.UP, die mobile App Reflect.UP, die persönliche Lernumgebung Campus. UP, das Self-Service-Portal Cook.UP und das Anzeigesystem Freiraum.UP. Dabei wird jeweils ein technischer Blick „unter die Haube“ verbunden mit einer Erläuterung der Nutzungsmöglichkeiten, denen eine aktuelle Einschätzung von Lehrenden und Studierenden der Hochschule gegenübergestellt wird. Der Beitrag schließt mit einer Einbettung der vorgestellten Entwicklungen in einen größeren Kontext und einem Ausblick auf die weiterhin anstehenden Aufgaben.
Die Setzung strategischer Ziele sowie die Zuordnung und Umsetzung dazugehörender Maßnahmen sind ein wesentliches Element, um die Innovationsfähigkeit von Organisationen zu erhalten. In den vergangenen Jahren ist auch an Hochschulen die Strategiebildung deutlich vorangetrieben worden. Dies betrifft verschiedene Handlungsfelder, und es werden verschiedene Ansätze verfolgt. Der vorliegende Beitrag greift am Beispiel der Universität Potsdam drei in den vergangenen Jahren adressierte Strategiebereiche heraus: IT, E-Learning und Forschungsdaten. Die damit verbundenen Prozesse waren in unterschiedlichem Maß von Partizipation geprägt. Die gesammelten Erfahrungen werden reflektiert, und es werden Empfehlungen für Strategieentwicklungsprozesse abgeleitet.
A triple modular redundancy (TMR) based design technique for double cell upsets (DCUs) mitigation is investigated in this paper. This technique adds three extra self-voter circuits into a traditional TMR structure to enable the enhanced error correction capability. Fault-injection simulations show that the soft error rate (SER) of the proposed technique is lower than 3% of that of TMR. The implementation of this proposed technique is compatible with the automatic digital design flow, and its applicability and performance are evaluated on an FIFO circuit.
In this paper, an asynchronous design for soft error detection and correction in combinational and sequential circuits is presented. The proposed architecture is called Asynchronous Full Error Detection and Correction (AFEDC). A custom design flow with integrated commercial EDA tools generates the AFEDC using the asynchronous bundled-data design style. The AFEDC relies on an Error Detection Circuit (EDC) for protecting the combinational logic and fault-tolerant latches for protecting the sequential logic. The EDC can be implemented using different detection methods. For this work, two boundary variants are considered, the Full Duplication with Comparison (FDC) and the Partial Duplication with Parity Prediction (PDPP). The AFEDC architecture can handle single events and timing faults of arbitrarily long duration as well as the synchronous FEDC, but additionally can address known metastability issues of the FEDC and other similar synchronous architectures and provide a more practical solution for handling the error recovery process. Two case studies are developed, a carry look-ahead adder and a pipelined non-restoring array divider. Results show that the AFEDC provides equivalent fault coverage when compared to the FEDC while reducing area, ranging from 9.6% to 17.6%, and increasing energy efficiency, which can be up to 6.5%.