Hinweis: Alle Seminarthemen sind belegt.
Ausgewählte Themen in Verteilten Systemen - ATVS
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Leonard Bradatsch, Alexander Heß, Echo Meißner, Nataša Trkulja, Juri Dispan, Artur Hermann, Externe |
Termine: | Einführungsveranstaltung Begleitveranstaltungen für Seminare Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Themen können in deutscher oder englischer Sprache bearbeitet werden, je nach Betreuungsperson und Seminartyp. |
Themen
Fault-Tolerance in Cloud Computing Environments – English only Cloud computing has emerged as a cost-effective solution for acquiring scalable computing resources. Alexander Heß |
The QUIC Transport Protocol – English only QUIC is a recently released UDP-based transport protocol, which promises to improve performance of connection-oriented web-applications that currently rely on TCP. Alexander Heß |
Egalitarian consensus protocols – English only Classic multi-consensus protocols are used to deliver client request in a deterministic order to replicas of a replicated state machine. Typically a leader acts as a sequencer and proposes the order of requests. However, the protocol is robust to tolerate a faulty leader and elect a new one without compromising the delivery order. Egalitarian multi-consensus protocols allow multiple leaders at the same time and do not provide a total order but a partial one so that independent requests could be executed in different order or even concurrently in replicas. The student is supposed to present one of the egalitarian algorithms with a focus on the dependency tracking and its correctness so that the partial order is achieved in every replica under all circumstances. Franz J. Hauck |
Deterministic STM – English only Software-transactional memory, is a concept to run transaction-like concurrent executions, but preserve atomicity and isolation as a subset of the well-known ACID properties. For the application in the fault-tolerance domain, deterministic execution is a necessity. For STM there are some approaches available to achieve deterministic behaviour, i.e. each execution with the same input creates the same output and state. The task of this topic is to investigate different approaches (there are only a few), collect and understand them in order to present their functionality. |
Misbehavior Detection in VANETs – English only Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other and with infrastructure. In this way, vehicles can send messages, e.g., that there is a traffic jam ahead, which increases safety and efficiency. For the correct and safe operation of applications, it is important that the information sent by other vehicles is trustworthy or can be verified. In this seminar you will describe several approaches to detect misbehavior of vehicles in VANETs. |
Intrusion Detection Systems in In-Vehicular Networks – English only Modern vehicles are managed by netwrked controllers, which present an attack surface for various types of cyberattacks. In the worst case, these attacks can disable safety-critical functions and cause accidents. To detect and protect against attacks on the in-vehicle network, an Intrusion Detection System can be implemented. In this seminar, you will explore several approaches to IDS and how they are integrated into in-vehicle networks. Artur Hermann |
Comparative Analysis of CV2X and DSRC – English only This seminar paper aims to delve into the key differences between two prominent vehicular communication technologies, namely CV2X (Cellular Vehicle-to-Everything) and DSRC (Dedicated Short-Range Communication). As the automotive industry embraces the era of connected vehicles, it is crucial to understand the unique characteristics, functionalities, and potential applications of these technologies. By examining the fundamental dissimilarities between CV2X and DSRC, this paper intends to shed light on their respective advantages, limitations, and implications for the future of intelligent transportation systems. |
Trusted Execution Environments – English only The concept of trusted execution environments (TEEs) has gained significant attention in the field of computer security. TEEs provide a secure and isolated environment within a computer system, offering protection for sensitive data and enabling the execution of trusted code. This seminar paper explores the fundamental aspects, key technologies, applications, and challenges associated with trusted execution environments. |
Smartphone Theft Protection – English only The goal of this work is to detail modern smartphone theft protection mechanisms. These mechanisms should be compared. Furthermore, it should be analyzed if an attacker bypass these protections. |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. |
Object Storages – English only Object storage is a key component in modern cloud infrastructure, providing scalable and flexible data storage services. This seminar aims to introduce this storage solution, it's characteristics, advantages and disadvantages, billing methods, common use cases and usage patterns. It should also provide an overview of common object storage solutions, including commercial offerings such as AWS S3, as well as alternative open source implementations such as MinIO. Finally, the seminar should provide a perspective on object storage security, including common pitfalls illustrated by real-world incidents. |
Explanation Methods for Image Classifier Decisions – English only Deep Neural Networks are revolutionizing various industries, with image classification being one of the most prominent applications. Despite their impressive performance, these models often operate as "black boxes". This information gap makes it difficult to understand how they reach specific decisions. This seminar aims to demystify the inner workings of image classifiers by exploring various explanation methods. |
Reasons for Natural Adversarial Examples – English only In the rapidly evolving field of machine learning, the phenomenon of adversarial examples poses significant challenges. These are inputs designed to deceive models into making incorrect predictions. Surprisingly, adversarial examples can also arise naturally in real-world data without any intentional manipulation. This seminar will delve into the reasons behind the emergence of these natural adversarial examples. Understanding these reasons is crucial for developing robust AI systems. |
Privacy Guidelines for VR Use in Education – English only Virtual Reality (VR) technologies are increasingly being integrated into educational settings, offering immersive learning experiences that significantly enhance student engagement and understanding. However, the use of VR in education raises critical privacy concerns that must be addressed to protect students' sensitive information. This seminar will explore the unique challenges posed by VR technology in safeguarding student privacy. We will identify various educational applications of VR, examine the types of data collected by VR devices—including biometric and spatial information—and discuss potential risks related to user identification and data misuse. The goal is to find a set of privacy guidelines tailored for educational VR use, covering aspects such as transparency, user controls, data security, and responsible biometric data handling. Initial reading list:
Mostafa Yehia |
Privacy-Preserving Learning Analytics: Challenges and Techniques – English only Learning analytics (LA) refers to the process of collecting, analysing, and interpreting data from educational activities. It involves using this data to understand and optimize learning and the environments in which it occurs. Privacy-preserving learning analytics (PPLA) is a field aimed at balancing the benefits of LA with the protection of individuals' privacy in educational settings. Initial reading list:
|
Post-Quantum-Cryptography – English only Since the build of small quantum computers (QC) in combination with an quantum-algorithm which can solve the discrete logarithm problem very fast, the need for new algorithms, which cannot be broken by QC, but are still feasible with our current CPUs. Your task is to take a dive into the topic, but you can choose the focus, e.g. an overview of current algorithms, a detailed explanation how one algorithm works |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Benjamin Erb, Echo Meißner, Leonard Bradatsch, Alexander Heß, Mostafa Yehia, Juri Dispan, Artur Hermann, Externe |
Termine: | Einführungsveranstaltung Begleitveranstaltungen für Seminare Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Themen können in deutscher oder englischer Sprache bearbeitet werden, je nach Betreuungsperson und Seminartyp. |
Themen
Fault-Tolerance in Cloud Computing Environments – English only Cloud computing has emerged as a cost-effective solution for acquiring scalable computing resources. Alexander Heß |
Post-Quantum Cryptography – English only The security of most of today's asymmetric cryptographic schemes is based on the assumption that the discrete logarithmic problem is hard to compute. Alexander Heß |
Data Consistency in Distributed Systems – English only Consistency models allow to reason about the state of a distributed system, where data is stored and processed across multiple nodes. Alexander Heß |
Request-level deterministic multithreading: How to solve the problem? – English only For state-machine replication, a fault-tolerance approach, a deterministic execution of client requests is mandatory. This can be easily achieved by sticking to strict sequential execution. As this is not very efficient under high load, some research was done how to achieve deterministic multithreading (DMT), i.e. allowing concurrent client requests to be processed in concurrent threads, but still achieving determinism. Request-level DMT is one category of approaches. The student is expected to look at some of the many approaches and also give own thoughts about how the problem could be solved. Franz J. Hauck |
Egalitarian consensus protocols – English only Classic multi-consensus protocols are used to deliver client request in a deterministic order to replicas of a replicated state machine. Typically a leader acts as a sequencer and proposes the order of requests. However, the protocol is robust to tolerate a faulty leader and elect a new one without compromising the delivery order. Egalitarian multi-consensus protocols allow multiple leaders at the same time and do not provide a total order but a partial one so that independent requests could be executed in different order or even concurrently in replicas. The student is supposed to present one of the egalitarian algorithms with a focus on the dependency tracking and its correctness so that the partial order is achieved in every replica under all circumstances. Franz J. Hauck |
Gamification vs. Privacy: Identifying and Analysing the Major Concerns – English only Education gamification refers to the use of game design elements and mechanics in educational contexts to enhance learning experiences and outcomes. It involves incorporating elements like points, levels, badges, challenges, and leaderboards into educational activities to make them more engaging, interactive, and motivating for students. It often involves digital platforms or applications that gather information about students' interactions, performance, and progress within the gamified environment. This data may include personal information, such as student names, ages, and learning preferences, as well as behavioural data related to their gameplay. The handling of such sensitive data raises concerns about privacy, data security, and potential misuse or unauthorized access.
Mostafa Yehia |
Privacy Preservation in eLearning: Exploration and Analysis – English only eLearning, short for electronic learning, refers to the process of using technologies to deliver educational content and facilitate learning outside of traditional classroom settings. It encompasses a wide range of activities and resources, including online courses, virtual classrooms, educational websites, multimedia presentations, and interactive simulations. Privacy concerns in eLearning stems from the extensive collection and storage of learner data, and extends to the sharing of this data with third parties, risks to anonymity and identification, limited consent and control over data usage, potential profiling and targeting practices, and the need for legal and regulatory compliance.
Mostafa Yehia |
Privacy-Preserving Learning Analytics: Challenges and Techniques – English only Learning analytics (LA) refers to the process of collecting, analysing, and interpreting data from educational activities. It involves using this data to understand and optimize learning and the environments in which it occurs. Privacy-preserving learning analytics (PPLA) is a field aimed at balancing the benefits of LA with the protection of individuals' privacy in educational settings.
Mostafa Yehia |
Smartphone Theft Protection – English only Goal of this work is to detail modern smartphone theft protection mechanisms. These should be compared. Can attacker bypass these protections? Leonard Bradatsch |
Google Dorking – English only Goal of this work is to give an overview of useful Google dorks. Additionally, up-to-date examples of actually working Google dorks should be given (picked from GHDB). During the presentation, a live demonstration should be given. Leonard Bradatsch |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
Vehicle Platooning – English only Vehicle Platooning is one of the most promising applications that can be realized with Vehicular ad hoc networks (VANETs). It is a method for driving in a group of vehicles with a small distance between the them. This offers many benefits such as increasing road capacity and reducing fuel consumption. Despite the benefits, Vehicle Platooning also has limitations and challenges. In this seminar, you will analyze vehicle platooning by describing its limitations and challenges. Furthermore, approaches to overcome these limitations and challenges are explained. Artur Hermann |
Misbehavior Detection in VANETs – English only Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other and with infrastructure. In this way, vehicles can send messages, e.g., that there is a traffic jam ahead, which increases safety and efficiency. For the correct and safe operation of applications, it is important that the information sent by other vehicles is trustworthy or can be verified. In this seminar you will describe several approaches to detect misbehavior of vehicles in VANETs. Artur Hermann |
Security mechanisms in in-vehicle networks – English only Modern vehicles contain many ECUs that are responsible for various functions of the vehicle. These ECUs are interconnected through in-vehicle networks, such as CAN-bus. Important components of the vehicle, such as brakes or airbags, are controlled via the ECUs. Therefore, ensuring the integrity of in-vehicle communication and ECUs is crucial for safety. In this seminar, you will provide an overview of threat in in-vehicle networks and ECUs. In addition, protection mechanisms for these threats will be described. Artur Hermann |
Current Trends in Automatic Log Parsing – English only Logs contain rich information about the internal state of applications and are thus regularly used for anomaly detection. Juri Dispan |
WebAssembly – English only Web Assembly (WASM) is an emerging technology in web development that provides high-performance execution of code in web browsers. WASM allows developers to compile code from many languages, such as C/C++ and Rust, into a portable binary code format that can run efficiently alongside JavaScript in web browsers. In this seminar, you will explore the fundamental concepts behind WASM, including its design principles, execution model, and integration with existing Web technologies. In addition, this topic should explore the practical applications of WASM in various domains, such as gaming, multimedia, and computational tasks traditionally reserved for native applications. Finally, this seminar should analyze the ecosystem surrounding WASM, including the tools, libraries, and frameworks available to developers for building and optimizing WASM modules. Echo Meißner |
Algorithms and Data Structures for Streaming Data – English only In modern distributed systems, the management of streaming data has gained widespread prominence, especially in the context of delivering near-realtime capabilities. This seminar delves into the intricate realm of algorithms and data structures that are necessary for the efficient and scalable handling and processing of such data streams. Benjamin Erb |
Fooling GPT: Prompt-based adversarial attacks against and defenses for large language models – English only Becoming the core of the business logic of applications, large language models (LLMs) like GPT also start to attract the attention of malicious actors. Even without access to the model's internals, prompt-based adversarial attacks also called prompt injection attacks pose a threat to the reliability of such systems. This seminar topic shall collect examples for prompt injection attacks, investigate how these attacks succeed to fool a LLM and describe a selection of options to defend against these attacks. Stephan Kleber (Mercedes-Benz Tech Innovation) |
Sorted by Topics
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Leonard Bradatsch, Alexander Heß, Echo Meißner, Nataša Trkulja, Juri Dispan, Artur Hermann, Externe |
Termine: | Einführungsveranstaltung Begleitveranstaltungen für Seminare Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Themen können in deutscher oder englischer Sprache bearbeitet werden, je nach Betreuungsperson und Seminartyp. |
Hinweis: Alle Seminarthemen sind belegt.
Themen
The FLP Impossibility in Practice – English only The FLP impossibility theorem has been named after its contributing authors Fischer, Lynch, and Paterson. It states that it is impossible to deterministically reach consensus in an asynchronous system in case there is a single faulty node. Although this theorem has been proposed and proven multiple decades ago, a variety of consensus protocols were introduced in the meantime that seem to solve the problem in practical applications like distributed data stores. The task of this seminar is to provide a comprehensible introduction to the FLP impossibility theorem, and discuss its implications in practice. Alexander Heß |
ChatGPT - uses and limitations – English only This seminar paper's goal is to examine ChatGPT, a language model developed by OpenAI which utilizes the GPT-3.5 architecture to generate human-like responses in conversational contexts. Aside from explaining the inner workings of ChatGPT, the paper ought to present its wide range of applications, as well as its inherent limitations. By analyzing its uses and limitations, we can gain a deeper understanding of the potential and challenges associated with this advanced AI technology. Natasa Trkulja |
Comparative Analysis of CV2X and DSR – English only This seminar paper aims to delve into the key differences between two prominent vehicular communication technologies, namely CV2X (Cellular Vehicle-to-Everything) and DSRC (Dedicated Short-Range Communication). As the automotive industry embraces the era of connected vehicles, it is crucial to understand the unique characteristics, functionalities, and potential applications of these technologies. By examining the fundamental dissimilarities between CV2X and DSRC, this paper intends to shed light on their respective advantages, limitations, and implications for the future of intelligent transportation systems. Natasa Trkulja |
Trusted Execution Environments – English only The concept of trusted execution environments (TEEs) has gained significant attention in the field of computer security. TEEs provide a secure and isolated environment within a computer system, offering protection for sensitive data and enabling the execution of trusted code. This seminar paper explores the fundamental aspects, key technologies, applications, and challenges associated with trusted execution environments. Natasa Trkulja |
Public Key Authentication vs Password Authentication – English only For this topic, the goal is to comprehensively analyze password authentication and public key authentication.The outcome of the work should be a profound statement about the procs and cons of each authentication method. Leonard Bradatsch |
State of Cloud (End-to-End) Encryption – English only Goal of this seminar is to analyze which cloud provider provide which encryption methods. Which cloud provider actually does support end-to-end encryption for the user data? A profound answer to this question should be exactly the outcome of this seminar work. Leonard Bradatsch |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
Vehicle Platooning – English only Vehicle Platooning is one of the most promising applications that can be realized with Vehicular ad hoc networks (VANETs). It is a method for driving in a group of vehicles with a small distance between the them. This offers many benefits such as increasing road capacity and reducing fuel consumption. Despite the benefits, Vehicle Platooning also has limitations and challenges. In this seminar, you will analyze vehicle platooning by describing its limitations and challenges. Furthermore, approaches to overcome these limitations and challenges are explained. Artur Hermann |
Misbehavior Detection in VANETs – English only Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other and with infrastructure. In this way, vehicles can send messages, e.g., that there is a traffic jam ahead, which increases safety and efficiency. For the correct and safe operation of applications, it is important that the information sent by other vehicles is trustworthy or can be verified. In this seminar you will describe several approaches to detect misbehavior of vehicles in VANETs. Artur Hermann |
Security mechanisms in in-vehicle networks – English only Modern vehicles contain many ECUs that are responsible for various functions of the vehicle. These ECUs are interconnected through in-vehicle networks, such as CAN-bus. Important components of the vehicle, such as brakes or airbags, are controlled via the ECUs. Therefore, ensuring the integrity of in-vehicle communication and ECUs is crucial for safety. In this seminar, you will provide an overview of threat in in-vehicle networks and ECUs. In addition, protection mechanisms for these threats will be described. Artur Hermann |
Automatic Log Parsing – English only Logs contain rich information about the internal state of applications and are thus regularly used for anomaly detection. However, logs need to be brought into a structured format before they can be processed. While this can be done by manually writing Regexes, automatic approaches for this task are preferable. This seminar topic's aim is to give an overview on common approaches for automatic log parsing and to compare their respective strenghts and weaknesses. Juri Dispan |
Self-Destructing Data – English only The internet never forgets – or does it? The concept of self-destructing data was made popular by services like Snapchat and Instagram and promises to give back control of personal data to users. However, users have to trust these services to actually delete data once expired. Fortunately, there are other, decentralised methods for realising self-destructing data which do not depend on a trusted third party. The goal of this topic is to investigate these approaches and discuss their strengths as well as their limitations. Juri Dispan |
Secure Multiparty Computation – English only Secure Multiparty Computation (MPC) allows parties to perform computations on private data without ever knowing these data. It plays an important role in solving security and privacy issues and has been deployed in numerous real-world settings. The goal of this seminar topic is to investigate MPC, describe one protocol for realising it and critically reflect on theoretical and practical aspects. Juri Dispan |
Hardware Security Modules – English only A hardware security module (HSM) is a physical computing system that safeguards and administers digital keys, performs digital signatures, encryption and decryption functions, authentication, and other cryptographic functions. Traditionally such modules come in the form of a plug-in card, an external unit that is directly connected to a computer or network server, an extra chip close to the CPU, or even build into a processor, but also cloud based HSM exists. Your task is explain a HSM in detail, how it is used, how it protects the keys from tampering, why it performs so well, etc... Michael Wolf (Mercedes-Benz Tech Innovation) |
Mitigating evasion attacks on machine learning models for image recognition – English only Evasion attacks aim to mislead a machine learning model, often such ones used for image recognition, to prevent an object from being detected or classified. This seminar topic shall collect existing mitigations for evasion attacks against image recognition models. A selection of at least three conceptually different mitigations shall be compared with each other with focus on the effect the mitigations may have to protect cyber-physical systems against the threat that evasion attacks may pose. Stephan Kleber (Mercedes-Benz Tech Innovation) |
Sorted by Topics
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Leonard Bradatsch, Alexander Heß, Echo Meißner, Migena Ymeraj, Nataša Trkulja, Artur Hermman, Externe |
Termine: | Einführungsveranstaltung Begleitveranstaltungen für Seminare Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
Multi-factor Authentication and WebAuthn – English only Multi-factor authentication is a part of modern authentication architectures where a user has to present more than one type of evidence to authenticate themselves. In recent years, this has also become commonplace for web applications, and in the case of online banking, has even been mandated by law. Using multiple authentication factors can significantly improve security, as weak or stolen passwords are the most common way user accounts are compromised. Common implementations of additional factors include generated one-time passwords via mobile apps (e.g., Google Authenticator), biometric data (e.g., smartphone fingerprint sensors), and hardware tokens (e.g., YubiKey). Recently the world wide web consortium standardized the WebAuthn standard to provide a standardized authentication interface within web applications. This seminar should explore the authentication design space and explore the authentication paths that the Web Authentication standard provides. Echo Meißner |
Zero-knowledge Proofs – English only In cryptography zero-knowledge proofs are protocols for two parties where on party can proof a statement to a verifying party without revealing additional information to the verifier except that the statement is true. This cryptographic building block is used within a variety of applications and other cryptographic protocols, such as authentication, distributed ledgers, and online voting. This topic should introduce zero-knowledge proofs and provide an overview of different types of zero-knowledge proofs as well as how proofs for different statements can be constructed. Echo Meißner |
Secure In-Vehicle Communication – English only Modern vehicles contain many ECUs that are responsible for various functionalities of the vehicle. These ECUs are interconnected with each other through bus communication systems. Such in-vehicle networks have access to crucial components of the vehicle, such as breaks or airbags. Assuring the integrity and authenticity of in-vehicle communication is therefore critical to safety. In this seminar, an overview of in-vehicle communication systems will be provided. In addition, possible attacks on in-vehicle networks and possible countermeasures / security mechanisms will be described. Artur Hermann |
Opportunities and challenges of vehicular edge computing – English only Many vehicular applications, such as autonomous driving, will require a lot of computing and storage capacities in the future. In addition, these applications will have stringent performance requirements in terms of response time and network bandwidth. One way to meet these requirements is vehicle edge computing, which places computing and storage capacity at the edge of the network. This offers many opportunities. On the other hand, it also results in many challenges. In this seminar, these opportunities and challenges of vehicular edge computing will be identified and possible solutions will be described. Artur Hermann |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
Perimeter Security and why it is no longer sufficient – English only Perimeter security is still the dominant network security architecture in 2022. In this paper, the basic principle of perimeter security will be presented. Above all, however, the weak points are to be pointed out. Leonard Bradatsch |
Automotive Cybersecurity – English only The goal of this seminar paper is to conduct a survey of the latest cybersecurity attacks in the automotive domain while explaining the functionality of each attack and its effectiveness. In addition, the paper should explore any defense mechanisms implemented to protect against these attacks. Natasa Trkulja |
The Edge of Artificial Intelligence – English only This seminar paper is meant to explore the limits that the field of artificial intelligence had reached in terms of computer vision (seeing), speech recognition (hearing), chat and voicebots (speaking), and machine learning (analyzing and predicting). How close/far are the capabilities of artificial intelligence to those of humans? Natasa Trkulja |
Trust in Computing – English only The goal of this seminar paper is to first investigate how trust is defined in computing systems and what some of the properties of this trust are. Secondly, the paper should explore different mechanisms of establishing trust in such systems. Finally, the paper should analyze and compare various mathematical methods for assessing levels of trust between any two computing devices. Natasa Trkulja |
(Topic still available, contact B. Erb if interested) Privacy-preserving Machine Learning in healthcare domain – English only Hospitals, other public institutions or companies are using medical information to perform computations and use the results for their own analysis. However, the data being collected or shared, might be sensitive and leak critical information about the data source. Therefore, Privacy-Preserving Machine Learning (PPML) plays an essential role, enabling machine learning process without compromising the private data. The goal of this seminar is to give an overview of PPML approaches applied in the healthcare domain, while explaining their role in protecting health data. Migena Ymeraj |
(Topic still available, contact B. Erb if interested) Federated Learning – English only Federated Learning (FL) is a privacy-preserving machine learning technique, enabling parties to train their own model, using their own data on the device. An important aspect of FL is that this data never leaves the device. Your task in this seminar is to investigate the role of FL in supporting privacy-sensitive applications, while analyzing its advantages and core challenges. Migena Ymeraj |
Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. The goal of this seminar is to discover the importance of Distributed Machine Learning, while comparing it with traditional Machine Learning environments and investigating its challenges. Migena Ymeraj |
Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. The aim of this seminar is to investigate MPC with respect to both theoretical and practical aspects. Migena Ymeraj |
Hacking the Switch Console – English only The first version of the Switch had a structural flaw which made it possible to hack the device and gain root control withouth Nintendo being able to patch it via a software update. The only solution was a change in the hardware. In this seminar you describe the attack in detail, how it was fixed and give a statement if this kind of attack is possible in other (older) consoles. Additionally you describe the area of hacking consoles in general. Michael Wolf (Mercedes-Benz Tech Innovation) |
Feasibility of real-world evasion attacks against machine learning for image recognition – English only This seminar topic shall compare existing machine learning evasion attacks on image recognition models to estimate their feasibility under the assumption of a limited attacker. Thus, the most recent attacks that propose to work with a physical patch or object–forged to manipulate the recognition outcome without direct access to the software or hardware (e. g., digital camera image)–should be identified from literature. A selection of three of these attacks should be compared with each other with focus on the qualitative discussion how likely the attack may be a threat to a deployed cyber physical system. Stephan Kleber (Mercedes-Benz Tech Innovation) |
Consensus in Distributed Data Stores – English only Distributed data stores are able to provide fault tolerance by distributing the stored data over multiple nodes. Hereby, it is important to ensure consistency among those nodes if write-operations are performed. These operations have to be propagated and ordered on all nodes, which is typically achieved with the use of a consensus protocol. The task of this seminar is to provide insights into the internal consensus mechanisms of different distributed data stores such as etcd, Zookeeper or LogDevice. Alexander Heß |
(Topic still available, contact B. Erb if interested) The FLP Impossibility in Practice – English only The FLP theorem has been named after its contributing authors Fischer, Lynch, and Paterson. It states that it is impossible to deterministically reach consensus in an asynchronous system in case there is a single faulty node. This theorem has been proposed and proven multiple decades ago and yet, a large number of different consensus protocols were introduced in the meantime that seem to solve the problem in practice. The task of this seminar is to provide a comprehensible introduction to the impossibility theorem, and discuss its implications in practice. Alexander Heß |
TPMs in Cloud Computing – English only A Trusted Platform Module is a cryptographic coprocessor that provides secure key storage and a variety of cryptographic functionality. Although these modules have already been embedded in a variety of laptops and desktop computers over the last decade, their presence remained quite unnoticed up until the introduction of Windows 11. However, TPMs are in extensive use in the cloud computing domain for quite a while now. The task of this seminar is to provide an overview of the TPM functionality set and its use in state-of-the-art cloud computing infrastructure. Alexander Heß |
Request-level deterministic execution: an overview – English only For fault-tolerant services, e.g. replicated state machines, a deterministic execution is required. Sequential execution combined with the same input in all replicas is a simple but inefficient way to do so. Request-level approaches need knowledge about conflicting and non-conflicting requests, and execute conflicting requests sequentially whereas non-conflicting concurrently. The seminar student is supposed to give an overview over the various existing request-level approaches and their pros and cons. Franz J. Hauck |
Github Copilot and others: AI techniques for automatic code generation – English only AI models are already used to support software development by generating code snippets from paraphrased task descriptions. The seminar student is supposed to investigate current and practically available approaches, focus on the most interesting tools, and introduce their capabilities based on examples. The investigation part is also expected to include personal and practical trials of the tools. The seminar report could also contain own conclusions from experiences with the tools. The scope of the seminar work is also to show current limits and to compare features. Franz J. Hauck |
Sorted by Topics
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Leonard Bradatsch, Gerhard Habiger, Alexander Heß, Echo Meißner, Migena Ymeraj, Nataša Trkulja, Externe |
Termine: | Einführungsveranstaltung Wissenschaftliches Arbeiten LaTeX-Einführung Präsentationstechniken Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
IPFS and Dat – English only The world wide web and the internet are designed as decentralized and heterogeneous networks and play an important role in our every day. However, data is often only stored at a single point or a website is only served by one web server. Once the data is deleted or a server goes offline it might be unavailable for everyone else. The InterPlanetary File System (IPFS) and the Dat project are two similar ideas to address this type of centralization using a content-addressable distributed file system. This seminar should introduce and explain IPFS and Dat, discuss use cases, and explore real world applications of these technologies. Echo Meißner |
Zero-knowledge Proofs – English only In cryptography zero-knowledge proofs are protocols for two parties where on party can proof a statement to a verifying party without revealing additional information to the verifier except that the statement is true. This cryptographic building block is used within a variety of applications and other cryptographic protocols, such as authentication, distributed ledgers, and online voting. This topic should introduce zero-knowledge proofs and provide an overview of different types of zero-knowledge proofs as well as how proofs for different statements can be constructed. Echo Meißner |
Security and privacy problems of electric vehicle charging systems – English only Due to the limited range of electric vehicles, they rely on electric vehicle charging stations to travel further distances. During the charging process of an electric vehicle, many components communicate with each other. This can lead to security and privacy problems if this communication is not properly secured. In this seminar, some security and privacy problems will be identified. In the next step, possible countermeasures to these problems will be determined. Artur Hermann |
Attacks in vehicular ad hoc networks – English only Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other, but also with other components. This allows various applications to be realized that increase the safety and efficiency of vehicles. However, without protection mechanisms, attacks are possible, which can lead to safety and privacy problems. In this seminar, some well known attacks in VANETS and possible countermeasures will be identified and analyzed. Artur Hermann |
Opportunities and challenges of vehicular edge computing – English only Many vehicular applications, such as autonomous driving, will require a lot of computing and storage capacities in the future. In addition, these applications will have stringent performance requirements in terms of response time and network bandwidth. One way to meet these requirements is vehicle edge computing, which places computing and storage capacity at the edge of the network. This offers many opportunities. On the other hand, it also results in many challenges. In this seminar, these opportunities and challenges of vehicular edge computing will be identified and possible solutions will be described. Artur Hermann |
The Edge of Artificial Intelligence – English only This seminar paper is meant to explore the limits that the field of artificial intelligence had reached in terms of computer vision (seeing), speech recognition (hearing), chat and voicebots (speaking), and machine learning (analyzing and predicting). How close/far are the capabilities of artificial intelligence to those of humans? Natasa Trkulja |
Trading in Our Privacy – English only The goal of this seminar paper is to investigate the types of data that is being collected through our usage of various electronic devices (smart phones, desktops, laptops, wearables, smart home devices, etc.), as well as its use. Moreover, this paper should also aim to research the technologies that are being implemented to protect our privacy and analyze their effectiveness. Natasa Trkulja |
Automotive Cybersecurity – English only The goal of this seminar paper is to conduct a survey of the latest cybersecurity attacks in the automotive domain while explaining the functionality of each attack and its effectiveness. In addition, the paper should explore any defense mechanisms implemented to protect against these attacks. Natasa Trkulja |
Perimeter Security and why it is no longer sufficient – English only Perimeter security is still the dominant network security architecture in 2022. In this paper, the basic principle of perimeter security will be presented. Above all, however, the weak points are to be pointed out. Leonard Bradatsch |
Attacks on WPA3 – English only The purpose of this seminar paper is to evaluate which weaknesses WPA3 has. It will also show what went wrong (once again) during the development of the standard. Leonard Bradatsch |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
Federated Learning – English only Federated Learning (FL) is a privacy-preserving machine learning technique, enabling parties to train their own model, using their own data on the device. An important aspect of FL is that this data never leaves the device. Your task in this seminar is to investigate the role of FL in supporting privacy-sensitive applications, while analyzing its advantages and core challenges. Migena Ymeraj |
Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. The goal of this seminar is to discover the importance of Distributed Machine Learning, while comparing it with traditional Machine Learning environments and investigating its challenges. Migena Ymeraj |
Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. The aim of this seminar is to investigate MPC with respect to both theoretical and practical aspects. Migena Ymeraj |
CRDTs in the Wild – English only Conflict-free replicated data types are a concept to ensure consistency among replicated nodes even when update operations are performed concurrently. Up until now, there are two established architectures for CRDTs, accompanied by a multitude of different implementations. CRDT's achieve strong eventual consistency, which means that all replicated nodes will have the same state after they've received the same set of updates. Since this is a useful consistency model for certain applications, they are already used in various production systems. The goal of this seminar is to provide an overview of the internal mechanisms of CRDTs, and how their used in real-world applications. Alexander Heß |
Checkpoint Strategies for State-Machine Replication – English only State-machine Replication is a well-established technique for building fault-tolerant services. With this approach, multiple replicated servers are operated that process the same sequence of requests. In a production system, replicas periodically create a checkpoint by writing their internal state to disk. This is required to rapidly recover from a crash and to garbage-collect the request log. In general, however, this requires to halt the replica's execution in order to ensure a consistent checkpoint. This in turn affects the performance of the overall system, if executed by all replica's at the same point in time. Recently, more efficient approaches have been proposed that produce comparable checkpoints, but have less of an impact on the system's performance. The task of this seminar is to elaborate the challenges of efficient checkpoint generation, and to provide an overview of different approaches that address those challenges. Alexander Heß |
Persistent Memory for State-Machine Replication – English only State-machine Replication is a well-established technique for building fault-tolerant services. With this approach, multiple replicated servers are operated that process the same sequence of requests. In case one of these replicas suffers from a power outage, it may loose state updates that have not yet been written to disk. After a reboot, such a replica has to recover by querying other replicas for the missing data. Persistent memory modules provide a non-volatile alternative to DRAM modules. Their integration would allow to circumvent this extra step, since the replica's state can be recovered locally. However, these modules come with a performance penalty compared to DRAM modules. As a consequence, simply replacing DRAM with persistent memory modules, would drastically reduce the system's performance. In recent years, different strategies have been proposed to mitigate this performance penalty, while still achieving efficient recovery. The task of this seminar is to outline the challenges of integrating persistent memory in SMR-based system. Alexander Heß |
Linearizability in Concurrent Systems – English only Linearizability is a strong consistency model for concurrent systems, which requires concurrent operations on shared objects to appear instantaneously. This can be achieved by defining a linearization point for operations where all modifications have to take place atomically, and which is placed somewhere between the operation's invocation and its response. Ensuring this property facilitates to reason about the internal's of a concurrent system. The goal of this seminar is to elaborate the core concepts of Linearizability and support those with illustrative examples. Franz J. Hauck |
Software Transactional Memory – English only Software transactional memory (STM) is an abstraction mechanism that allows to make a series of modifications in memory appear as a single atomic operation. There are different design philosophies that tend to build on either pessimistic or optimistic transactional processing. While some STM implementations rely on locks, others make use of atomic instructions when accessing memory locations. Nonetheless, practical approaches have to manage multiple versions of the data that is kept in memory, and have to perform some form of dependency tracking to avoid data inconsistencies. The task of this seminar is to provide an introduction to STM, and an overview of different approaches proposed in literature. Franz J. Hauck |
Feasibility of real-world evasion attacks against machine learning for image recognition – English only This seminar topic shall compare existing machine learning evasion attacks on image recognition models to estimate their feasibility under the assumption of a limited attacker. Thus, the most recent attacks that propose to work with a physical patch or object–forged to manipulate the recognition outcome without direct access to the software or hardware (e. g., digital camera image)–should be identified from literature. A selection of three of these attacks should be compared with each other with focus on the qualitative discussion how likely the attack may be a threat to a deployed cyber physical system. Stephan Kleber (Mercedes-Benz Tech Innovation) |
Sorted by Topics
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuungspersonen: | Leonard Bradatsch, Gerhard Habiger, Alexander Heß, Echo Meißner, Migena Ymeraj, Nataša Trkulja, Externe |
Termine: | Einführungsveranstaltung Wissenschaftliches Arbeiten LaTeX-Einführung Präsentationstechniken Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
AlphaFold and RoseTTa - Democratizing Microbiology through Software – English only Proteins are one of the central building blocks of biological life on earth. They perform an unimaginably large collection of tasks within our bodies every nanosecond of our existence, while we breathe and think and write seminar papers for our curriculum. The basic structure and genesis of proteins seems very simple: Proteins are created by simpy linking together molecules from a set of 20 available building blocks (called amino acids), to form long chains of these building blocks. Governed by fundamental molecular forces acting between the links of the chains, they then fold up into complicated shapes to yield a working Protein and fulfil their designated function. Since the discovery of the mechanisms behind the creation of proteins, the prediction of the resulting shape of a protein when only given the input sequence of its building blocks, i.e., how a protein folds up after being created, has been one of the longest standing and hardest problems of computational biology. |
Authentication in Web Applications – English only Modern web application development encompasses a variety of approaches to implement authentication and session handling, ranging from traditional password-based authentication and cookie-based session handling to multi-factor authentication and complex authentication protocols, such as OAuth, OpenID, and SAML. Depending on the requirements of the application some approaches are better suited than others. This seminar should explore the authentication design space and compare stateful and stateless session handling approaches. |
Containerization Technologies – English only Kubernetes, Docker Swarm, Openshift, Portainer, Apache Mesos and others are in everyones mind. They've been made to revolutionize how to separate several applications and software stacks from each other. But did you ever had a look at the underlying technologies? In this survey the student is asked to examine, compare and summarize the main differences between many (at least five) different OS-level virtualization technologies currently existing in modern desktop and server environments. As a first task, the student needs to introduce the main ideas behind the concepts of such user space instances and its differences to other approaches like hardware-based virtualization. Maybe, also an historical overview can be given as a guide for the reader. In a second step the student has to examine the differences of the proposed technologies and summarize them according to their dis-/advantages. Finally, the student has to conclude which technology might be the best for which use cases, e.g. working in privacy-aware, secure or speed-optimized environments. Thomas Bläsing |
Cybersecurity vulnerabilities and attacks on C-V2X networks – English only Cellular Vehicle-to-Everything (C-V2X) networks have emerged as an alternative to Dedicated Short Range Communications (DSRC), a 802.11p-based vehicular network. C-V2X networks can operate in the so-called Mode 3, that relies on the cellular base-station to manage the allocation of frequencies for each vehicle to transmit on, as well as Mode 4, that enables the vehicles to allocate transmission frequencies on their own. This seminar aims to identify potential security vulnerabilities in C-V2X networks operating in both Mode 3 and Mode 4 and, subsequently, classify the types of attacks that could be launched on these vehicular networks. |
Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. The goal of this seminar is to discover the importance of Distributed Machine Learning, while comparing it with traditional Machine Learning environments and investigating its challenges. |
Egalitarian Consensus – English only The majority of consensus protocols require an elected leader for the coordination of the replicas, and the interaction with the clients. However, Egalitarian consensus protocols omit an explicit leader in order to provide better load-balancing throughout all replicas. While such approaches are able to achieve significantly lower latencies, given that certain preconditions are met, they also introduce further challenges in their implementation. |
Failure Recovery from Persistent Memory in SMR – English only Persistent memory modules provide a non-volatile alternative to DRAM modules. These modules are also accessible through the system's memory bus, however the stored data survives a power outage. While they come with a performance penalty compared to DRAM modules, their access time is still significantly faster in comparison to solid state disks. A suitable use case for such memory modules, are state-machine replicated systems that achieve fault tolerance by operating multiple replicated servers. In case one of these replicas suffers from a power outage, it may lose state updates that have not yet been written to disk. After a reboot, such a replica has to recover by querying other replicas for the missing data. The use of persistent memory modules would allow to circumvent this extra step, since the updates are still present. However, simply replacing DRAM modules with persistent memory modules would drastically reduce the system's performance. Instead, different techniques have been proposed to mitigate their performance penalty, while still achieving efficient recovery. The task of this seminar is to provide an overview and a comparison of these different strategies. |
Feasibility of real-world evasion attacks against machine learning for image recognition – English only This seminar topic shall compare existing machine learning evasion attacks on image recognition models to estimate their feasibility under the assumption of a limited attacker. Thus, the most recent attacks that propose to work with a physical patch or object–forged to manipulate the recognition outcome without direct access to the software or hardware (e. g., digital camera image)–should be identified from literature. A selection of three of these attacks should be compared with each other with focus on the qualitative discussion how likely the attack may be a threat to a deployed cyber physical system. Stephan Kleber (Daimler TSS) |
Federated Learning – English only Federated Learning (FL) is a privacy-preserving machine learning technique, enabling parties to train their own model, using their own data on the device. An important aspect of FL is that data never leaves the device. Your task in this seminar is to investigate the role of FL in supporting privacy-sensitive applications, while analyzing its advantages and core challenges. |
Machine learning methods for cybersecurity applications – English only Machine learning has been used in a variety of applications ranging from recommendation engines, medical diagnosis, financial market analysis to self-driving vehicles. The goal of this seminar is to investigate how different machine learning methods have been employed for cybersecurity applications, as well as to analyze the effectiveness of these methods in such applications. |
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. |
Feasibility of real-world evasion attacks against machine learning for image recognition – English only Block ciphers only work on inputs that are a multiple of the cipher’s block length in commonly used modes such as CBC. As data usually comes in arbitrary lengths, inputs to these algorithms need to be extended (padded) to a multiple of the block length. This seemingly simple problem lead to quite huge cryptographic problems. Depending on the scenario, it is even possible that an attacker is able to completely decrypt the ciphertext or encrypt data of their choosing. Your paper and presentation should explain the details of how a padding oracle works and how it can be used for decryption and ciphertext forgery. Moreover, you should give an overview of the problems this attack scenario caused as well as how the security community tries to avoid it nowadays. Martin Lang (BMW) |
Perimeter Security and why it is no longer sufficient – English only Perimeter security is still the dominant network security architecture in 2022. In this paper, the basic principle of perimeter security will be presented. Above all, however, the weak points are to be pointed out. |
Privacy-Preserving Machine Learning in Healthcare Domain – English only Hospitals, other public institutions or companies are using medical information to perform computations and use the results for their own analysis. However, the data being collected or shared, might be sensitive and leak critical information about the data source. Therefore, Privacy-Preserving Machine Learning (PPML) plays an essential role, enabling machine learning process without compromising the private data. The goal of this seminar is to give an overview of PPML approaches applied in the healthcare domain, while explaining their role in protecting health data. |
Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. The aim of this seminar is to investigate MPC with respect to both theoretical and practical aspects. |
Security Vulnerabilities in Video Games – English only The video game industry is booming, fueled by the Covid crysis, but also driven by eSports where tournaments are held with a price money of up to 45 million dollars. In order to take a good share of this cake, video games are released in faster cycles. As with other software applications, less development times, means more flaws. Latest releases of big publishers showed games with a huge number of bugs, where most of them affect stability or the user experience. But some do also affect the security of the gamers' computer. In this seminar you should gather security vulnerabilities introduced by the gaming industry (including their clients), analyze and categorize them. Michael Wolf |
Smart Contract Security – English only Distributed ledgers such as Ethereum allow digital ownership of funds and their programmatical transfer via so-called smart contracts. The novel architecture of these distributed state machines poses new security challenges. As smart contracts deal with financial values, each security issue potentially has a financial impact. This seminar should highlight the unique security challenges of smart contracts such as re-entrancy issues, the impossibility of storing private data on-chain, or the dependence on randomness oracles that can be manipulated. Henning Kopp (Code White) |
Software-transactional Memory – English only Software-transactional memory, or STM for short, is a concept to change content within main memory with a single atomic action. This can be used to implement atomic operations, or even transactions as known from database management systems. To implement classic transactions multiple versions of data may be kept in memory, and some tracking of dependencies is necessary to finally avoid inconsistent transactional semantics. Some implementation avoid any form of locking, but rely on atomic memory-access instructions like swapping one or two to memory words. Others add locking to avoid retries. For this topic, the student shall introduce the idea of STM and consider some of the techniques how to use and/or implement it. The approach could be more theory oriented or more implementation oriented, e.g. by also considering implementations for Java. |
The Raft Consensus Algorithm and its Applications – English only Raft is a Crash-Fault Tolerant consensus algorithm, which was developed with the motivation of providing a more comprehensible alternative to the Paxos algorithm. The Raft algorithm was proposed in 2014, and has been heavily adopted by different orchestration and database management tools by now. |
Zero-knowledge Proofs – English only In cryptography zero-knowledge proofs are protocols for two parties where on party can proof a statement to a verifying party without revealing additional information to the verifier except that the statement is true. This cryptographic building block is used within a variety of applications and other cryptographic protocols, such as authentication, distributed ledgers, and online voting. This topic should introduce zero-knowledge proofs and provide an overview of different types of zero-knowledge proofs as well as how proofs for different statements can be constructed. |
Sorted by Topics
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Leonard Bradatsch, Eugen Frasch, Gerhard Habiger, Alexander Heß, Dominik Mauksch, Echo Meißner, Michael Wolf, Migena Ymeraj, Externe |
Termine: | Einführungsveranstaltung Wissenschaftliches Arbeiten LaTeX-Einführung Präsentationstechniken Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• free (20) ✘ assigned |
---|
• Your own topic – English only You have the possibility until the beginning of the semester to come up with your own topic and find a supervisor who is willing to mentor more students. |
• Location privacy – English only Location-based services (LBSs) have become an essential part of our daily lives. In such services, users offer their (precise) locations to service providers in return of benefiting from the service. However, offering location data to service providers put users' privacy at huge risk. Often these locations are associated with points of interest (POIs) of the users. Therefore, service providers are able to infer users' private behavior by knowing these POIs with a relatively high degree of certainty. For this reason, the adoption and deployment of location privacy protection mechanisms (LPPMs) are essential to protect users' privacy. |
• Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. |
• First Packet Authentication – English only All three of the above stated techniques describe an authentication process that starts with the very first packet a client sends to an network entry node when entering a network or accesing a service. This kind of authentication can be performed without having the communication parties any messages exchanged before the authentication happened. |
• Accessibility in Modern Web Applications – English only Due to "Statistisches Bundesamt" 9.52% of germany's population had a severe disability in 2019. Many of various disabilities e.g. visual impairement influence the user interaction with web applications. Although most of the impact of a disability can be compensated with accessible tools like special input devices and client-software, such tools are heavily relying on extra information from the application itself. |
• State of the art in biological molecular dynamics simulation software – English only Parallel molecular dynamics (MD) simulations are critical to researching the interactions of hundreds of millions of atoms |
• CheapBFT: a resource-efficient replication approach – English only State-machine replication is a technique to deploy mulitple server replicas at once and let them do the same on behalf of client requests. In case of faults the service is still available. Even more, the service can tolerate arbitrarily misbehaving replicas (up to a certain number) by forming a quorum of votes. This needs typically 3f+1 replicas if we want to tolerate up to f faulty replicas. CheapBFT is another approach that needs less resources and still provides fault tolerance against arbitrarily misbehaviour, so called Byzantine failures. This seminar work is supposed to characterise CheapBFT in comparison to traditional approaches against Byzantine faults by state-machine replication. There is only a single scientific paper describing CheapBFT. However, the candidate student is requested to introduce state-machine replication by having a look at papers about fundamental aspects and related traditional approaches. |
• BFT Consensus Protocols: An Overview – English only Byzantine fault tolerant (BFT) consensus protocols enable a set of distributed nodes to agree on a series of values, even if a minority of the nodes is faulty or malicious. |
• Attacks on Automotive Systems – English only Over the last 12 years, a large number of security attacks on automotive systems were discovered and published. |
• Secure over-the-air updates for vehicles – English only Modern vehicles have become complex software products that need to be maintained for several decades in order to ensure their safe operation on the road. Typically, software is updated much more frequently than a car is taken to the shop for maintainance and therefore other ways to deploy software updates need to be considered. Over-the-air updates allow quick and cheap deployment of new or updated software to a large vehicle fleet, but security aspects need to be considered very carefully for obvious reasons. |
• Concepts and techniques in Library Isolation – English only Different applications are isolated in modern operating systems so that they can only exchange information via predefined interfaces, e.g. shared memory. However, libraries used in applications usually run in the application context and thus with the same privileges and address space as the main application. They therefore increase the attack surface of an application, e.g. in the case of return-oriented programming attacks. |
• Evolution of the Hypertext Transfer Protocol – English only Since HTTP was first developed at CERN in 1989 it has seen many changes. While it still serves its original purpose, HTTP also became a ubiquitous application protocol with a variety of uses that go far beyond the transportation of hypertext documents. But not only the applications of HTTP have changed drastically in the last 32 years, the protocol stack has also evolved. Nowadays more than 90% of the HTTP traffic is encrypted using TLS and while the adoption of HTTP/2 is steadily increasing, the IETF is in the process of finalizing the HTTP/3 protocol with 71% of running web browsers already supporting it. |
• Authentication in Web Applications – English only Modern web application development encompasses a variety of approaches to implement authentication and session handling, ranging from traditional password-based authentication and cookie-based session handling to multi-factor authentication and complex authentication protocols, such as OAuth, OpenID, and SAML. Depending on the requirements of the application some approaches are better suited than others. This seminar should explore the authentication design space and compare stateful and stateless session handling approaches. |
• Differential Privacy – English only Differential Privacy (DP) is a privacy enhancing technology (PET) which should help to increase the privacy of users submitting data. Very simply spoken, during the data gathering phase noise is added to the value of each user in such a way that the individual user cannot be distinguished of others, and in the evaluation phase, the noise is taken into consideration to calculate certain analytics over the whole dataset. This oversimplified example was only used to explain the basics of the idea behind this PET, which has more specifics and potential. |
• The Boring Loop - a critical analysis – English only Elon Musk opened recently the Las Vegas Convention Center Loop which was build by his company "The Boring Company". This project was created to speed up travel time in cities between specific locations, but also show that the cost of tunnel drilling can be reduced drastically. With the Loop in Vegas now finished, theses promises can be examined critically, as well as the concept of individual transport through tunnels. |
• Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. |
• Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. |
• Containerization Technologies – English only Kubernetes, Docker Swarm, Openshift, Portainer, Apache Mesos and others are in everyones mind. They've been made to revolutionize how to separate several applications and software stacks from each other. But did you ever had a look at the underlying technologies? Thomas Bläsing |
• Timing Attacks - An Overview – English only Classical cryptographic research deals with adversaries of polynomially bounded computational power. However, this attack model is not always realistic. In particular, an attacker may be able to measure the time it takes to run cryptographic algorithms. As often the running time of an algorithm depends on its input, this can be used to gather various information about the inputs to the algorithm or its internal workings. In a security context, sensitive data such as encryption keys and passwords may be recoverable by measuring the run time of programs. Examples are the run time of multiplications in the RSA algorithm, the POODLE and Lucky Thirteen Attack on TLS, as well as various forms of Cache timing attacks (PRIME+PROBE, EVICT+TIME). Henning Kopp (Schutzwerk GmbH) |
• Padding Oracles – English only Block ciphers only work on inputs that are a multiple of the cipher’s block length in commonly used modes such as CBC. As data usually comes in arbitrary lengths, inputs to these algorithms need to be extended (padded) to a multiple of the block length. This seemingly simple problem lead to quite huge cryptographic problems. Depending on the scenario, it is even possible that an attacker is able to completely decrypt the ciphertext or encrypt data of their choosing. Martin Lang (BMW Car IT) |
• Secure In-Car Communication – English only - Master only (RTDS) Modern cars contain an abundance of different ECUs controlling different aspects of the car's functionality. Along with an ever rising number of sensors and actuators, more and more control of the car is handed over to digital equipment. The rising complexity of these systems also leads to an increasingly large attack surface. Assuring the integrity and authenticity of in-car communication is therefore critical for the safety of driver, passengers, and other road users. Thomas Lukaseder (Escrypt) |
Sorted by TopicsAutomotive Cryptography Distributed Systems Network Security Privacy Software Engineering |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Leonard Bradatsch, Eugen Frasch, Alexander Heß, Dominik Mauksch, Echo Meißner, Michael Wolf, Migena Ymeraj, Externe |
Termine: | Einführungsveranstaltung Wissenschaftliches Arbeiten LaTeX-Einführung Präsentationstechniken Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester"). |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• free (20) ✘ assigned |
---|
• Your own topic – English only You have the possibility until the beginning of the semester to come up with your own topic and find a supervisor who is willing to mentor more students. |
• Differential privacy – English only Statistics about user data are used heavily for improving services, performing marketing studies, and many other purposes. The acquisition and processing of potentially sensitive information poses serious privacy threats to individuals participating in, e.g., surveys. Such information might include birthdate, gender, religion, and nationality, from which identifying an individual becomes a trivial task. Moreover, inferring more sensitive information about a specific individual becomes also possible. To solve issue, many service providers, e.g., Apple and Google, started using the so-called “Differential Privacy” to preserve their users’ privacy. |
• Location privacy – English only Location-based services (LBSs) have become an essential part of our daily lives. In such services, users offer their (precise) locations to service providers in return of benefiting from the service. However, offering location data to service providers put users' privacy at huge risk. Often these locations are associated with points of interest (POIs) of the users. Therefore, service providers are able to infer users' private behavior by knowing these POIs with a relatively high degree of certainty. For this reason, the adoption and deployment of location privacy protection mechanisms (LPPMs) are essential to protect users' privacy. |
• Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. |
• First Packet Authentication – English only All three of the above stated techniques describe an authentication process that starts with the very first packet a client sends to an network entry node when entering a network or accesing a service. This kind of authentication can be performed without having the communication parties any messages exchanged before the authentication happened. |
• Accelerating Techniques for 3D Ray Tracing – English only Although 3D ray tracing was already used in the 70s to render simple animations, it got popular due to the gaming industry the past 10 years. |
• The Elixir Programming Language – English only Elixir is a functional and concurrent programming languague for developing highly scalable and reliable applications. |
• State Machine Replication in the Libra Blockchain – English only In 2021, Facebook wants to start a cryptocurrency called Diem, former Libra. This topic is supposed to summarise the underlying blockchain operations and present details in the seminar report and presentation. Starting from a given article the student should investigate how the blockchain works. As it has a closed group of participants, a technique called state-machine replication is used. Here all participants have to agree how to build the next block of the blockchain. The agreement protocol will be one aspect of this topic. |
• Evolution of the Paxos Algorithm – English only The Paxos algorithm enables a group of nodes to agree on a single value, even if the network communication or individual nodes temporarily drop out. While the original algorithm was layed out multiple decades ago, several modified and extended versions have been proposed over the years. |
• The Hyperledger Project – English only Hyperledger is an open-source project that comprises a set of tools and frameworks for building open-source blockchains. |
• Secure over-the-air updates for vehicles – English only Modern vehicles have become complex software products that need to be maintained for several decades in order to ensure their safe operation on the road. Typically, software is updated much more frequently than a car is taken to the shop for maintainance and therefore other ways to deploy software updates need to be considered. Over-the-air updates allow quick and cheap deployment of new or updated software to a large vehicle fleet, but security aspects need to be considered very carefully for obvious reasons. |
• Securing CAN bus – English only Controller Area Network (CAN) – despite its age and bandwith limitations – is still a widely used bus standard to distribute safety-critical signals in modern vehicles. Research has shown that CAN does not have sufficient security measures to ensure basic security goals and therefore can be used by attackers to compromise the safety of a car and its passengers. |
• State of the Art of Web Application Security – English only The field of web applications is constantly and rapidly evolving, but so are attacks targeting them. For this reason the World Wide Web Consortium (W3C) assembled a working group to develop technical and policy mechanisms to improve the security for applications on the Web. In recent years, this Web Application Security Group proposed various drafts for mechanisms of which some have been refined into W3C recommendations and are now implemented in all major browsers (such as CSP and SRI). The establishment of Let's Encrypt laid the ground stone of a widespread adoption of TLS, which was further refined in TLS 1.3 and supplemented by new technologies, such as certificate transparency (CT). |
• DevOps Monitoring using Grafana and Prometheus – English only An important aspect of modern continuous delivery lifecycles is the constant monitoring of deployed applications. |
• Password Managers – English only In the current time, users have multiple accounts on different platforms. To abide security guidelines, they should have a different password for each account resulting in a many passwords to remember. Password managers help with this task by storing this sensitive information in an encrypted database, protected by a master password. However, once in a while security issues about password managers make the news. |
• Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. |
• Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. |
• Containerization Technologies – English only Kubernetes, Docker Swarm, Openshift, Portainer, Apache Mesos and others are in everyones mind. They've been made to revolutionize how to separate several applications and software stacks from each other. But did you ever had a look at the underlying technologies? Thomas Bläsing |
• State of the Art in Attacking Hash Functions – English only Hash functions such as MD5 or SHA1/2/3 are usually employed to ensure the integrity of a file by computing a fingerprint of the data. Common applications include white/blacklists, signatures, as well as data bases for forensic analysis. Henning Kopp (Schutzwerk GmbH) |
• Padding Oracles – English only Block ciphers only work on inputs that are a multiple of the cipher’s block length in commonly used modes such as CBC. As data usually comes in arbitrary lengths, inputs to these algorithms need to be extended (padded) to a multiple of the block length. This seemingly simple problem lead to quite huge cryptographic problems. Depending on the scenario, it is even possible that an attacker is able to completely decrypt the ciphertext or encrypt data of their choosing. Martin Lang (BMW Car IT) |
• Secure In-Car Communication – English only Modern cars contain an abundance of different ECUs controlling different aspects of the car's functionality. Along with an ever rising number of sensors and actuators, more and more control of the car is handed over to digital equipment. The rising complexity of these systems also leads to an increasingly large attack surface. Assuring the integrity and authenticity of in-car communication is therefore critical for the safety of driver, passengers, and other road users. Thomas Lukaseder (Escrypt) |
Sorted by TopicsBlockchain Automotive Privacy Cryptography Software Engineering Network Security |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Leonard Bradatsch, Eugen Frasch, Gerhard Habiger, Matthias Matousek, Muntazir Mehdi, Echo Meißner, David Mödinger, Michael Wolf, Migena Ymeraj, Externe |
Termine: | Dienstag, 03.11.2020, 10:00 - 12:00 Uhr, in V-O27-341: Einführungsveranstaltung Dienstag, 10.11.2020, 10:00 - 12:00 Uhr, in V-O27-341: Wissenschaftliches Arbeiten Donnerstag, 12.11.2020, 16:00 - 18:00 Uhr, in V-O27-341: LaTeX Einführung Donnerstag, 28.01.2021, 16:00 - 18:00 Uhr, in V-O27-341: Präsentationstechniken Freitag, 12.02.2021, 08:00 - 18:00 Uhr, in V-O27-341: Vortragsblocktermin (ganztägig) Diese Termine sind vorläufig. Änderungen zu der Art der Veranstaltung (Recording oder Stream), ob virtuell oder lokal sowie zu den Zeitpunkten werden in Moodle bekannt gegeben. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• free (1 + your own) ✘ assigned |
---|
• Your own topic – English only You have the possibility until the beginning of the semester to come up with your own topic and find a supervisor who is willing to mentor more students. |
✘ Pattern-Selection Methods – English only Security and Privacy engineering have gained a lot of attention recently. Many methodologies and tools have been proposed to assist practitioners coming up with secure and privacy-enhanced systems. Security and privacy patterns are considered among the backbones to introduce such systems. |
✘ Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. |
✘ First Packet Authentication / Firewall Poking / Single Packet Authentication – English only All three of the above stated techniques describe an authentication process that starts with the very first packet a client sends to an network entry node when entering a network or accesing a service. This kind of authentication can be performed without having the communication parties any messages exchanged before the authentication happened. |
✘ SimGrid – English only The increased popularity of distributed systems over the last years also increased the need for test environments to evaluate and validate distributed applications. |
✘ Real-Time in Distributed Systems – English only The term "Real-Time" is one of the most confusing terms in computer-science. However from spaceflight to medical systems real-time systems have an high impact on our daily life. |
✘ OpenWorm – English only The OpenWorm project is an international open science project, working on a complete simulation of a multicellular organism called Caenorhabditis elegans. This roughly 1mm long worm was the first animal that had its whole genome fully sequenced, and is also, as of today, the only organism of which the full 'connectome' is known, i.e., of which the full map of all connections of its 302 neurons has been mapped. A full simulation of the worm's neural network as well as creating a full model of the physical movement of the worm are among the project's goals, and have spurred the creation of dedicated physics engines aimed at simulating biological systems. |
✘ Swarm Intelligence – English only Swarm intelligence is a hot topic especially in robotics and UAV research. With multiple cooperative agents, it is possible to solve tasks that would otherwise be infeasible or very costly to achieve. |
✘ Break-glass Access Control Systems in Medical Devices – English only With health-related data being considered as very sensitive under the EU's General Data Protection Law and medical devices performing life-critical operations on the human body, we expect data and functionalities in healthcare devices to be secured in the best way possible by encryption, pseudonymization and access control among others. |
• Surveying Peripheral Sensors in Context of Mobile Crowdsensing – English only In this seminar report, the students are required to survey the current state of peripheral sensors that can be coupled with smartphones to further accurate the mobile crowdsensing applications. These peripheral sensors can be coupled with smartphones using Bluetooth technology or wifi. The students would be further required to study the current state of coupling technologies. In addition to the general perspective, the students will survey the peripheral sensors, their technology, and limitations within the context of mHealth (mobile health). Muntazir Mehdi |
✘ State of the Art of Web Application Security – English only The field of web applications is constantly and rapidly evolving, but so are attacks targeting them. For this reason the World Wide Web Consortium (W3C) assembled a working group to develop technical and policy mechanisms to improve the security for applications on the Web. In recent years, this Web Application Security Group proposed various drafts for mechanisms of which some have been refined into W3C recommendations and are now implemented in all major browsers (such as CSP and SRI). The establishment of Let's Encrypt layed the ground stone of a widespread adoption of TLS, which was further refined in TLS 1.3 and supplemented by new technologies, such as certificate transparency (CT). |
✘ Trusted Execution Environments – English only Trust management is a central aspect of computer security. For instance, an operating system uses sandboxes to protect itself and other applications from viruses and malicious software, and cryptography is used to protect data in transit and at rest. With the advent of cloud computing, even the hardware that executes a particular software is not always considered trustworthy. Trusted Execution Environments (TEEs) try to relieve of the need to fully trust the hardware, by adding a secure area to the CPU that can guarantee code/data confidentiality and integrity through cryptographic means. Hence, protecting an application from untrusted hardware, software, and even privileged attackers (i.e., the operating system). Several TEE implementations can already be used today, such as Intel SGX and ARM TrustZone. While the former proprietary implementations often expect trust in the vector, open-source alternatives that address this weak point are already in development. |
✘ Quaternions and their Application in Computer Science – English only Quaternions are the next extension of complex numbers which are complete regarding multiplication and division. They are often shown using three imaginary units: i,j and k. Quaternions are useful to describe rotations and motions in 3D space and are therefore applied in a variety of computer science fields, e.g., 3D game engines and robotics. |
✘ Time constraints of Security in CACC – English only One application of Corporate Adaptive Cruise Control (CACC) is platooning where vehicles drive very close after each other to reduce the air resistance and therefore reduce fuel consumption. This, however, comes with safety risks due to the reduced distance gap to the following vehicle and therefore reduced reaction time. If the vehicles drive 100 km/h (~30m/s), a safety distance of 50m is required by German law. When this distance is now reduced to 10m or less in CACC, only a third of a second reaction time is available. During this time, a message send from the leading vehicle, needs to be processed by both vehicles, the leading and the ego vehicle. E.g. by encrypting, signing, verifying, ... |
✘ Multi Agent Based Simulations – English only PaySim, a Mobile Money Payment Simulator simulates money transactions between users based on Multi Agent Based Simulation (MABS). It also generates data that can be used to test algorithms which should detect suspicious activities or fraud. This generated data is based on real financial data, which cannot be published for security reasons. In order to use or train the detection algorithms on real data, the synthetic information should be as similar as possible to the real one but not exactly the same. |
✘ Secure Multi-Party Computation – English only The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. |
✘ Distributed Machine Learning – English only Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. |
✘ Protocol Identification – English only Network management and security require knowledge about the communication in transit to make meaningful decisions. An example for this is a network intrusion detection system that needs to decide about benign and malicious network traffic based only on the observable protocol packets. Proprietary encapsulation, encryption, missing |
✘ Differential Cryptanalysis – English only Modern symmetric encryption algorithms such as AES use alternating permutations and substitutions in order to achieve the notions of confusion and diffusion. The substitutions - essentially a lookup table - are the only nonlinear operations. In differential cryptanalysis these substitution components, or s-boxes, are analyzed by tracking the operations of the encryption on a difference of input data. In an ideal cipher, given a fixed input difference, any possible output difference has the same probability of occurrence. However that is mathematically impossible. If the deviations from the ideal probability are too large, the encryption key can be recovered using a chosen plaintext attack. Henning Kopp (Schutzwerk GmbH) |
✘ Trusting Trust Revisited: Preventing Software Supply Chain Attacks Using Modern Methods – English only Ken Thompson's famous 1984 Turing Award Lecture on trusting your compiler is still relevant today, perhaps more than ever. XcodeGhost showed that these attacks are not just theory, and the Snowden documents tell us that not only criminals are considering these attacks. Clemens Lang (BMW Car IT) |
✘ An Introduction to Elliptic Curve Cryptography and ECDSA – English only Elliptic Curve Cryptography (ECC) has become a prominent alternative to classical asymmetric crypto systems. Due to the mathematical properties of elliptic curves, key lengths can typically be shorter at the same security level compared to, e.g., RSA. This makes ECC particularly interesting for low-power devices in IoT applications or can reduce network load. |
✘ Zero Trust Networks – English only Traditional security infrastructures rely heavily on a perimeter based security model, which creates a perimeter between an untrusted zone (usually the internet) and a trusted zone (usually the internal network). However, this security model has a few disadvantages, such as the ability to deal with insider attacks, and attackers that have breached the perimeter and have gained access to the trusted network zone. An alternative concept are zero trust networks, which treat the entire network as untrusted. Dominik Lang (ditis) |
✘ Vehicular Intrusion Detection – What can we learn from Network IDS? – English only Intrusion Detection Systems (IDS) in Networks have a long tradition and are an essential tool to detect and, in many cases, also defend against attacks. With increasingly complex intra-vehicular networks, IDS are also becoming more and more common within vehicles. However, the characteristics of these networks vary considerably and the transferability of experience is accordingly limited. Thomas Lukaseder (Escrypt) |
Sorted by TopicsAI / ML Automotive Privacy and Computer Science Cryptography Distributed Systems Network Security
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Leonard Bradatsch, Felix Engelmann, Eugen Frasch, Gerhard Habiger, Matthias Matousek, Muntazir Mehdi, Echo Meißner, David Mödinger, Michael Wolf, Externe |
Termine: | Einführungsveranstaltung (verpflichtend) Wissenschaftliches Arbeiten (verpflichtend) LaTeX-Einführung (freiwillig) Präsentationstechniken (verpflichtend) Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• free (3) ✘ assigned |
---|
• Your own topic – English only You have the possibility until the beginning of the semester to come up with your own topic and find a supervisor who is willing to mentor more students. |
✘ Location Privacy – English only Location-based services (LBSs) have become an essential part of our daily lives. In such services, users offer their (precise) locations to service providers in return of benefiting from the service. However, offering location data to service providers put users' privacy at huge risk. Often these locations are associated with points of interest (POIs) of the users. Therefore, service providers are able to infer users' private behavior by knowing these POIs with a relatively high degree of certainty. For this reason, the adoption and deployment of location privacy protection mechanisms (LPPMs) are essential to protect users' privacy. In this seminar, you will investigate and discuss the existing LPPMs as well as the privacy metrics that reflect how much privacy a user gains when applying a protection mechanism. Ala'a Al-Momani |
✘ Privacy in Ride Hailing Services – English only Online taxi services, which are also known as ride-hailing services (RHSs), are becoming more and more popular. People rely on such services on daily basis. Potentially, some of the origins or destinations of such trips may be sensitive and reveal additional information about the user of a RHS including their behavior. Thus, RHSs in their current setting pose some serious privacy risks to the users. Recently, there has been many proposals for privacy-enhanced ride hailing systems. In this seminar, you will investigate and discuss such privacy-enhanced systems while addressing the way they achieve the privacy enhanced features and the utility loss of each. Ala'a Al-Momani |
✘ Privacy Patterns Landscape – English only Privacy engineering has gained a lot of attention recently. Many methodologies and tools have been proposed to assist practitioners coming up with privacy-enhanced systems. Privacy patterns are considered one of the backbones to introduce such privacy-enhanced systems. In this seminar, you will investigate current privacy patterns and analyse them from architectural, design, and system perspective in a similar way security patterns were analyzed. |
✘ Programming Models for the Internet of Things – English only IoT, the infamous Internet of Things, provides and interesting example of a heterogenous distributed network: Many different nodes with very different capabilities and properties, act together as one application. From powerful cloud instances over edge gateways to sensors, developers desire a well integrated programming environment. There are some noteable attempts to provide a programming model for this case. The goal of this seminar is to probide an overview over common approaches or concrete programming models used in practice or proposed by academia. |
✘ State of the Art of Web Application Security – English only The field of web applications is constantly and rapidly evolving, but so are attacks targeting them. For this reason the World Wide Web Consortium (W3C) assembled a working group to develop technical and policy mechanisms to improve the security for applications on the Web. In recent years, this Web Application Security Group proposed various drafts for mechanisms of which some have been refined into W3C recommendations and are now implemented in all major browsers (such as CSP and SRI). This seminar should give an overview of and discuss these recommendations and their practical implications for current web applications. Echo Meißner |
✘ Trusted Execution Environments – English only Trust management is a central aspect of computer security. For instance, an operating system uses sandboxes to protect itself and other applications from viruses and malicious software, and cryptography is used to protect data in transit and at rest. With the advent of cloud computing, even the hardware that executes a particular software is not always considered trustworthy. Trusted Execution Environments (TEEs) try to relieve of the need to fully trust the hardware, by adding a secure area to the CPU that can guarantee code/data confidentiality and integrity through cryptographic means. Hence, protecting an application from untrusted hardware, software, and even privileged attackers (i.e., the operating system). Several TEE implementations can already be used today, such as Intel SGX and ARM TrustZone. While the former proprietary implementations often expect trust in the vector, open-source alternatives that address this weak point are already in development. |
✘ Resource Scheduling in Cloud Computing – English only With increased popularity of Cloud Computing the approach of treating multiple nodes as one big resource unit came up. This allows to run multiple different applications on one cluster at the same time. The biggest challenge is to schedule the processes of the applications without overstress the cluster or slowing down one of the applications. |
✘ Securing Smartphones – English only In this day and age, almost everyone owns a smartphone and takes it with them wherever they go. These devices contain a lot of personal data; thus, securing these devices is very important. The goal of this seminar is to give an overview of the security architectures and mechanisms implemented in modern smartphones (for example based on iOS and/or Android) and to research solutions and proposals from academic literature. Felix Engelmann |
✘ Range Proofs – English only Confidential transactions in crypto currencies require range proofs to detect integer overflows. Any output amount of a transaction has to be a positive integer. As storage is valuable on block-chains, the goal is to reduce the size as much as possible. Recent advances in bulletproofs reduce the size significantly. |
✘ An Introduction to Reinforcement Learning – English only Reinforcement Learning (RL) encompasses a broad field of machine learning techniques aimed at enabling machines to tackle complex problems like video games, robotics or financial systems. |
✘ Analysis of Modern Network Testing Approaches – English only Every (new) network protocol (e.g., TCP or NetFlow) and device (e.g., switches or routers) needs to be tested. The main task of this seminar is to outline different modern testing approaches. In what way do researches test network protocols and devices. In what network environment is the protocol/device tested? What traffic is used? How often are test runs repeated? |
✘ Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
✘ Recent Advances in Game AI – English only The goal of this seminar is to survey recent advances in game AI research. A lot of interesting progress and discoveries have been made in the last years of machine learning and artificial intelligence research in the context of games. Matthias Matousek |
✘ Cryptographic Accumulators – English only Cryptographic Accumulators are comparable to cryptographic hashes; but instead of creating a digest of a single element, multiple values can be accumulated into a single digest. Afterwards it is possible to prove if individual elements are contained in the digest or not. This basic construct can be used to build very interesting applications, from secure signatures to electronic cash systems. The goal of this seminar is to present the idea behind cryptographic accumulators and how they can be applied to such applications. Matthias Matousek |
✘ Messenger Security – English only Messenger apps are among the most common communication forms. Almost every person with a smartphone uses one or more messengers. As messages often contain very private information, the security and privacy of such messenger services is crucial for users. |
• Time constraints of Security in CACC – English only One application of Corporate Adaptive Cruise Control (CACC) is platooning where vehicles drive very close after each other to reduce the air resistance and therefore reduce fuel consumption. This, however, comes with safety risks due to the reduced distance gap to the following vehicle and therefore reduced reaction time. If the vehicles drive 100 km/h (~30m/s), a safety distance of 50m is required by German law. When this distance is now reduced to 10m or less in CACC, only a third of a second reaction time is available. During this time, a message send from the leading vehicle, needs to be processed by both vehicles, the leading and the ego vehicle. E.g. by encrypting, signing, verifying, ... |
✘ Internet of Things: A Security Perspective – English only IoT devices have been in the new for both, the huge incease in numbers and spread in different areas, but also for having weak security and being abused by botnets. During the development phase of IoT articles, the security perspective specifically for this domain is missing in many cases. For example, these items have lower hardware requirements than regular computers, which limits the use of hard encrpytion algorithms. |
✘ Mobile Sensing and Smartphone Apps for Hearing Healthcare – English only Mobile Sensing often focuses on the aspects of sensor data collection and analysis applied particularly for the purposes of education, diagnosis, treatment, or monitoring. Muntazir Mehdi |
• Surveying Peripheral Sensors in Context of Mobile Crowdsensing – English only In this seminar report, the students are required to survey the current state of peripheral sensors that can be coupled with smartphones to further accurate the mobile crowdsensing applications. These peripheral sensors can be coupled with smartphones using Bluetooth technology or wifi. The students would be further required to study the current state of coupling technologies. In addition to the general perspective, the students will survey the peripheral sensors, their technology, and limitations within the context of mHealth (mobile health). Muntazir Mehdi |
✘ The Signal Messaging Protocol – English only WhatsApp, Wire, Facebook Messenger and Signal (among others) implement end-to-end encryption using the Signal Messaging Protocol. This protocol implements several uncommon and desirable security properties, such as "future secrecy", "post-compromise security", or "message repudiation". These features are enabled by the underlying key exchange and message exchange algorithms Extended Triple Diffie-Hellman (X3DH) and the Double Ratchet Algorithm. Various security research groups (Cohn-Gordon et al. in 2019, Frosch et al. in 2016, Kobeissi et al. in 2017) have analyzed the Signal Messaging Protocol and have given the protocol design positive reviews. Clemens Lang (BMW Car IT) |
✘ The state of post-quantum RSA – English only The publication of Shor’s quantum computer integer factorization algorithm in 1994 is often understood as the beginning of the end of RSA. More than 25 years later, quantum computers are still far away from executing Shor’s algorithm on real world problems. Nevertheless, the recent advances in quantum computer technology indicate that there is a real threat the probably still most-widely used public-key cryptography algorithm out there. But not only quantum computers advanced but also the research on cryptography. More recent research on RSA shows that its parameters can be tuned in a way that quantum attacks are infeasible while the regular RSA operations on are still feasible on classical computers (albeit costly). |
✘ Timing Attacks - An Overview – English only Classical cryptographic research deals with adversaries having polynomially bounded computational power. However, this attack model is not always realistic. In particular, an attacker may be able to measure the time it takes to run cryptographic algorithms. As often the running time of an algorithm depends on its input, this can be used to gather various information about the inputs to the algorithm or its internal workings. In a security context, sensitive data such as encryption keys and passwords may be recoverable by measuring the run time of programs. Examples the multiplications in the RSA algorithm, the POODLE and Lucky Thirteen Attack on TLS, as well as various forms of Cache timing attacks (PRIME+PROBE, EVICT+TIME). In this seminar, the student should give an overview of timing attacks, thereby explaining at least one example in depth. Further, some mitigations against timing attacks should be discussed. Henning Kopp (Schutzwerk GmbH) |
✘ Security Assessment of the Open Charge Point Protocol – English only The Open Charge Point Protocol (OCPP) specifies the communication between charge points for electric vehicles and the energy provider. It authenticates the user to authorize the payment of the consumed energy for charging the vehicle. The protocol specification contains a number of security relevant design decisions, that are disputable. Thus, this seminar paper should highlight possible security issues in the design and discuss them. Moreover, a survey of existing works that address OCPP security should accompany the discussion. Finally, possible improvements should be proposed. |
Sorted by TopicsAutomotive Cryptography Distributed Systems/ IoT/ Web Mobile Health and Security Network Security AI / ML Privacy
|
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: Selected Topics in Distributed Systems |
Typ: Seminar, Modul |
Kürzel / Nr. / Modulnr.: ATVS / CS5900.113 / 72041 |
SWS / LP: 2S / 4LP |
Dozent: Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer:
|
Termine:
|
Lernplattform:
|
Themenvergabe:
|
Sprache:
|
Themen
• free ✘ assigned No free topic left! (Except your own) |
---|
• Your own topic – English only You have the possibility until the beginning of the semester to come up with your own topic and find a supervisor who is willing to mentor more students. |
✘ Analysis of Modern Network Testing Approaches – English only Every (new) network protocol (e.g., TCP or NetFlow) and device (e.g., switches or routers) needs to be tested. The main task of this seminar is to outline different modern testing approaches. In what way do researches test network protocols and devices. In what network environment is the protocol/device tested? What traffic is used? How often are test runs repeated? |
✘ Attacks on Machine Learning – English only In recent years we have seen an enormous increase in the use of Machine Learning -- especially Deep Learning. While the achievements with machine learning are certainly phenomenal, there are also issues that come with it. One issue is the susceptibility of machine learning against malicious attacks. |
✘ Attacks on Platoons – English only Platooning is an application of Cooperative Intelligent Transport Systems (C-ITS). These consist of vehicles exchanging messages over VANETs in order to coordinate their actions. This dependability on the messages broadcasted wirelessly makes the vehicles susceptible to certain attacks. |
✘ Attribute-Based Credentials – English only Attribute-Based Credentials (ABCs), or Anonymous Credentials, are a way to prove the possession of attributes to another party without disclosing one's identity. This seemingly simple achievement can be utilized for a huge number of privacy-preserving applications, such as privacy-preserving age checks or anonymous payments. |
✘ Browser Privacy – English only The Browser is the entry for many people to the internet. Therefore it should protect the user not only against attacks, but also the privacy of the users. Though there are some standards, and many browser are using the Blink Enginge, each browser handles the privacy of their users differently. |
✘ Buffer overflows are dead - long live the buffer overflow – English only With the widespread introduction of the non-executable bit feature at the beginning of this century, classical buffer overflow exploits that override the stack directly with executable code were eliminated. For a while, it seemed as if this huge class common to programs written in system programming languages such as C or C++ are eliminated. However, it did not take long until Return-to-libc or more generally Return-Oriented-Programming appeared and buffer overflow exploits were back in business as the exutable code is not located on the stack anymore. In recent years, there were multiple ideas how these kinds of attacks can be mitigated as well with an acceptable performance overhead. Most prominently, there is the idea of Control Flow Integrity (CFI) and shadow stacks. |
✘ Contemporary Design of a CSPRNG Using the Example of Fortuna – English only Cryptographically secure pseudo-random number generators (CSPRNGs) are used for generating random keys in cryptosystems such as encryption or signature algorithms. Consequently, they are a vital part of every cryptosystem, as the overall security greatly depends on the entropy of the keys. A modern CSPRNG such as Fortuna has various interesting properties beyond its output being uniformly random distributed. As an example, it is possible to recover from an attack where the full internal state of the CSPRNG is leaked. Henning Kopp (Schutzwerk GmbH) |
✘ Data Entanglement – English only In Coding and Data Reliability, e.g., censorship resistance, research applies a concept called data entanglement. For this technique parts of a file are combined with parts of another file to reconstruct a lost file or to make fully removing a file from a system expensive. |
✘ Differential Privacy – English only Statistics about user data are used heavily for improving services, performing marketing studies, and many other purposes. The acquisition and processing of potentially sensitive information poses serious privacy threats to individuals participating in, e.g., surveys. Such information might include birthdate, gender, religion, and nationality, from which identifying an individual becomes a trivial task. Moreover, inferring more sensitive information about a specific individual becomes also possible. To solve issue, many service providers, e.g., Apple and Google, started using the so-called “Differential Privacy” to preserve their users’ privacy. |
✘ Mobile Sensing and Smartphone Apps for Hearing Healthcare – English only Mobile Sensing often focuses on the aspects of sensor data collection and analysis applied particularly for the purposes of education, diagnosis, treatment, or monitoring. Muntazir Mehdi |
✘ Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
✘ OAuth and OpenID (Connect) – English only Along with the modern web and it's services come a lot of passwords and accounts. OAuth, OpenID and OpenID Connect are some of the single sign-on frameworks and protocols that strive to make authentication and authorization manageable in a secure way. Dominik Lang (ditis) |
✘ Overview of IoT Frameworks and Platforms – English only The Internet of Things (IoT) hype is in full force, cheap sensors are abundantly available, and big companies as well as private consumers can build up their smart device networks with ease. |
✘ QuisQuis – English only QuisQuis is a new design for anonymous cryptocurrencies, based on updateable public keys. The problem of current anonymous blockchain systems, is the inability to prune old outputs, as they are all needed to verify future transactions. QuisQuis achieves the anonymity by re-randomising public keys, so that all inputs can be considered spent. The protocol employs multiple new techniques. |
✘ Range Proofs – English only Confidential transactions in crypto currencies require range proofs to detect integer overflows. Any output amount of a transaction has to be a positive integer. As storage is valuable on block-chains, the goal is to reduce the size as much as possible. Recent advances in bulletproofs reduce the size significantly. |
✘ Resource Scheduling in Cloud Computing – English only With increased popularity of Cloud Computing the approach of treating multiple nodes as one big resource unit came up. This allows to run multiple different applications on one cluster at the same time. The biggest challenge is to schedule the processes of the applications without overstress the cluster or slowing down one of the applications. |
✘ Secure Multiparty Computation – English only Secure multiparty computation (MPC) enables several parties, each with a private input, to compute a joint function without exposing their input to each other. This attracts many application scenarios, e.g. training a machine learning model on private input from several companies/hospitals, where privacy is crucial. Within the last decade, the development of MPC has been on the practical side and many efficient implementations have been proposed. |
✘ Smart Home Security – English only Home automation has been a common theme of science fiction for a long time but has recently become reality. Newly constructed homes often come with pre-installed smart home features based on proprietary hardware/software and the same can be retrofitted to older buildings. Additionally, a huge community of DIY enthusiasts develops open source and open hardware alternatives. However, security is often not the main priority of these products or can be difficult to implement correctly, due to hardware and power constraints. Numerous examples, such as smart door and garage locks, show that this is becoming a serious issue. |
✘ Surveying Peripheral Sensors in Context of Mobile Crowdsensing – English only In this seminar report, the students are required to survey the current state of peripheral sensors that can be coupled with smartphones to further accurate the mobile crowdsensing applications. These peripheral sensors can be coupled with smartphones using Bluetooth technology or wifi. The students would be further required to study the current state of coupling technologies. In addition to the general perspective, the students will survey the peripheral sensors, their technology, and limitations within the context of mHealth (mobile health). Muntazir Mehdi |
✘ Time constraints of Security in CACC – English only One application of Corporate Adaptive Cruise Control (CACC) is platooning where vehicles drive very close after each other to reduce the air resistance and therefore reduce fuel consumption. This, however, comes with safety risks due to the reduced distance gap to the following vehicle and therefore reduced reaction time. If the vehicles drive 100 km/h (~30m/s), a safety distance of 50m is required by German law. When this distance is now reduced to 10m or less in CACC, only a third of a second reaction time is available. During this time, a message send from the leading vehicle, needs to be processed by both vehicles, the leading and the ego vehicle. E.g. by encrypting, signing, verifying, ... |
✘ Trusted Execution Environments – English only Trust management is a central aspect of computer security. For instance, an operating system uses sandboxes to protect itself and other applications from viruses and malicious software, and cryptography is used to protect data in transit and at rest. With the advent of cloud computing, even the hardware that executes a particular software is not always considered trustworthy. Trusted Execution Environments (TEEs) try to relieve of the need to fully trust the hardware, by adding a secure area to the CPU that can guarantee code/data confidentiality and integrity through cryptographic means. Hence, protecting an application from untrusted hardware, software, and even privileged attackers (i.e., the operating system). Several TEE implementations can already be used today, such as Intel SGX and ARM TrustZone. While the former proprietary implementations often expect trust in the vector, open-source alternatives that address this weak point are already in development. |
✘ What did we learn in almost 20 years of TLS? – English only In 2018, the latest version of TLS - TLS 1.3 - was finally finished and published. The discussions and decisions that were made during the development phase are interesting to follow. In an attempt to design the most secure version of TLS that is nowadays possible, the IETF working group decided to deprecate and remove quite some parts of older TLS releases that have a rather troubling history. As part of this work, we want to follow the development of TLS 1.3 and try to learn from it for the design of cryptographic (network) protocols in general. Clemens Lang (BMW Car IT) |
Sorted by TopicsAutomotive |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: Selected Topics in Distributed Systems |
Typ: Seminar, Modul |
Kürzel / Nr. / Modulnr.: ATVS / CS5900.113 / 72041 |
SWS / LP: 2S / 4LP |
Dozent: Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: |
Termine:
|
Lernplattform:
|
Themenvergabe:
|
Sprache:
|
Hinweis: Alle Seminarthemen sind belegt.
Themen
• frei ✘ belegt
Artificial Intelligence |
✘ StarCraft AI Research – English only Real-Time Multiplayer Games are regarded as one of the final frontiers for game AIs. While chess and recently also Go can nowadays be reliably won by machines, in computer games - such as MOBAs, or the strategy games StarCraft and StarCraft II - the top human players are still considered better at the game than AIs. However, researches are working on changing this. In 2017, DeepMind partnered with the game producer Blizzard, to provide a StarCraft II API that allows the testing of AIs. This seminar should review and present the most relevant AI research around the games of StarCraft and StarCraft II. Matthias Matousek |
✘ Generative Adversarial Networks (GANs) – English only AI nowadays is getting better at identifying things with high accuracy allowing, e.g., the dream of autonomous driving to become a reality. However, this high accuracy needs, generally speaking, a huge set of training data. Instead of having a real-world dataset, which might be costly to have in many cases, a recent approach proposed to use a generated synthetic data instead. This is done through the so-called “Generative Adversarial Networks (GANs)”. The goal is then to create ultra-realistic e.g. images or sounds to train the network on. This, in fact, requires giving the machine a sense of imagination. In this seminar, you will investigate the latest trends in the field of GANs while reporting recent results found in literature. Moreover, you will address what challenges face GANs including security ones. Ala'a Al-Momani |
Distributed Systems |
✘ Resource Scheduling in Cloud Computing – English only With increased popularity of Cloud Computing the approach of treating multiple nodes as one big resource unit came up. This allows to run multiple different applications on one cluster at the same time. The biggest challenge is to schedule the processes of the applications without overstress the cluster or slowing down one of the applications. The goal of this seminar is to look at the different scheduling approaches and their use caces in cloud computing. |
✘ Serverless Computing – English only Serverless computing it the next level of abstraction in cloud computing, with the goal that customers do not have to worry about operational concerns and can completely focus on their code. In contrast to the pre-purchased payment model of Infrastructure as a Service (IaaS) and Plattform as a Service (PaaS), serverless computing features a pay-per-use model, where a customer is only charged for the resources that were actually used. Despite what the name suggests, there are still servers involved which are managed by the cloud provider, allowing the provider to dynamically allocate resources based on the customer's demands. The primary task of this seminar is an introduction of the overall topic and a comprehensive survey of existing open- and closed-source solutions of serverless computing. Echo Meißner |
✘ Modern Peer-to-Peer Topology Trends – English only Peer-to-peer networks are used for many applications, e.g., sharing of larger data items, data dissemination in crypto currencies and many more. Many advances have been made for structured and unstructured networks on how to build and maintain the network. The goal of this seminar is to look at several modern networks and examine their topology, routing principles and methods to maintain the topology. |
Cryptography |
✘ Range Proofs – English only Confidential transactions in crypto currencies require range proofs to detect integer overflows. Any output amount of a transaction has to be a positive integer. As storage is valuable on block-chains, the goal is to reduce the size as much as possible. Recent advances in bulletproofs reduce the size significantly. The paper should compare the different existing methods and point out how the improvements are achieved. Felix Engelmann |
✘ Ring Signatures – English only Common signatures require one private key and the corresponding public key and provide authenticity for the signed data. Ring signatures allow to disguise the real signer in a set of public keys. The verifier can only check that the signer was in possession of at least one corresponding private key, but not which one. In comparison to group signatures, the key advantage is that ring signatures can be created without the interaction of the decoy participants. The paper should give an overview of the different constructions of ring signature schemes and an in-depth explanation of one of them. Felix Engelmann |
Security Algorithms |
✘ Secure Multiparty Computation – English only Secure multiparty computation (MPC) enables several parties, each with a private input, to compute a joint function without exposing their input to each other. This attracts many application scenarios, e.g. training a machine learning model on private input from several companies/hospitals, where privacy is crucial. Within the last decade, the development of MPC has been on the practical side and many efficient implementations have been proposed. In this seminar, you will investigate those practical implementations of secure MPC while addressing the features of each including the suggested functionality, and check whether there is any real-world usage of each. Then, selected implemetations are to have in-depth comparison among each other. Ala'a Al-Momani |
✘ Risk Evaluation Methodologies – English only
The Common Vulnerability Scoring System is a well-known methodology for determining how critical a vulnerability is. Your task is to find and compare other methodologies/ systems/ methods for assessing how much risk a security bug will have. Michael Wolf |
✘ IDS Algorithms – English only The Aho–Corasick is a well-known algorithm used in Intrusion Detection Systems for finding strings in a stream of characters. This can be used for example in a firewall to search for certain words in the packages and if a match is found, raise an alert. Your task is to look at existing IDS solutions, find out what algorithms they use and compare them to Aho-Corasick in terms of speed and memory consumption. You don’t need to go into details about each algorithm and understand every aspect of it, but enough how they will perform. If you find to many algorithms, just take 5 and compare them. |
Network Security |
✘ The Dark Side of Network Data Analysis: Censorship Infrastructure Around the World – English only From the Big Firewall of China to The Supreme Council of Virtual Space in Iran, authoritarian regimes around the world try to limit personal freedom to suppress possible opposition or – so they say – protect their citizens from outside influence or "moral decline". The goal of this seminar is to analyse censorship infrastructure around the world on a technical level and to discuss the societal impact thereof. Thomas Lukaseder |
✘ Analysis of Modern Network Testing Approaches – English only Every (new) network protocol (e.g., TCP or NetFlow) and device (e.g., switches or routers) needs to be tested. The main task of this seminar is to outline different modern testing approaches. In what way do researches test network protocols and devices. In what network environment is the protocol/device tested? What traffic is used? How often are test runs repeated? The seminar paper should outline modern approaches and state the pros and cons of the presented methodologies. Leonard Bradatsch |
✘ Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (2-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch |
✘ What did we learn in almost 20 years of TLS? – English only In 2018, the latest version of TLS - TLS 1.3 - was finally finished and published. The discussions and decisions that were made during the development phase are interesting to follow. In an attempt to design the most secure version of TLS that is nowadays possible, the IETF working group decided to deprecate and remove quite some parts of older TLS releases that have a rather troubling history. As part of this work, we want to follow the development of TLS 1.3 and try to learn from it for the design of cryptographic (network) protocols in general. Towards this goal, we follow two questions. What do we learn about protocol design by understanding the removed parts in TLS 1.3? It defines a new key agreement protocol, removes old cryptographic algorithms and changes the defaults. What are the underlying problems that lead to these decisions? What can we learn when designing cryptographic protocols on our own? What can we learn from the new features in TLS 1.3? What is the general direction in which the community is moving? Which security aspects have grown more important nowadays? Which building blocks are considered generally better than others? Clemens Lang (BMW Car IT) |
Internet of Things |
✘ Individual Mobile Sensing in Healthcare - Trends and State-of-the-art – English only Individual Mobile Sensing or Personal Mobile Sensing often focuses on the aspects of sensor data collection and analysis applied specifically for the pruposes of education, diagnosis, event detection, treatment, or monitoring. The aim of this seminar is to study recent trends and review state-of-the-art already reported in existing literature, specifically applied in the domain of healthcare. Muntazir Mehdi |
✘ Electroencephalography (EEG) using Smartphones – English only Electroencephalography (EEG) is the method of monitoring the electrical activity of the brain. Mobile EEGs are dedicated hardware equipment capable of coupling with many commonplace smartphones. In this seminar report, the students are required to survey the current state of EEGs and mobile EEG systems that can be coupled with smartphones. The students would be further required to study various applications of EEG systems. Muntazir Mehdi |
✘ Smart Home Security – English only Home automation has been a common theme of science fiction for a long time but has recently become reality. Newly constructed homes often come with pre-installed smart home features based on proprietary hardware/software and the same can be retrofitted to older buildings. Additionally, a huge community of DIY enthusiasts develops open source and open hardware alternatives. However, security is often not the main priority of these products or can be difficult to implement correctly, due to hardware and power constraints. Numerous examples, such as smart door and garage locks, show that this is becoming a serious issue. This seminar should outline the differences in conventional IT security and IoT security and survey the security of common home automation software (e.g., home-assistant), protocols (e.g., MQTT), and devices (e.g., ESP8266). Echo Meißner |
✘ IoT Security - State of the Union – English only The Internet of Things is an emerging field of Internet-enabled embedded devices. Applications range from connected factory lines to large scale sensor networks to medical equipment. Most of the applications share the limitations of classical embedded systems. They run on battery and have limited computational resources. Yet, they often control physical systems such as industry robots, children's toys or even critical devices such as infusion pumps in hospitals. Internet of Things devices have a bad reputation in the security research community. In this work, we want to get an overview of the specialties and problems of IoT devices. You should introduce the general setup and explain problems based on a scientific case study of your choice. What are the answers of the security community? How is research trying to improve the general situation in this area? Which are the most important issues that should be addressed? Martin Lang (BMW Car IT) |
Programming Languages |
✘ The Julia Programming Language – English only Since its inception almost 10 years ago, Julia has grown to be a full-fledged programming language for scientific computing, with an impressive list of features. It has in recent months been touted as a successor to R and an alternative to MatLab, and aims to provide the scientific community with an easy-to-learn language while coming close to the speed of C. This seminar should provide an introduction to the Julia language, describe its main features, and include examples of how it can be used both in the context of general and scientific computing. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: Selected Topics in Distributed Systems |
Typ: Seminar, Modul |
Kürzel / Nr. / Modulnr.: ATVS / CS5900.113 / 72041 |
SWS / LP: 2S / 4LP |
Dozent: Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer:
|
Termine:
|
Lernplattform:
|
Themenvergabe:
|
Sprache:
|
Hinweis: Alle Seminarthemen sind belegt.
Themen
• frei ✘ belegt
✘ Resource Scheduling in Cloud Computing – English only With increased popularity of Cloud Computing the approach of treating multiple nodes as one big resource unit came up. This allows to run multiple different applications on one cluster at the same time. The biggest challenge is to schedule the processes of the applications without overstress the cluster or slowing down one of the applications. The goal of this seminar is to look at the different scheduling approaches and their use caces in cloud computing. |
✘ Analysis of Scheduling Algorithms on Multiprocessor Systems – English only The most complex environment for scheduling processes of applications is a multiprocessor system. Therefore many scheduling algorithms and approaches for multiprocessor systems have been developed over the past 20 years. As consequence many researchers published their scheduling algorithms claiming to have the most efficient algorithm. The goal of this seminar is to give a survey of the latest tools and frameworks for testing and analysing multiprocessor scheduling algorithms. Also one selected framework should be used to analyse few given algorithms. |
✘ Individual Mobile Sensing in Healthcare - Trends and State-of-the-art – English only Individual Mobile Sensing or Personal Mobile Sensing often focuses on the aspects of sensor data collection and analysis applied specifically for the pruposes of education, diagnosis, event detection, treatment, or monitoring. The aim of this seminar is to study recent trends and review state-of-the-art already reported in existing literature, specifically applied in the domain of healthcare. Muntazir Mehdi |
✘ Surveying Peripheral Sensors in Context of Mobile Crowdsensing – English only In this seminar report, the students are required to survey the current state of peripheral sensors that can be coupled with smartphones to further accurate the mobile crowdsensing applications. These peripheral sensors can be coupled with smartphones using Bluetooth technology or wifi. The students would be further required to study the current state of coupling technologies. In addition to the general perspective, the students will survey the peripheral sensors, their technology, and limitations within the context of mHealth (mobile health). Muntazir Mehdi |
✘ Jepsen: Breaking Distributed Systems – English only Distributed systems like distributed databases or coordination services often promise specific data consistency models, make fault tolerance claims and guarantee resilience in the face of failures of all kinds. In reality, however, designing such systems is difficult and few systems really keep their promises. Jepsen is a framework for thoroughly testing fault-tolerant distributed applications. It can deliberately introduce faults and by stress systems with various client loads. After a test, Jepsen checks whether the system under test performed according to specifications. Jepsen has been used to test (and break) all kinds of well-known software, like Apache Cassandra, MongoDB, Apache ZooKeeper, RabbitMQ and many more. This seminar should have a closer look at Jepsen, describe how it operates, and how it helped to break such a multitude of different systems. |
✘ Data Entanglement – English only In Coding and Data Reliability, e.g., censorship resistance, research applies a concept called data entanglement. For this technique parts of a file are combined with parts of another file to reconstruct a lost file or to make fully removing a file from a system expensive. The goal of this seminar is to look at one or more applied schemes for data entanglement and its uses in real world applications. |
✘ Analysis of Distributed Denial of Service Attacks – English only Distributed Denial of Service Attacks are a common problem in networks all over the world. They are hard to defend against as they affect services that usually are accessible to the public and exploit usual, standard conform behaviour. There are many different kinds of attacks. From the usual flooding attacks over slow HTTP attacks to reflective attacks, there are many ways a system can be taken down. Attackers mimic the behaviour of legitimate clients and thus make it hard to be identified as perpetrators. This seminar shall analyse the different kinds of attacks, how attackers can be identified, and how attacks can be mitigated. Thomas Lukaseder |
✘ The Dark Side of Network Data Analysis: Censorship Infrastructure Around the World – English only From the Big Firewall of China to The Supreme Council of Virtual Space in Iran, authoritarian regimes around the world try to limit personal freedom to suppress possible opposition or – so they say – protect their citizens from outside influence or "moral decline". The goal of this seminar is to analyse censorship infrastructure around the world on a technical level and to discuss the societal impact thereof. Thomas Lukaseder |
✘ Machine Learning Privacy – English only Machine Learning has a number of very useful applications and offers great benefits. Machine learning algorithms can be used for recommendation systems, data analysis, or security applications. However, while machine learning can provide useful predictions and analysis, there are also privacy concerns. The aim of this seminar is to identify privacy issues, and survey possible solutions. Matthias Matousek |
✘ Computer Game Security – English only Video games have always been the kind of software that pushed the limits of existing programming platforms. Today, with the very popular online multiplayer games, thousands of players can share their experience with others online. But what about the security of video games? Can it keep up with cheating, fraud, and other malicious attacks? The goal of this seminar is to have a look at the motives and kinds of cheating, as well as to survey state-of-the-art protection mechanisms and how they are applied in computer games. Matthias Matousek |
✘ Differential Privacy – English only Statistics about user data are used heavily for improving services, performing marketing studies, and many other purposes. The acquisition and processing of potentially sensitive information poses serious privacy threats to individuals participating in, e.g., surveys. Such information might include birthdate, gender, religion, and nationality, from which identifying an individual becomes a trivial task. Moreover, inferring more sensitive information about a specific individual becomes also possible. To solve issue, many service providers, e.g., Apple and Google, started using the so-called “Differential Privacy” to preserve their users’ privacy. In this seminar, you will investigate differential privacy with respect to both theoretical and practical aspects. In addition to addressing the privacy guarantees of differential privacy, your task will then be addressing how major tech companies are implementing differential privacy nowadays. Ala'a Al-Momani |
✘ Generative Adversarial Networks (GANs) – English only AI nowadays is getting better at identifying things with high accuracy allowing, e.g., the dream of autonomous driving to become a reality. However, this high accuracy needs, generally speaking, a huge set of training data. Instead of having a real-world dataset, which might be costly to have in many cases, a recent approach proposed to use a generated synthetic data instead. This is done through the so-called “Generative Adversarial Networks (GANs)”. The goal is then to create ultra-realistic e.g. images or sounds to train the network on. This, in fact, requires giving the machine a sense of imagination. In this seminar, you will investigate the latest trends in the field of GANs while reporting recent results found in literature. Moreover, you will address what challenges face GANs including security ones. Ala'a Al-Momani |
✘ Zcash – English only Zcash is a privacy-preserving digital currency that launched in late 2016. It uses a method called zk-SNARK (zero-knowledge succinct non-interactive argument of knowledge). This, unlike other cryptocurrencies ,e.g., Bitcoin, gives the users the possibility to perform transactions anonymously. Accountability and integrity is preserved as the anonymity might be broken through combining several data pieces allowing to track a specific user, and identify her if needed. In this seminar, you will address Zcash and its underlying technologies. This seminar aims at giving a comprehensive overview on how Zcash works and how it provides anonymity to its users. Furthermore, you will address challenges facing Zcash based on what found in the literature. Ala'a Al-Momani |
✘ Range Proofs – English only Confidential transactions in crypto currencies require range proofs to detect integer overflows. Any output amount of a transaction has to be a positive integer. As storage is valuable on block-chains, the goal is to reduce the size as much as possible. Recent advances in bulletproofs reduce the size significantly. The paper should compare the different existing methods and point out how the improvements are achieved. Felix Engelmann |
✘ Ring Signatures – English only Common signatures require one private key and the corresponding public key and provide authenticity for the signed data. Ring signatures allow to disguise the real signer in a set of public keys. The verifier can only check that the signer was in possession of at least one corresponding private key, but not which one. In comparison to group signatures, the key advantage is that ring signatures can be created without the interaction of the decoy participants. The paper should give an overview of the different constructions of ring signature schemes and an in-depth explanation of one of them. Felix Engelmann |
✘ Distributed Causality Tracking – English only Distributed systems bring along certain challenges, such as an unreliable network and varying latencies. These challenges make it impossible in a distributed system, to agree on the current time and thus the ordering of events. The latter is only possible when two events can be causally linked. There are various approaches to establish these causal links and, thus, allowing to reason about whether an event happened before the other or if they happened concurrently. This causality serves as an enabling technology for other important technologies, such as consistency, distributed consensus, snapshotting, and blockchains. The goal of this seminar is to give an overview of distributed causality tracking and approaches to track causality. Echo Meißner |
✘ Securing Smartphones – English only In this day and age, almost everyone owns a smartphone and takes it with them wherever they go. These devices contain a lot of personal data; thus, securing these devices is very important. The goal of this seminar is to give an overview of the security architectures and mechanisms implemented in modern smartphones (for example based on iOS and/or Android) and to research solutions and proposals from academic literature. Dominik Lang |
✘ The rise of authenticated encryption – AES-GCM – English only "It is encrypted, why should I need integrity protection? It decrypts to garbage anyway if it was tampered with!" Statements such as this are often discussed with people less familiar with cryptography in protocol design. Unfortunately, it is not that easy and there are some (corner) cases in which this is plain wrong. However, even in general it is problematic to go without integrity protection. A long time, major cryptographic protocols such as TLS where mostly using HMACs in addition to encryption to ensure the integrity of messages. More recently, combined algorithms that provide encryption with authentication became more popular. Most commonly, we have AES in Galois Counter Mode (AES-GCM) today. In your presentation and paper, you should motivate the necessity of authenticated encryption and explain the basic idea and reasons for the success of AES-GCM. Martin Lang (BMW Car IT) |
✘ End-To-End Security for whole Software images – dm-verity – English only Smartphones have become the extension of a person’s brain. They contain a lot of sensitive data and thus got more attractive for all kinds of attacks by criminals but also by state actors. Modern software vendors want to use hardware features such as secure boot to not only secure the kernel but also the complete user-land. Towards this end, dm-verity was introduced to the Linux kernel. It provides a way to ship whole Linux system images with an integrity protection mechanism based on Merkle-Trees. It enables vendors of embedded devices to sign a single hash in their CI infrastructure to secure a whole Linux system. In your presentation and paper, you should motivate the necessity for integrity protected software images by providing a threat analysis. Based on this, you introduce and explain the idea of dm-verity and the Merkle-Tree Construction. Martin Lang (BMW Car IT) |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
| |
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP | |
Modulkoordinator: Prof. Dr. Frank Kargl | |
Unterrichtssprache: Deutsch | |
Turnus / Dauer: jedes Semester / ein volles Semester | |
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar | |
Voraussetzungen (formal): - | |
Grundlage für (inhaltlich): - | |
Lernziel:
| |
Inhalt:
| |
Literatur:
| |
Bewertungsmethode:
| |
Notenbildung:
| |
Arbeitsaufwand:
|
Titel: | Ausgewählte Themen in Verteilten Systemen | |||||||||||||||||||||||||
Englischer Titel: | Selected Topics in Distributed Systems | |||||||||||||||||||||||||
Typ: | Seminar, Modul | |||||||||||||||||||||||||
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 | |||||||||||||||||||||||||
SWS / LP: | 2S / 4LP | |||||||||||||||||||||||||
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck | |||||||||||||||||||||||||
Betreuer: | Ala'a Al-Momani, Felix Engelmann, Eugen Frasch, Gerhard Habiger, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, Muntazir Mehdi, Echo Meißner, David Mödinger, Rens van der Heijden | |||||||||||||||||||||||||
Termine: |
| |||||||||||||||||||||||||
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. | |||||||||||||||||||||||||
Themenvergabe: | Die Themenvergabe erfolgt über die zentrale Seminarthemen-Vergabe-Plattform. | |||||||||||||||||||||||||
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Hinweis: Alle Seminarthemen sind vergeben worden.
Themen
• frei ✘ belegt
✘ Practical Consensus in Real World Systems – English only In many systems a shared source of truth is required for the system to function properly. In many such situations a consensus is formed within a group through different approaches: Complex algorithms such as Paxos and Raft, Proof-of-Work mechanisms or others. There is a vast amount of literature for consensus in distributed systems, but not everything makes it into real world systems. David Mödinger |
✘ Mechanical Sympathy and performance optimization in high level languages – English only 'Mechanical Sympathy', a term coined by a world-class Formula 1 driver, describes the concept of driver and machine working together in harmony. This term can also be transferred to (software) engineers, who might not need to know how to build hardware from the scratch, but who can still gain performance advantages by having intimate knowledge of the inner workings of underlying hardware. By paying close attention to the pitfalls of modern CPU, GPU and memory hardware designs, developers who know how these components work can highly optimize their applications even in high-level languages like Java. This work should take a look at recent developments in the field of software optimization and summarize advances made in the last few years. Gerhard Habiger |
✘ Individual Mobile Sensing in Healthcare - Trends and State-of-the-art – English only Individual Mobile Sensing or Personal Mobile Sensing often focuses on the aspects of sensor data collection and analysis applied specifically for the pruposes of education, diagnosis, event detection, treatment, or monitoring. The aim of this seminar is to study recent trends and review state-of-the-art already reported in existing literature, specifically applied in the domain of healthcare. Muntazir Mehdi |
✘ Mobile Sensing Systems - Technical barriers in context of Individual Sensing – English only Many mainstream smart phones are equipped with sensors which enable sensing motion, environment, and position. However, these devices are not ideal for continous sensing, data accumulation, data processing, etc. mainly because of their limited resources. The aim of this seminar is to review scientific literature in order to better understand the technical barriers or limitations within the context of individual sensing. Muntazir Mehdi |
✘ π-calculus – English only As a process calculus the p-calculus describes the movement of a piece of data in exactly the same way as the tranfer of a message. Thus the p-calculus is used to define concurrent computations whose network configuration may change during the computation. The goal of this seminar is to look at motivation, theory and expressiveness of pi-calculus. Eugen Frasch |
✘ Analysis of Distributed Denial of Service Attacks – English only Distributed Denial of Service Attacks are a common problem in networks all over the world. They are hard to defend against as they affect services that usually are accessible to the public and exploit usual, standard conform behaviour. There are many different kinds of attacks. From the usual flooding attacks over slow HTTP attacks to reflective attacks, there are many ways a system can be taken down. Attackers mimic the behaviour of legitimate clients and thus make it hard to be identified as perpetrators. This seminar shall analyse the different kinds of attacks, how attackers can be identified, and how attacks can be mitigated. Thomas Lukaseder |
✘ Network Function Virtualization – English only Network function virtualization (NFV) is a very trendy new paradigm in computer network research. The idea of NFV is to transfer the functionality of network nodes (e.g. switches, routers, firewalls, load balancers, intrusion detection systems) to virtual machines. The benefit of this approach is said to be vendor independent solutions, increased flexibility, and lower power consumption compared. This seminar shall analyse the current state of research in NFV and assess future prospects of the new paradigm. Thomas Lukaseder |
✘ Machine Learning Privacy – English only Machine Learning has a number of very useful applications and offers great benefits. Machine learning algorithms can be used for recommendation systems, data analysis, or security applications. However, while machine learning can provide useful predictions and analysis, there are also privacy concerns. The aim of this seminar is to identify privacy issues, and survey possible solutions. Matthias Matousek |
✘ Computer Game Security – English only Video games have always been the kind of software that pushed the limits of existing programming platforms. Today, with the very popular online multiplayer games, thousands of players can share their experience with others online. But what about the security of video games? Can it keep up with cheating, fraud, and other malicious attacks? The goal of this seminar is to have a look at the motives and kinds of cheating, as well as to survey state-of-the-art protection mechanisms and how they are applied in computer games. Matthias Matousek |
✘ Recent Advances in Autonomous Driving – English only Autonomous Driving as well as other AI-based applications have the potential to shape our future. The development of advanced and efficient machine learning algorithms made Autonomous Driving possible nowadays. In this seminar, you will address autonomous driving from both points of view: the theoretical (based on the literature) as well as the practical one. In particular, you will survey and compare the existing work in this field and try to answer the question which machine learning technique performs best in Autonomous Driving. Moreover, you need to address (based on the literature) the question of how V2X communication can enhance the autonomous driving experience. Ala'a Al-Momani |
✘ Trusted Execution Environment (TEE) – English only Trusted Execution Environment (TEE) has been considered heavily in the last decade. The goal is to provide secure cloud computing as well as privacy-friendly data processing. The idea is summarized in introducing a secure enclave in a form of, e.g., a sandbox that is isolated from the normal space of the CPU. Intel has introduced its implementation of TEE as an extension to the 7th generation processors, namely Software Guard Extension (SGX). On the other hand, ARM has introduced TrustZone as an implementation of TEE. In this seminar, you will investigate TEE and its commercial implementations, the features of each, while tackling the problem of the shortcomings of using TEE-based implementation, i.e. cache attacks, relatively small TCBs, etc. Special focus will be on the privacy-friendly application development using TEE-based approaches. Ala'a Al-Momani |
✘ Range Proofs – English only Confidential transactions in crypto currencies require range proofs to detect integer overflows. Any output amount of a transaction has to be a positive integer. As storage is valuable on block-chains, the goal is to reduce the size as much as possible. Recent advances in bulletproofs reduce the size significantly. The paper should compare the different existing methods and point out how the improvements are achieved. Felix Engelmann |
✘ Chameleon Signatures – English only Common signatures require a private key and a public key and provide authenticity for the signed data. The signed data can not be changed, without resulting in a new signature. Chameleon signatures extend this structure and allow the owner of a secret to sign alternative data keeping the same signature. This could be useful to change illicit transactions on a ledger, where the signature output is immutable. The paper should give an in-depth explanation of the internal mechanisms of chameleon signatures. Felix Engelmann |
✘ Machine Learning on Event Streams – English only Machine Learning approaches and algorithms can be utilized to analyze event streams and time-series data and provide forecasts. This has shown very promising results in the domain of predictive maintenance and stock market prediction. However, current research is not limited to these domains. The goal of this seminar is to give an overview of current approaches, algorithms, possibilities, and limitations of machine learning on event streams and time-series data. Echo Meißner |
✘ Applications of data provenance and data lineage – English only Modern systems often have a requirement for data provenance and data lineage, which is the notion of retaining the origin of data, how it changes, and where it moves over time. This trend can be observed in various domains, such as version control systems to track changes in source codes, versioning file systems, journaling file systems, and systems that apply event sourcing. The goal of this seminar is to give an overview of approaches for data lineage/provenance and their current fields of application. Echo Meißner |
✘ Securing Cooperative Adaptive Cruise Control – English only Cooperative Adaptive Cruise Control (CACC) is an application of vehicular ad-hoc networks that essentially tries to improve highway throughput by enabling higher speeds and smaller safety distances. This is done through a combination of algorithms for self-driving vehicles, sensors, and vehicle-to-vehicle communication. A malicious actor may attempt to abuse this functionality to cause accidents, either by transmitting falsified messages, disrupting the communication between specific vehicles, or by distributing malware to cause vehicles to behave differently. In this seminar topic, the central question is whether CACC can be done in a secure way. To answer this question, you will describe the different attack strategies, and review some approaches to detect and prevent such misbehavior. Rens van der Heijden |
✘ Securing Smartphones – English only In this day and age, almost everyone owns a smartphone and takes it with them wherever they go. These devices contain a lot of personal data; thus, securing these devices is very important. The goal of this seminar is to give an overview of the security architectures and mechanisms implemented in modern smartphones (for example based on iOS and/or Android) and to research solutions and proposals from academic literature. Dominik Lang |
✘ TLS - a history of failures? – English only Transport Layer Security and its predecessor - the Secure Socket Layer - is a fundamental security technology of the modern Internet. It secures almost everything starting from your social media account, over your private emails to your online banking. Yet, the protocol itself and its most widely used implementations have a long history of problems. Some are related to the way cryptography is applied in TLS, others arise from the compatibility that TLS aims to achieve (downgrade attacks). |
✘ Spectre, Meltdown & Co - How your processor cache leaks sensitive information – English only In Bioinformatics, the search for Motifs discovers specific but probably unknown sequences of DNA. This concept is potentially also applicable to other kinds of sequences. This topic is intended to determine whether Motif finding algorithms are applicable to network protocols. The goal of such an application would be to identify distinctive substrings of messages. Moreover, using Motifs, format and type of unknown messages could be identified. In particular, this topic should answer based on the literature: how motif finding works, how the known approaches differ, and which, if any, of the concepts could work to detect structure also in unknown network protocols. Martin Lang (BMW Car IT) |
✘ Slide attacks – English only Moderne symmetrische Blockverschlüsselungen wie AES oder Blowfish basieren auf der vielfachen Wiederholung einer einfachen Rundenfunktion. Da differentielle und lineare Kryptoanalyse sich auf die Fortpflanzung der Zufälligkeit über die Runden kozentrieren war es lange Zeit selbstverständlich, dass jede Verschlüsselung mit genügend Runden sicher gemacht werden kann. Slide attacks haben diesem Denken ein Ende gesetzt, da sie unabhängig von der Rundenzahl durchführbar sind und die Rundenfunktion selbst angreifen. In dieser Arbeit sollen Slide attacks beschrieben werden, sowie die nötigen kryptographischen Grundlagen erarbeitet werden. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Felix Engelmann, Benjamin Erb, Eugen Frasch, Gerhard Habiger, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, Echo Meißner, David Mödinger, Rens van der Heijden |
Termine: | Einführungsveranstaltung (verpflichtend) Räume und Daten werden noch bekannt gegeben. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• frei ✘ belegt
✘ Trends in Privacy Engineering – English only Privacy-by-Design (PbD) has been emerged rapidly especially after the adoption of the new EU General Data Protection Regulation (GDPR) in 2016. This raise the need for a systematic approach to convert the requirement taken from such regulations to be in the form of engineered and technical requirements. In this seminar, you will survey the available methodologies for this engineering process considering both risk-based analysis approaches and goal-oriented approaches. This will help you to gain valuable insights in the field of privacy engineering and PbD. | ||
✘ Recent Advances in Autonomous Driving – English only Autonomous Driving as well as other AI-based applications have the potential to shape our future. The development of advanced and efficient machine learning algorithms made Autonomous Driving possible nowadays. In this seminar, you will address autonomous driving from both points of view: the theoretical (based on the literature) as well as the practical one. In particular, you will survey and compare the existing work in this field and try to answer the question which machine learning technique performs best in Autonomous Driving. Moreover, you need to address (based on the literature) the question of how V2X communication can enhance the autonomous driving experience. | ||
✘ Deep Learning vs. Reinforcement Learning: When to Use Which? – English only Deep Learning (DL) allowed Google to master the game of Go a decade earlier than expected through building an AI machine that is capable of beating expert players at the mentioned game. On the other hand, Reinforcement Learning (RL) allows, experimentally, AI machines to figure out things that no programmer could teach them and it is considered one of the top ten breakthrough technologies in 2017 according to the MIT technology review. In this seminar, you will investigate both learning techniques while addressing what benefits each one brings over the other. In addition, in what applications each one fits the best. Moreover, you need to address the best practices in these emerging technologies. By this, you also need to investigate real-world DL- and RL-based applications and try to figure out why this has been used and not the other. Previous knowledge in ML/DL/RL/NN/AI is preferred and it will help you progress faster in this seminar. | ||
✘ Architectures for Data-intensive Applications – English only Data-intensive applications require reliability, scalability, and maintainability. This seminar topic addresses system architectures that enable such applications and introduces the relevant concepts and mechanisms. | ||
✘ π-calculus – English only As a process calculus the p-calculus describes the movement of a piece of data in exactly the same way as the tranfer of a message. Thus the p-calculus is used to define concurrent computations whose network configuration may change during the computation. The goal of this seminar is to look at motivation, theory and expressiveness of pi-calculus. | ||
✘ TensorFlow – English only Developed by Google TensorFlow is an open source software library for machine learning. It uses data flow graphs for numerical computation. The flexible architecture allows to deploy computation to one or more CPUs or GPUs in a desktop, server, or mobile device with a single API. The goal of this seminar is to give introduction to TensorFlow, its usecases and deeper characteristics. Note: basic knowledge in Python is recommended. | ||
✘ Algorithms for Real-Time Scheduling on Multiprocessor – English only Nowadays there exists a great number of research work focused on the study of real-time scheduling in one processor. However, the research area of real-time scheduling on multiprocessor systems is quite new. The goal of this seminar is to give an overview of methods for real-time scheduling on multiprocessor and their known algorithms. | ||
✘ Modern Encryption for File Sharing – English only In modern applications we value confidentiality of files we sent (e.g. pictures, bank statements, contracts). Simple encryption will force us to share the password with everyone. Some systems will allow us to specify possible recipients with public keys. The goal of this seminar is to research these systems and provide an introduction to a concrete and secure shareable encryption scheme. David Mödinger | ||
✘ Temporal Logic of Actions: model checking concurrent distributed systems – English only Due to their diversity and complexity, distributed systems often exhibit indeterministic behaviour. This makes it very hard to correctly design new systems, since errors may only manifest themselves rarely and under specific circumstances, which are difficult to test for. Mathematically modeling such systems allows to formally test their behaviour and exhaustively check every possible state they can ever be in, making it (theoretically) impossible for a system to fail due to design flaws. One tool to model concurrent distributed systems is Lamport's TLA+. The goal of this seminar is to give an introduction to TLA+ and its current state, and to provide an example of a real world application of TLA+. | ||
✘ Misbehavior Detection in Vehicular Networks – English only One approach to improve road safety and efficiency in the future is by allowing vehicles to communicate and warn or plan their routes. This is realized through vehicular ad-hoc networks. These networks improve safety and efficiency by sending messages to, for example, inform vehicles in a particular area that a traffic jam is ahead of them. For the correct and safe operation of applications, it is essential that the information sent by other vehicles can be trusted or verified. In this seminar paper, you will discuss one or two new approaches to detect misbehavior of vehicles in these networks, and put these into the context of existing work. Rens van der Heijden | ||
✘ Alignment-free Protocol Message Format Reverse Engineering – English only Understanding the communication of networked systems without knowing the protocol specification can be achieved by the reverse engineering of the network traffic. Examples for use cases of this approach are the analysis of botnets and vulnerability detection in network protocol implementations. Several methods to infer the protocol message format use the Needleman-Wunsch-algorithm-based progressive multiple sequence alignment. Instead, also alignment-free methods to find structure in byte sequences are available. An especially interesting example is the Leimeister et al. alignment-free method. The goal of this seminar topic is to identify commonalities and differences between alignment and alignment-free algorithms with focus on applicability to infer message formats of protocols and to discuss their respective strengths and weaknesses. | ||
✘ Cryptography Engineering – English only Every day we rely on the security of applied cryptography (e.g. security protocols) to protect our data. This application of cryptography in real world solutions is difficult and prone to errors; one mistake can compromise the entire security. Dominik Lang | ||
✘ Policy Checking of Network Topologies – English only Network policies are rules that define how a network needs to be set up. They contain for instance demands concerning the reachability of certain network devices or filter rules for firewalls. Tools like netplumber exist to help in the verification process whether a network topology complies with these policies. Goal of this seminar is to analyze how these tools work and which policies can or cannot be analyzed by these tools. | ||
✘ Analysis of Distributed Denial of Service Attacks – English only Distributed Denial of Service Attacks are a common problem in networks all over the world. They are hard to defend against as they affect services that usually are accessible to the public and exploit usual, standard conform behaviour. There are many different kinds of attacks. From the usual flooding attacks over slow HTTP attacks to reflective attacks, there are many ways a system can be taken down. Attackers mimic the behaviour of legitimate clients and thus make it hard to be identified as perpetrators. This seminar shall analyse the different kinds of attacks, how attackers can be identified, and how attacks can be mitigated. | ||
✘ Machine Learning Privacy – English only Machine Learning has a number of very useful applications and offers great benefits. Machine learning algorithms can be used for recommendation systems, data analysis, or security applications. However, while machine learning can provide useful predictions and analysis, there are also privacy concerns. The aim of this seminar is to identify privacy issues, and survey possible solutions. | ||
✘ Networking in Online Multiplayer Games – English only Online multiplayer games and other distributed real-time applications face various challenges when it comes to networking and communication. Communication properties of such applications are quite different in contrast to traditional networking applications. The goal of this seminar is to give an overview of the challenges in network games and best practices how these challenges can be addressed. | ||
✘ Machine Learning on Event Streams – English only Machine Learning approaches and algorithms can be utilized to analyze event streams and time-series data and forecast events. This has shown very promising results in the domain of weather forecasting and stock market prediction. However, current research is not limited to these domains. The goal of this seminar is to give an overview of current approaches, possibilities, and limitations of machine learning on event streams and time-series. |
Special Interdisciplinary Research Seminar on Digitalization of Law through Blockchains and Smart Contracts
The following topics are part of an interdisciplinary research seminar jointly organized with the Institute of Accounting and Auditing and researchers from University of Heidelberg. Talks are going to be presented at a workshop planned for 2nd or 3rd of February 2018 at Kloster Roggenburg near Ulm. Attending this workshop is required. Travel costs will be covered by the organizers. Except for the final presentation, the special seminar follows the same schedule as the other seminar topics.
✘ Ethereum – English only This talk will introduce the Ethereum system with a focus on the Smart Contracts mechanisms. It should particularly illustrate how to develop smart contracts in the Solidity programming language and how those smart contracts are executed in Ethereum. |
✘ Bitcoin – English only Bitcoin is the first fully decentralized digital currency. The individual Bitcoins are created and managed by a distributed Peer-2-Peer network. The work should provide an overview over the Bitcoin ecosystem and extend the focus to the general concepts of Blockchain-based technologies. Henning Kopp |
✘ How to undo transactions in Blockchain-based Systems? – English only What concepts can you apply, if a (national) court rules that a transaction was illegal? As illustrated by e.g. the DAO, smart contracts and digital currencies based on blockchains face substantial problems in case of fraud, as there is no real jurisdictional oversight possible. Once in the ledger, transactions cannot be removed retroactively. This talk should investigate such fraud cases and which technical options one has to implement jurisdictional decisions. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Felix Engelmann, Benjamin Erb, Eugen Frasch, Gerhard Habiger, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, David Mödinger, Rens van der Heijden |
Termine: | 18.04.2017 10:15-11:45: Einführungsveranstaltung (verpflichtend) 25.04.2017 10:15-11:45: Wissenschaftliches Arbeiten (verpflichtend) 27.04.2017 16:15-17:45: LaTeX-Einführung (freiwillig) 22.06.2017 16:15-17:45: Präsentationstechniken (verpflichtend) 14.07.2017: Vortragsblocktermin (ganztägig), Räume werden noch bekannt gegeben |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
• frei ✘ belegt
✘ Vehicle Platooning – English only Vehicle Platooning is considered one of the most promising applications to be implemented in vehicular networks. It gained its importance due to the huge number of benefits it provides for cars/trucks on, specially, highways. Despite the benefits it provides, it suffers from a quite number of limitations and challenges. Within this seminar, you are going to investigate vehicle platooning in more details by addressing the limitations and challenges it suffers from. In addition, the possible ways to defeat them need to be examined. Ala'a Al-Momani | ||
✘ Machine Learning Applications in Vehicular Networks – English only Machine learning brings enormous number of benefits to fields where it is applied on. In vehicular networks, it is considered one of the main bases of critical applications, e.g. Autonomous Driving. In this seminar, Machine learning approaches that has been proposed to be used in vehicular networks generally and autonomous driving in particular will be investigated. The implications of applying such techniques -e.g. delay, decision accuracy, etc...- need to be examined as well. | ||
✘ Digital Identities for 3D Printed Objects – English only 3D printing technologies are spreading in many big scale manufacturing processes and introduce challenges which are otherwise only relevant in the digital world. Simplified duplication of physical objects can lead to piracy or safety issues in regulated industries. A promising solution to this would be uniquely identifiable, unclonable objects, e.g. with an integrated physically unclonable function (PUF). The goal of this seminar is to survey the different approaches to link a physical object to a digital identity. | ||
✘ Challenges of Scanning the IPv6 Address Space – English only With the progress of IPv6 deployment, surveys of the complete internet address space by enumeration are no longer feasible, compared to the 2^32 IPv4s, which can be contacted in a few minutes. However there are approaches to reduce the search space by preselecting active DNS entries, common host suffixes, promising subnets from BGP announcements and many more. The goal of this seminar is to elaborate on the possible scanning methods and counter measures in the IPv6 network. | ||
✘ Machine Bias and the Threat of Algocracy – English only The rise of big data, artificial intelligence, and related technological trends are going to transform the everyday life of people. A potential rule of algorithms and the hidden biases carved into data analytics and machine learning models represent significant challenges on society, entailing political, ethical, and psychological consequences. This seminar paper should unveil these challenges and assess the dystopic perspective while pointing out corrective actions. | ||
• π-calculus – English only As a process calculus the p-calculus describes the movement of a piece of data in exactly the same way as the tranfer of a message. Thus the p-calculus is used to define concurrent computations whose network configuration may change during the computation. The goal of this seminar is to look at motivation, theory and expressiveness of pi-calculus. | ||
✘ Slurm – English only As a cluster management and job scheduling system Slurm is used in small and large Linux clusters. Slurm is open-source, fault tolerant, highly scalable and relatively self-contained. The goal of this seminar is to give an overview of Slurm, it's functionality and deeper characteristics. | ||
✘ Apache Eagle – English only Apache Eagle is an open source, distributed real-time monitoring alerting engine for instant identification of sensitive data access and recognition of malicious activities. Eagle audits access to HDFS files, Hive, and HBase tables in real time, enforces policies and alerts or blocks users’ access in real time.The goal of this seminar is to give an overview of Apache Eagle, it's architecture and functionality. | ||
✘ The State of Logical Time – English only In distributed systems there is no global time. To work around this limitation logical clocks, a form of event counters, like vector clocks were introduced in the 1980s. The goal of this seminar is to research some more recent developments on the state of logical clocks, especially improvements in size or performance.David Mödinger | ||
✘ Temporal Logic of Actions: model checking concurrent distributed systems – English only Due to their diversity and complexity, distributed systems often exhibit indeterministic behaviour. This makes it very hard to correctly design new systems, since errors may only manifest themselves rarely and under specific circumstances, which are difficult to test for. Mathematically modeling such systems allows to formally test their behaviour and exhaustively check every possible state they can ever be in, making it (theoretically) impossible for a system to fail due to design flaws. One tool to model concurrent distributed systems is Lamport's TLA+. The goal of this seminar is to give an introduction to TLA+ and its current state, and to provide an example of a real world application of TLA+. | ||
✘ Misbehavior reporting and revocation in Vehicular PKIs – English only Vehicular ad-hoc networks are an attempt to improve driving safety for both drivers and autonomous vehicles, by allowing the exchange of information between vehicles. Because this information is safety-relevant, it should be authenticated, which current standards propose to do with a PKI. Such a PKI typically also allows reporting of malicious messages (misbehavior reporting). The goal of this seminar is to analyze different possible strategies on how to transfer and process the reports, which should result in the revocation of an attacker.Rens van der Heijden | ||
✘ Alignment-free Protocol Message Format Reverse Engineering – English only Understanding the communication of networked systems without knowing the protocol specification can be achieved by the reverse engineering of the network traffic. Examples for use cases of this approach are the analysis of botnets and vulnerability detection in network protocol implementations.Several methods to infer the protocol message format use the Needleman-Wunsch-algorithm-based progressive multiple sequence alignment. Instead, also alignment-free methods to find structure in byte sequences are available. Especially interesting examples are the Sequitur algorithm and the Leimeister et al. alignment-free method. The goal of this seminar topic is to identify commonalities and differences between these algorithms with focus on applicability to infer message formats of protocols and to discuss their respective strengths and weaknesses. | ||
✘ Formal Methods in Program Analysis – English only To reason about a program, naively one can run it on different inputs and compare the outputs in order to find structure. In contrast, one can execute the program only symbolically, not with concrete inputs but instead with symbolic variables. Then it becomes possible to reason about a program by comparing the execution paths in the program.The student should describe symbolic execution and its shortcomings and improvements like concolic execution. Examples in an appropriate framework like angr are welcome. Henning Kopp | ||
✘ Cryptography Engineering – English only Every day we rely on the security of applied cryptography (e.g. security protocols) to protect our data. This application of cryptography in real world solutions is difficult and prone to errors; one mistake can compromise the entire security.Cryptography engineering is the discipline of creating these real world solutions and entails two different aspects: the creation of cryptographic protocols by combining several cryptographic primitives (e.g. MAC and symmetric encryption), and the implementation (software / hardware) of cryptographic protocols. The goal of this seminar paper is to give an overview of cryptography engineering with a focus on dos and don'ts, and best practices for creating and implementing cryptographic protocols. Note: It is highly recommended that the student has basic knowledge of cryptography, for example by having attended a cryptography and/or IT security lecture. Dominik Lang | ||
✘ Software-Defined Networking – Chances and Risks for Network Security – English only Software-Defined Networking (SDN) is an approach to computer networking that decouples the control plane—that is the network administration—from the data plane where the regular packet forwarding occurs. The most common SDN technology is the OpenFlow protocol. The design of this protocol features one controlling device—the SDN controller—that monitors all network devices and network policies. Such a centralized design can both help network security by simplifying network monitoring and be a threat to security by implementing a single point of failure that in turn has full control over the network topology. Goal of this seminar is to analyze both threats and opportunities of this technology regarding network security. | ||
• Policy Checking of Network Topologies – English only Network policies are rules that define how a network needs to be set up. They contain for instance demands concerning the reachability of certain network devices or filter rules for firewalls. Tools like netplumber exist to help in the verification process whether a network topology complies with these policies. Goal of this seminar is to analyze how these tools work and which policies can or cannot be analyzed by these tools. | ||
✘ Applications for Secure Multiparty Computation – English only Distributed computation offers many opportunities for novel and advanced applications. However, significant privacy concerns arise when some of the computing parties cannot be trusted sufficiently. Secure multiparty computation (MPC) is an active research field that is attempting to solve the issue of several parties computing specific functions without disclosing their private input data. This seminar thesis should survey and asses applications for MPC. | ||
✘ Machine Learning Privacy – English only Machine Learning has a number of very useful applications and offers great benefits. Machine learning algorithms can be used for recommendation systems, data analysis, or security applications. However, while machine learning can provide useful predictions and analysis, there are also privacy concerns. The aim of this seminar is to identify privacy issues, and survey possible solutions. | ||
✘ Secure Messaging: Signal & Co (recommended at master's level) – English only Security in instant messaging predates the smartphone era, but has recently received a lot of attention from both the cryptographic community and from government agencies. In this seminar, we are going to consider both OTR and the Signal protocol. We will look at the different challenges that are new to instant messaging done via smartphones, and at how Signal tries to overcome them. Marcus Gelderie (BMW Car IT) | ||
✘ Cryptographic Message Syntax: Standardized Protocol for Encryption, Signatures, and Integrity Protection (recommended at bachelor's level) – English only The Cryptographic Message Syntax (CMS) is a standardized format for crafting encrypted and signed messages. It is used in S/MIME, but is a much more flexible format that covers use-cases beyond S/MIME. We will look at the CMS standard, at the threat model underlying CMS, and at the overall organizational implications that are imposed by CMS on the user. Marcus Gelderie (BMW Car IT) |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Benjamin Erb, Eugen Frasch, Gerhard Habiger, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, Rens van der Heijden |
Termine: | 20.10.2016 14.15-15.45 Uhr Einführungsveranstaltung (verpflichtend, H9) 27.01.2017: Vortragsblocktermin, Räume werden noch bekannt gegeben |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt bis zum 10.08.2016 über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Hinweis: Alle Seminarthemen sind vergeben worden.
Themen
⬤ frei ✘ belegt
✘ Vehicular Networks: Security Aspects – English only Vehicular Networks have attracted a lot of attention in the recent years. Throughout this seminar, we are going to look at vehicular networks from security perspectives discussing how C2X communication could be secured. Approaches proposed in standards to authenticate nodes in vehicular networks will be investigated with their drawbacks. The seminar therefore will address the possible ways to improve the proposed authentication mechanisms based on the literature. | |
✘ Vehicular Networks: Wireless Channel Aspects – English only When moving towards the real-world implementation of vehicular networks, wireless channel becomes a critical issue. In this seminar we want to address the challenges in the vehicular wireless medium taking in mind the multiplexing and modulation schemes proposed in standards. We will look at channel capacity which may lead to packet collisions in dense traffic scenarios. | |
✘ IoT: Definition, Security and Privacy Aspects – English only Internet of Things (widely known as IoT) has attracted a lot of attention in the recent years. Throughout this seminar we are going to get familiar with it by looking at the definition of IoT proposed in the literature. This seminar will basically address the question: When a “thing” can be called “smart”. This includes addressing the differences between the classical embedded systems and IoT (if there is any). Thereafter, we will investigate what aspects IoT brings to security and privacy. | |
✘ Spatio-temporal Networks – English only Spatio-temporal networks (STNs) are networks whose topology and/or attributes change over time. This topic explores the theory of STNs, relevant characteristics, and applications. | |
✘ Google Spanner – English only Spanner is Google's globally distributed NewSQL database, the successor to BigTable. Google describes Spanner as a not pure relational database system because each table must have a primary key column. The lack of transactions in BigTable led to frequent complaints from users, so Google made distributed transactions central to the Spanner's design. During this seminar, current research about Google Spanner is to be surveyed and an overview of its functionality should be given. | |
✘ Cloud Rendering – English only Although there is plenty of well and easy usable 3D-Design Software the most time consuming part to produce a high-quality 3D image is still the rendering process. Since cloud computing has been arised it is possible to use more than one computer for the rendering process. Over the years more and more cloud rendering providers started to offer their services for rendering high-quality images to "normal" users. The goal of the seminar is to provide an overview of the most popular and effectiv cloud rendering providers. Also some of the basic comon concepts of diffrent providers should surveyed | |
✘ Owncloud – English only Clouds became very important the past years. Beside one of the most popular cloud storage providers "DropBox" the Open Source Software "Owncloud" is used by many users. During this seminar, current research about Owncloud is to be surveyed and an overview of its functionality should be given. | |
✘ Apache Mesos – English only Apache Mesos is an open-source cluster manager that was developed at the University of California, Berkeley. It provides efficient resource isolation and sharing across distributed applications, or frameworks. The software enables resource sharing in a fine-grained manner, improving cluster utilization. The goal of the seminar is to provide an overview of Apache Mesos, its functionality and architecture. | |
✘ Benchmarking Client-Server Applications – English only Client-server architectures are ubiquitous and the backbone of a wide array of applications around the globe. In order to compare different client-server applications and improve on them, a reasonable set of metrics to measure their performance, correctness and availability has to be devised. This work should give an overview over the most important benchmarking methods and metrics for client-server architectures. | |
✘ Data mining for misbehavior detection in VANETs – English only Vehicular ad-hoc networks are networks created by equipping vehicles with communication equipment that allows them to communicate directly. These networks are designed to improve safety, provide better navigation, and various other applications based on data exchanged between vehicles. Misbehavior detection is the process of detecting invalid or incorrect data in this network traffic. One technique that is used in some application domains to detect such attacks is data mining. This includes techniques like rule mining, clustering, and other classification algorithms. In this seminar, the goal is to provide an overview of the different application types and their susceptibility to attacks.Rens van der Heijden | |
✘ Applications of subjective logic in VANETs – English only Vehicular ad-hoc networks are networks created by equipping vehicles with communication equipment that allows them to communicate directly. These networks are designed to improve safety, provide better navigation, and various other applications based on data exchanged between vehicles. Subjective logic is a logic that can be used to reason about uncertain or incomplete information. For example, it can be used to represent the trustworthiness of received messages, and the uncertainty of this evaluation. In this seminar, the idea is to investigate the application of so-called multinomial and continuous opinions, which express trustworthiness for multiple possible values of a message.Rens van der Heijden | |
✘ Protocol Identification – English only Network management and security require knowledge about the communication in transit to make meaningful decisions. An example for this is a network intrusion detection system that needs to decide about bengin and malicious network traffic based only on the observable protocol packets.Proprietary encapsulation, encryption, missing protocol specification, and privacy concerns often do not allow for deep packet inspection and therefore prevent recognition of the full variance of observed protocols. Protocol Identification (PI) is an approach to be able to identify the type of protocol in network communications based on alternative methods, such as statistical analyses. The goal of this seminar topic is to determine and discuss common methods in PI and the quality of results they currently can provide. Stephan Kleber | |
✘ Inference of Formal Protocol Models – English only Modeling of network traffic allows to understand aspects of the communication of networked systems without knowing the protocol specification. Examples for use cases of this approach are the analysis of botnets and vulnerability detection in network protocol implementations.Methods to accomplish the generation of such models are diverse. They are based on observing traffic and behaviour of the communicating nodes and infer the desired model from analysis of these observations. The goal of this seminar topic is to identify commonalities and differences between multiple techniques to infer formal models of protocols and to discuss their respective strengths and weaknesses. Stephan Kleber | |
✘ Ethereum – English only Ethereum is a successor of digital cryptocurrencies like Bitcoin. Contrary to Bitcoin, Ethereum aims to be Turing-complete, thus representing a decentralized state machine. Ethereum is widely used as a platform to power smart contracts. These are contracts which are cryptographically enforced and are envisaged to provide a form of cryptographic law besides the centralized jurisdiction of the governments.The goal of this seminar is to explain the basic mechanisms behind the Ethereum network. Henning Kopp | |
✘ Ring signatures – English only Ring signatures are a special form of a digital signature. A digital signature provides authenticity of a document, namely that a special person signed it. A ring signature hand only guarantees that a member of a group has signed a document. In some applications this should be preferred to increase privacy of the signer.The student should describe a ring signature scheme and the necessary cryptographic basics. Henning Kopp | |
✘ Cryptography Engineering – English only Every day we rely on the security of applied cryptography (e.g. security protocols) to protect our data. This application of cryptography in real world solutions is difficult and prone to errors; one mistake can compromise the entire security.The goal of this seminar paper is to give an overview of cryptography engineering, which entails dos and don'ts, and best practices for applying cryptography in real world scenarios. Dominik Lang | |
✘ Platforms for Network Data Analysis – English only It is essential for network operators to know both the workload and the composition of in-going and out-going network traffic, but also within the network. This information can help to dissect malfunctions or find bottlenecks in the network topology. It can also help to find intrusions and assess the extend of an attack. Several developer teams made it their goal to provide tools to analyse and visualize the network composition. This work should provide a list of requirements for network operators as well as a broad overview of software tools and a short analysis if these tools are up for the job.Thomas Lukaseder | |
✘ Analysis of Distributed Reflective DoS-Attacks – English only Denial-of-service attacks are a constant threat to every service provider. Distributed reflective DoS attacks are a special kind of mean. They do not attack the target directly but use spoofed requests sent to third party servers to amplify their attack and to obscure the attacker. The goal of this work is an extensive analysis of DRDoS attacks and a broad overview of countermeasures.Thomas Lukaseder | |
✘ Attacking the Tor Network – English only The Tor project promises protection of privacy within the Internet. It can be used to access Internet resources theoretically without the possibility of the request being tracked back to its source. However, this also makes it a target for attacks. For this seminar thesis, specific attacks and possible countermeasures on the Tor network should be reviewed. Further, an assessment of the security of Tor usage should be prepared that takes into account the earlier reviewed attacks. | |
✘ Applications for Secure Multiparty Computation – English only Distributed computation offers many opportunities for novel and advanced applications. However, significant privacy concerns arise when some of the computing parties cannot be trusted sufficiently. Secure multiparty computation (MPC) is an active research field that is attempting to solve the issue of several parties computing specific functions without disclosing their private input data. This seminar thesis should survey and asses applications for MPC. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Ala'a Al-Momani, Benjamin Erb, Eugen Frasch, Gerhard Habiger, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, David Mödinger, Rens van der Heijden |
Termine: | Dienstag, 12.04.2016, 10.15 Uhr - 11.45 Uhr, O27-341: Einführungsveranstaltung (verpflichtend) Dienstag, 19.04.2016, 10.15 Uhr - 11.45 Uhr, O27-341: Wissenschaftliches Arbeiten (verpflichtend) Donnerstag, 21.04.2016, 16.15 Uhr - 17.45 Uhr, O27-123: LaTeX-Einführung (freiwillig) Donnerstag, 16.06.2016, 16.15 Uhr - 17.45 Uhr, O27-123: Präsentationstechniken (verpflichtend) 08.07.2016: Vortragsblocktermin, 47.2.505 und 47.2.506 |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt bis zum 09.03.2016 über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben. |
Themen
Current Trends in Physical Layer Security (vergeben) English only!Ala'a Al-Momani | Physical layer security has attracted a lot of attention in the recent years. In this seminar, we are going to explore the latest trends and techniques in physical layer security. How such technologies could be implemented in different applications. What benefits are gained from implementing those techniques over using the classical cryptographic mechanisms. In addition, the capabilities of an attacker (outsider/insider) to be accepted as a legitimate node in the network are going to be considered. The seminar is going to address the previous issues in more details. The seminar language is English. Perfect for who wants to enhance his knowledge about physical layer characteristics. |
Medium Access Control (FDMA, TDMA, CDMA & CSMA): Pros. & Cons. (frei) English only!Ala'a Al-Momani | Communication systems have attracted a lot of attention in the past discussing the possible ways how to enhance the reliability of such systems. In this seminar paper, those techniques are going to be discussed and explored in more details. The functionality basis of each are going to be examined and literature will be surfed to get familiar with the latest enhancements on them. Their usage in cellular communication along with the modulation techniques is going to be considered as well. Perfect for who wants to enhance his knowledge about lower layers’ techniques and characteristics especially in cellular communication. |
The Psychology of Social Engineering (vergeben) Benjamin Erb | Social Engineering as a "soft" technique belongs to the offensive concepts in information security. Mainly focussing on human manipulation and deception, Social Engineering builds on fundamental social-psychological aspects, which are to be surveyed in this work. |
Apache Kafka (vergeben) Benjamin Erb | Apache Kafka is an open source, distributed message broker, which combines features of a message queue system and a transactional log. Main focus of this topic is an introduction of Kafka and its conceptual and technical features. |
ARTOS (vergeben) Eugen Frasch | ARTOS ist ein Forschungsprojekt der Universität Ulm. Das Projekt beschäftigt sich mit der Verteilung, Koordinierung und Überwachung des Ressourcenverbrauches laufender Anwendungen innerhalb eines weichen Echtzeitsystems. Ein genauer Überblick, über den derzeitigen Stand des Projektes und Beschreibung der dahinterliegenden Konzepte sind Ziele dieser Ausarbeitung. |
Benchmarking Client-Server Applications (vergeben) Gerhard Habiger | Client-server architectures are ubiquitous and the backbone of a wide array of applications around the globe. In order to compare different client-server applications and improve on them, a reasonable set of metrics to measure their performance, correctness and availability has to be devised. This work should give an overview over the most important benchmarking methods and metrics for client-server architectures. |
Comparison of Configuration Management Tools (vergeben) Gerhard Habiger | Software configuration management is an important factor in any development project with more than one developer. Providing the same or closely similar development and deployment environments for applications ensures reproducibility of bug testing endeavours and enables developers to concentrate on the application code instead of managing details of differing environments. To automatically and reliably provision these environments, many tools are in popular use nowadays. The purpose of this work is to compare existing solutions like Puppet, Vagrant and Docker and give an overview over their inner workings. |
Fuzzing proprietärer Protokolle (vergeben) Stephan Kleber | Fuzzer sind aktive dynamische Test-Werkzeuge, die helfen sollen, Schwachstellen in Software aufzudecken. Software, die über das Netzwerk erreichbar ist, implementiert typischerweise ein Netzwerkprotokoll. Dorthin können für Tests auf Schwachstellen mit dem Fuzzer semi-zufällige Werte gesandt werden. Ist die Protokollspezifikation unbekannt, ist es schwer sinnvolle Eingabewerte für den Fuzzer zu wählen. Mit "LZfuzz" ist ein Tool vorgestellt worden, das hierfür geeignet sein soll. Im Rahmen der Seminararbeit soll herausgearbeitet werden, was LZfuzz von anderen Fuzzern unterscheidet, um diese Eigenschaft zu erreichen. |
Passwortlose Authentisierung (vergeben) Stephan Kleber | Das Konzept von Passwörtern ist aus vielen Gründen ungeeignet als Authentisierungsmethode. Aus diesem Grund sind schon seit Langem unterschiedliche Alternativen diskutiert worden. Keine dieser Konzepte konnte sich jedoch durchsetzen. Diese Arbeit soll einen Überblick über einige innovative Ansätze der letzten Jahrzehnte - wie "Déjà Vu" (2000), Pico (2011) und Loxin (2014) - geben und diskutieren, in wiefern diese Ansätze ihr Ziel erreichen, besser als eine Passwort-Authentisierung zu sein. |
Slide attacks (vergeben) Henning Kopp | Moderne symmetrische Blockverschlüsselungen wie AES oder Blowfish basieren auf der vielfachen Wiederholung einer einfachen Rundenfunktion. Da differentielle und lineare Kryptoanalyse sich auf die Fortpflanzung der Zufälligkeit über die Runden kozentrieren war es lange Zeit selbstverständlich, dass jede Verschlüsselung mit genügend Runden sicher gemacht werden kann. Slide attacks haben diesem Denken ein Ende gesetzt, da sie unabhängig von der Rundenzahl durchführbar sind und die Rundenfunktion selbst angreifen. In dieser Arbeit sollen Slide attacks beschrieben werden, sowie die nötigen kryptographischen Grundlagen erarbeitet werden. |
Fortuna (vergeben) Henning Kopp | Fortuna is a state of the art pseudorandom number generator by Schneier and Ferguson. It is based on the earlier Yarrow algorithm by the same authors. There are various interesting design choices which e.g. allow the PRNG to recover from a leakage of its internal state. The goal of this seminar is a description of the design of Fortuna and its properties. |
Software-Defined Networking – Chances and Risks for Network Security (vergeben) Thomas Lukaseder | Software-Defined Networking bietet die Möglichkeit, die Control Plane und die Data Plane in Netzwerken voneinander zu trennen und ermöglicht so eine vereinfachte Administration durch eine programmierbare, zentrale Steuerung des Netzwerkverkehres, ohne manuell auf die Geräte zugreifen zu müssen. Ziel dieser Seminararbeit ist es, einen Überblick über die sich hieraus ergebenden Möglichkeiten und Risiken im Bezug auf Netzwerksicherheit herauszuarbeiten. |
High-Speed Network Intrusion Detection Systems (vergeben) Thomas Lukaseder | Ein Netzwerk Intrusion Detection System ist ein System, das Angriffe innerhalb eines Netzwerkes erkennen soll. Die vergleichsweise schnell steigende Bandbreite bei deutlich langsamer wachsender Rechenleistung erfordert immer effizientere Maßnahmen zur Angriffserkennung. Ziel dieser Seminararbeit ist es, einen Überblick über die vorhandenen Ansätze zur Beschleunigung von NIDS zu geben. |
Side-Channel Attacks: Applicability and Impact on Modern Systems (vergeben) Matthias Matousek | Side-channel attacks leverage unintended (physical) effects in order to extract or inject information from or into a technical system. This includes (but is by far not limited to) information retrieval from monitor light emanations, key recovery from the power usage of cryptographic hardware, or password sniffing by utilizing the acceleration sensors of a modern smart phone. This work should provide an introduction to side-channel attacks, as well as an assessment of their impact on current computer systems. The focus should lie on attacks on modern systems, such as smart phones or secure communication systems. |
Random Linear Network Coding in Peer-to-Peer Systems (vergeben) David Mödinger | Random Linear Network Coding is a coding technique to reach maximum throughput in a network. This can be used in unstructured peer-to-peer system with random topologies to transmit information. This work should give an overview of random linear network coding, established applications in peer-to-peer systems and known problems for adaption. |
Einigung in verteilten Systeme (vergeben) David Mödinger | Einigungsprotokolle in verteilten Systemen sind von zentraler Bedeutung, gelten aber als schweres Problem. Beispiele für solche Einigung sind Bitcoins Blockchain oder Google Chubby mit Paxos. Fokus dieser Arbeit sollen in verbreiteter Software verwendete Protokolle und deren Eigenschaften und vor allem Einschränkungen sein. |
Sybil Attacks in Vehicular Ad-hoc Networks (vergeben) Rens van der Heijden | In dieser Seminararbeit geht es darum, verschiedene Ansätze zum Erkennen so genannter Sybil Attacks in Fahrzeug-Fahrzeug-Kommunikation zu beprechen. Sybil Attacks sind, in der einfachsten Form, ein Angriff, bei dem ein Angreifer mehrere Identitäten verwendet, um irgendein Ziel zu erreichen bzw. um einen Angriff zu verbessern. Es ist nicht Ziel der Arbeit, einzelne Erkennungsmechanismen zu beschreiben, sondern verschiedene Klassen zu unterscheiden und deren Vor- und Nachteile zu besprechen. |
Position verification in VANETs (vergeben) Rens van der Heijden | One approach to improve road safety and efficiency in the future is by allowing vehicles to communicate and warn or plan their routes. This is realized through vehicular ad-hoc networks. These networks bring a number of challenges, including for routing, as messages are often sent to inform vehicles in a particular area of a traffic jam ahead of them. Many solutions proposed to solve these challenges involve the positions of the vehicles. Thus, for the correct and safe operation of these networks, it is essential that the positions sent by other vehicles can be trusted or verified. In this seminar paper, you will discuss several approaches to verify the positions of vehicles that are received through these networks. |
Bus Systems in Modern Vehicles (vergeben) Dominik Lang | It is estimated that software accounts for about 70% of innovation in modern vehicles. As a basis to allow new and innovative applications, vehicles contain an internal network of several interconnected bus systems; among these are CAN, Flexray, LIN, MOST, and Ethernet. The goal of this seminar paper is to give an overview of these bus systems. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Benjamin Erb, Eugen Frasch, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, Rens van der Heijden |
Termine: | Donnerstag, 15.10.2015, 10.15 Uhr - 11.45 Uhr, O27/3211: Einführung in den Seminarablauf (verpflichtend) Montag, 19.10.2015, 10.15 Uhr - 11.45 Uhr, N24/101: Einführung in LaTeX (freiwillig) Donnerstag, 22.10.2015, 10.15 Uhr - 11.45 Uhr, H9: Einführung in wissenschaftliches Arbeiten (verpflichtend) Donnerstag, 14.01.2016, 10.15 Uhr - 11.45 Uhr, H9: Präsentationstechniken (verpflichtend) Blockseminar am Donnerstag, 04.02.2016, O27/341 und O27/3211 ganztags (verpflichtend) |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt ab 07.07.2015 über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden. |
Themen
Social Graph Mining & Social Network Analysis (Bachelor/Master Level) (vergeben) Benjamin Erb | Soziale Netzwerke stellen dynamische Graphen dar. In dieser Arbeit sollen klassische Analyseverfahren auf diesen Graph-Strukturen auf Basis der Fragestellungen zu sozialen Netzwerken recherchiert und gegenübergestellt werden. | |||
Platforms for Temporal Graph Analysis (Master Level) (vergeben) Benjamin Erb | The combination of graph-structured data and time-series data yields new opportunities for complex analytics in certain domains. Relatively few platforms are currently addressing this issue. The primary task is an introduction of the overall topic and a comprehensive survey of existing solutions. | |||
ScriptGen und PRISMA: Algorithmen für das Protocol Reverse Engineering (vergeben) Stephan Kleber | Die Analyse von unbekannten Netzwerkprotokollen erfordert spezialisierte Algorithmen zur automatischen Erkennung von syntaktischen und semantischen Strukturen in Datenströmen. Verschiedene Algorithmen wurden dazu entwickelt und angepasst. Zwei Algorithmen, ScriptGen und PRISMA, sollen im Rahmen dieser Arbeit aufbereitet, erklärt und verglichen werden. | |||
Distance Lower Bounding (vergeben) Stephan Kleber | Conventional distance-bounding protocols use a single-bit request and immediate response to calculate an upper bound on the round-trip time of two parties: the verifier and the prover. In this manner distance-bounding protocols are able to decide whether the prover is in a specified physical distance to the verifier. A complementary approach is distance lower bounding, that has been newly proposed. Here the prover intends to prove that the distance of verifier and prover is larger than a defined threshold. This seminar paper should evaluate the proposed distance lower bounding concept and discuss its advantages and disadvantages. Moreover the practical applicability in security should be discussed. | |||
Freenet (vergeben) Henning Kopp | Freenet ist ein peer-to-peer Netzwerk für verteilten Speicher. Eines der Haupt-Designziele für Freenet ist Zensurresistenz und Anonymität. In diesem Seminar sollen die Mechanismen, die Freenet benutzt, um diese Ziele zu gewährleisten, beschrieben werden. | |||
El Gamal (vergeben) Henning Kopp | El Gamal ist zusammen mit RSA eines der ersten asymmetrischen Verschlüsselungsverfahren. Obwohl El Gamal im Gegensatz zu RSA nie patentiert war und somit frei implementiert werden konnte, hat es sich nie weit durchgesetzt. Trotzdem ist es wichtig für das Verständnis modernerer asymmetrischer Verfahren. In diesem Seminar soll eine funktionale Beschreibung von El Gamal ausgearbeitet werden. | |||
Ethereum (vergeben) Henning Kopp | Ethereum stammt von digitalen Währungen wie Bitcoin ab. Im Gegensatz zu Bitcoin ist jedoch die Skriptsprache von Ethereum Turing-vollständig, was es erlaubt, Ethereum auch als öffentlichen, verteilten Computer zu benutzen. In dieser Arbeit sollen die Grundideen von Ethereum herausgearbeitet werden. | |||
Capsicum (frei) Dominik Lang | Capabilities and access control lists (ACL) are the most widely known access control concepts for operating systems. In practice, however, ACLs are used in every common operating system, whereas capabilities have not found any widespread use and have mostly been confined to research. Capsicum is a project introducing capabilities for UNIX-based operating systems. It was originally implemented for FreeBSD and is now part of the FreeBSD 10 release. The goal of this seminar paper is to give an overview of Capsicum and how it uses capabilities to better confine applications. | |||
Best Practices for Security Protocols (vergeben) Dominik Lang | Every day we rely on the security of communication protocols to protect our data. The design of security protocols is difficult, and one mistake can compromise the entire security. The goal of this seminar paper is to give an overview of best practices in designing security protocols. | |||
Technical Report on Openflow (vergeben) Thomas Lukaseder | Openflow ist das de facto Standardprotokoll, wenn es um Software-Defined Networks (SDN) geht und wird auch oft synonym verwendet mit SDN. Die Protokollspezifikation ist dabei im stetigen Wandel, und sowohl im Bereich der Controller (etwa OpenDaylight und POX) sowie im Bereich der Hardware (etwa Switche von HP oder Mellanox) werden unterschiedliche Features und Versionen von Openflow verwendet. Ziel dieser Arbeit soll es sein, die unterschiedlichen Openflow Versionen untereinander bezüglich ihrer Fähigkeiten zu vergleichen und Controllersoftware und Hardwaregeräte bezüglich der unterstützen Versionen einzuordnen. | |||
Network Traffic Analysis With Netflow (vergeben) | Netflow ist eine Technik um statistische Auswertungen über den Netzwerkverkehr erstellen zu können. Anwendungsfälle für diese Auswertungen sind etwa Kapazitätsplanung, Quality of Service Analysen oder auch Eindringlingserkennung im Netzwerk. Diese ursprünglich von Cisco entwickelte Technik wird auch von anderen Herstellern unter anderem Namen verwendet und inzwischen als RFC 3954 auch standardisiert. Ziel dieser Arbeit soll es sein Netflow bezüglich seiner Fähigkeiten zu beschreiben und Anwendungsbeispiele insbesondere aber nicht ausschließlich im Bereich Netzwerksicherheit ausführlich darzulegen. | |||
Side-Channel Attacks on Smartphones (vergeben) | In contrast to cryptanalysis or other attacks that target actual weaknesses of system designs, "side-channel attacks" aim to attack the implementation of a system. A number of "side-channels" can be exploited: The power consumption of a device, the timing of security sensitive operations, electromagnetic emanation or sounds emitted by the target system. Recent smartphones include more and more sensors that provide further potential side-channels. The goal of this seminar paper is to survey the state of the art in smartphone side-channel attacks, as well as to assess the impact and significance of the existence of these attacks to current mobile device security. | |||
Homomorphic Encryption and its Application in Distributed Systems (vergeben) | "Homomorphic encryption" has been called the "Holy Grail" of cryptography. It describes an encryption scheme's feature that enables us to perform computations on the encrypted data without the need to decrypt it. As more and more data is being processed "in the cloud", it is obvious that homomorphism is quite a desired feature in order to secure data. During this seminar, current research about homomorphic encryption is to be surveyed and examined in the context of different application scenarios. The paper should also express the student's appraisal of the possibilities and the feasibility of the application of homomorphic encryption. | |||
Position verification in VANETs (vergeben) Rens van der Heijden | One approach to improve road safety and efficiency in the future is by allowing vehicles to communicate and warn or plan their routes. This is realized through vehicular ad-hoc networks. These networks bring a number of challenges, including for routing, as messages are often sent to inform vehicles in a particular area of a traffic jam ahead of them. Many solutions proposed to solve these challenges involve the positions of the vehicles. Thus, for the correct and safe operation of these networks, it is essential that the positions sent by other vehicles can be trusted or verified. In this seminar paper, you will discuss several approaches to verify the positions of vehicles that are received through these networks. | |||
Subjective Logic (vergeben) Rens van der Heijden | Subjective logic is a logic that extends probabilistic logic with certainty. In other words, it allows us to model not just how likely something is, but also how certain we are about this probability. This makes subjective logic a useful tool in areas like trust management. In particular, subjective logic captures these two concepts in one data structure, unlike dempster-shafer theory, which uses an independent value to represent confidence. In this seminar, you will give a short overview of subjective logic and either its different application areas or the mathematical foundations of the logic in comparison to alternative representations. | |||
Apache Zookeeper (vergeben) Eugen Frasch | Apache ZooKeeper is a software project of the Apache Software Foundation, providing an open source distributed configuration service, synchronization service, and naming registry for large distributed systems. ZooKeeper was a sub-project of Hadoop but is now a top-level project in its own right. ZooKeeper's architecture supports high availability through redundant services. The goal of this semiar paper is to give an overview of ZooKeeper's architecture and its functionality. Also some research about approach of process orchestration has to be surveyed | |||
Google Kubernetes (vergeben) Eugen Frasch | Kubernetes is an open source container cluster manager. It schedules any number of container replicas across a group of node instances. A master instance exposes the Kubernetes API, through which tasks are defined. Kubernetes spawns containers on nodes to handle the defined tasks. The number and type of containers can be dynamically modified according to need. An agent (a kubelet) on each node instance monitors containers and restarts them if necessary. Kubernetes is optimized for Google Cloud Platform, but can run on any physical or virtual machine. During this seminar, current research about Google Kubernates is to be surveyed and an overview of its functionality should be given. | |||
DevOps (vergeben) Eugen Frasch | DevOps is a software development method that emphasizes communication, collaboration (information sharing and web service usage), integration, automation, and measurement of cooperation between software developers and other IT professionals. The method acknowledges the interdependence of software development, quality assurance (QA), and IT operations, and aims to help an organization rapidly produce software products and services and to improve operations performance. In this seminar paper the student should give an overview of DevOps and its application in software development. Also comparision to other approaches should be stated. | |||
Docker (vergeben) Eugen Frasch | Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux, Mac OS and Windows. According to industry analyst firm 451 Research, "Docker is a tool that can package an application and its dependencies in a virtual container that can run on any Linux server. This helps enable flexibility and portability on where the application can run, whether on premises, public cloud, private cloud, bare metal, etc." The goal of this semiar paper is to give an overview of Docker's architecture and its functionality. | |||
Google Spanner (vergeben) Eugen Frasch | Spanner is Google's globally distributed NewSQL database, the successor to BigTable. Google describes Spanner as a not pure relational database system because each table must have a primary key column. The lack of transactions in BigTable led to frequent complaints from users, so Google made distributed transactions central to the Spanner's design. During this seminar, current research about Google Spanner is to be surveyed and an overview of its functionality should be given. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Benjamin Erb, Steffen Kächele, Stephan Kleber, Henning Kopp, Thomas Lukaseder, Christian Spann, Rens van der Heijden |
Termine: | Donnerstag, 16.04.2015, 10.15 Uhr - 11.45 Uhr, O27/2202: Einführungsveranstaltung (verpflichtend) Donnerstag, 23.04.2015, 10.15 Uhr - 11.45 Uhr, O28/H21: Wissenschaftliches Arbeiten (verpflichtend) Donnerstag, 23.04.2015, 16.15 Uhr - 17.45 Uhr, O27/341: LaTeX-Einführung (freiwillig) Donnerstag, 25.06.2015, 10.15 Uhr - 11.45 Uhr, N25-2103: Präsentationstechniken (verpflichtend) Freitag, 10.07.2015, 08.00 Uhr - 20.00 Uhr, 45.2.102 und 45.2.103: Vorträge (verpflichtend) |
Vorbesprechung: | Donnerstag, 16.04.2015, 10.15 Uhr, O27/2201 |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgte bereits über die zentrale Seminarthemen-Vergabe-Plattform. |
Sprache: | Alle Themen können in deutscher oder englischer Sprache bearbeitet werden. |
Hinweis: Alle Seminarthemen sind vergeben worden.
Themen
Time Models in Distributed Systems & Applications (vergeben) Benjamin Erb | In distributed systems and applications, the conception of time is an essential building block. Time models influence the notion of temporal order, causality, consistency as well as the overall execution progress. The basic objective of this seminar paper is to give an overview on different time models existing in literature and to assess their fundamental applicability in distributed contexts. This topic is mainly intended for Master students. |
Big Data on Graphs (vergeben) Benjamin Erb | The Big Data trend has re-established interest in the algorithmic processing of graph-based data, but now on a very large scale. For instance, search engine providers such as Google take advantage of graph mining in order to improve the ranking of web pages and social networks such as Facebook or Twitter use graph algorithms for user clustering and generating contact suggestions. The general goal of this seminar paper is an overview of graph problems, graph algorithms, graph computing platforms, and exemplary use cases of graph computing – each of them based on Big Data scenarios. This topic is intended for both Bachelor and Master students. |
Lambda Architectures for Neartime & Batch Processing (vergeben) Benjamin Erb | So far, distributed computing platforms for large-scale data processing have either focussed on a batch-oriented style of processing (e.g. MapReduce), or they have provided near-realtime computations (e.g. event processing) instead. For several use cases, both styles of computations are required at the same time. Lambda architectures try to combine both approaches and provide a unified approach. As part of this seminar paper, differences between both computing styles should be outlined. Next, the idea of a unified lambda architecure as well as appropriate examples should be introduced and characterized. This topic is mainly intended for Master students. |
ScriptGen und PRISMA: Algorithmen für das Protocol Reverse Engineering (vergeben) Stephan Kleber | Die Analyse von unbekannten Netzwerkprotokollen erfordert spezialisierte Algorithmen zur automatischen Erkennung von syntaktischen und semantischen Strukturen in Datenströmen. Verschiedene Algorithmen wurden dazu entwickelt und angepasst. Zwei Algorithmen, ScriptGen und PRISMA, sollen im Rahmen dieser Arbeit aufbereitet, erklärt und verglichen werden. |
Auf der Suche nach "der" Physically Unclonable Function (vergeben) Stephan Kleber | Physically Unclonable Functions (PUFs) nutzen physikalische Eigenschaften von Hardwareinstanzen aus, um spezifisches, einzigartiges und nicht nachahmbares Verhalten von Algorithmen auf diesem einen Gerät zu erlangen. Insbesondere im Bereich der IT-Sicherheit ist ein solches Verhalten für Attestierung und spezielle Nutzung von Verschlüsselung sehr wertvoll. Die exakte Definition von PUFs ist aber keineswegs einfach, weshalb es keine allgemein anerkannte Definition gibt. Diese Arbeit soll die aktuelle Diskussion um diese Definition im Überblick beschreiben und eine eigene Einschätzung dazu entwickeln. |
Das Oracle Problem beim Fuzzing (vergeben) Stephan Kleber | Fuzzing ist eine Form des Testens von Implementierungen oder Spezifikationen auf ihre Korrektheit, dies typischerweise bei Themen der IT-Sicherheit im Hinblick auf das Finden von Schwachstellen. Dazu wird ein mehr oder weniger zufällig gewählter Wert einem Programm als Eingabe übergeben. Die Analyse der Ausgabe verrät nun dem Tester im Idealfall, ob ein Fehler bei der Verarbeitung aufgetreten ist, oder nicht. Um eine zuverlässige automatisierte Auswertung liefern zu können, muss der Fuzzer eine Fehler-Ausgabe von einer positiven Rückmeldung der Anwendung unterscheiden können. Das "Oracle Problem" bezeichnet die Schwierigkeit in einer solchen Situation eine sinnvolle Unterscheidung von Programmausgaben treffen zu können. Diese Arbeit soll verschiedene bekannte Lösungsstrategien kurz zusammenfassen und deren Kernidee jeweils darstellen. |
Padding Oracle Attacks (vergeben) Henning Kopp | Verschlüsselungen operieren oft auf Datenblöcken fester Größe. Um beliebig lange Daten verschlüsseln zu können, müssen diese auf Blockgröße aufgefüllt werden. Diese Auffüllung nennt sich Padding. Wenn Daten nun entschlüsselt werden, muss geprüft werden, ob das Padding korrekt ist, da sonst ein Übertragungsfehler vorlag. Bekommt ein Angreifer die Information, ob das Padding einer Nachricht korrekt ist, zum Beispiel durch Fehlermeldungen, so kann er mittels speziell manipulierter Nachrichten beliebig verschlüsselte Nachrichten entschlüsseln. |
Bitcoins (vergeben) Henning Kopp | Bitcoin ist die beliebteste dezentrale virtuelle Währung. Die einzelnen Bitcoins werden durch ein Peer-to-peer Netzwerk erzeugt. In dieser Arbeit soll ein Überblick über die Funktionsweise von Bitcoins gegeben werden. |
Cube attacks (vergeben) Henning Kopp | Cube attacks sind eine der wenigen rein algebraischen Methoden zur Kryptoanalyse. Unter anderem die Blockverschlüsselung Trivium wurde damit ausführlich getestet. Cube attacks extrahieren lineare Gleichungen aus Schlüssel und Klartextbits, die in einem folgenden Schritt mit bekannten Methoden aus der linearen Algebra einfach gelöst werden können. In diesem Seminar soll die Funktionsweise von Cube attacks zusammen mit modernen Entwicklungen erklärt werden. |
High-Speed Network Intrusion Detection Systems (vergeben) Thomas Lukaseder | Ein Netzwerk Intrusion Detection System ist ein System, das Angriffe innerhalb eines Netzwerkes erkennen soll. Die vergleichsweise schnell steigende Bandbreite bei deutlich langsamer wachsender Rechenleistung erfordert immer effizientere Maßnahmen zur Angriffserkennung. Ziel dieser Seminararbeit ist es, einen Überblick über die vorhandenen Ansätze zur Beschleunigung von NIDS zu geben. |
Golden Shield – The Great Firewall of China (vergeben) Thomas Lukaseder | Der Öffnung Chinas gegenüber der Weltwirtschaft folgte auch eine Öffnung gegenüber dem Internet. Doch nicht das ganze Internet ist aus dem Reich der Mitte erreichbar. Mit dem Projekt "Goldenes Schild" wurde eine Infrastruktur geschaffen, die Teile des Internets in der Volksrepublik unzugänglich machen. Ziel dieser Seminararbeit ist es, einen Überblick über Ausmaß und Geschichte des "goldenen Schildes" zu bieten und einen Vergleich mit Maßnahmen in anderen Ländern zu ziehen. |
Software-Defined Networking – Chances and Risks for Network Security (vergeben) Thomas Lukaseder | Software-Defined Networking bietet die Möglichkeit, die Control Plan und die Data Plane in Netzwerken voneinander zu trennen und ermöglicht so eine vereinfachte Administration durch eine programmierbare, zentrale Steuerung des Netzwerkverkehres, ohne manuell auf die Geräte zugreifen zu müssen. Ziel dieser Seminararbeit ist es, einen Überblick über die sich hieraus ergebenden Möglichkeiten und Risiken im Bezug auf Netzwerksicherheit herauszuarbeiten. |
Sybil Attacks in Vehicular Ad-hoc Networks (vergeben) Rens van der Heijden | In dieser Seminararbeit geht es darum, verschiedene Ansätze zum Erkennen so genannter Sybil Attacks in Fahrzeug-Fahrzeug-Kommunikation zu beprechen. Sybil Attacks sind, in der einfachsten Form, ein Angriff, bei dem ein Angreifer mehrere Identitäten verwendet, um irgendein Ziel zu erreichen bzw. um einen Angriff zu verbessern. Es ist nicht Ziel der Arbeit, einzelne Erkennungsmechanismen zu beschreiben, sondern verschiedene Klassen zu unterscheiden und deren Vor- und Nachteile zu besprechen. |
Misbehavior detection in industrial control systems (vergeben) Rens van der Heijden | Industrial control systems are typically distributed systems that are used to monitor and control one or more physical processes, such as those at a chemical factory, nuclear power plant, manufacturing or dams. Failure of these processes can cause catastrophic events or lead to significant financial loss, and thus the safety of these processes is of paramount importance. However, in recent decades, the trend towards increased networking in these systems has led to a number of security issues. This work discusses the detection of attacks in these systems by applying knowledge of the physical processes to verify the correctness or consistency of packets. |
Jamming in wireless ad-hoc networking (vergeben) Rens van der Heijden | In dieser Seminararbeit geht es darum, das Problem von Jamming in verschiedenen drahtlosen Szenarien zu beschreiben und Erkennungs- und Präventionsansätze zu besprechen. Ein möglicher Anwendungsfall ist Fahrzeug-Fahrzeug-Kommunikation, wo die zeitnahe Zustellung von Paketen sehr wichtig ist für die Funkionsweise des Netzes. In der Literatur gibt es verschiedene Ansätze und Angreifermodelle, die dieses Problem umgehen können. |
Eventual Consistency und CRDTs (vergeben) Franz J. Hauck | In modernen großen verteilten Anwendungen wird häufig die Konsistenz redundanter Daten abgeschwächt, um sowohl Verfügbarkeit zu erzielen wie auch Netzwerkpartitionen zu tolerieren. Gängig ist hier die Eventual Consistency, die zusichert, dass redundante Daten nach einer gewissen Zeit alle Änderungen im System repräsentieren, d.h. wenn man lange genug wartet, nehmen alle Speicher denselben Endwert an, währenddessen gelten jedoch eventuell veraltetete Versionen der Werte. Commutative Replicated Data Types (CRDTs) sind Datenstrukturen, die eine systematische und strukturierte Entwicklung von Anwendungen auf dem Prinzip der Eventual Consistency ermöglichen. Das Seminarthema soll in die Thematik einführen und das Prinzip der CRDTs, ihre Varianten sowie Beispiele dazu präsentieren. |
Kubernetes (vergeben) Steffen Kächele | Docker erlaubt es, durch Betriebssystemvirtualisierung Anwendungen mitsamt ihrer Abhängigkeiten auf fremden Rechnenumgebungen auszuführen. In dieser Arbeit soll die Orchestration Kubernetes für Docker Container vorgestellt werden. |
Java Multi-tenancy Architekturen (vergeben) Steffen Kächele | Heutige Cloud Computing Umgebungen nutzen häufig Virtuelle Maschinen, um Anwendungen mehrerer Nutzer voneinander abzugrenzen. In dieser Seminararbeit sollen Ansätze vorgestellt werden, welche eine Isolation auf Ebene der Java Virtual Maschine vornehmen. Eine kritische Auseinandersetzung des Ansatzes rundet die Arbeit ab. |
The Chubby Lock Service (vergeben) Christian Spann | Google nutzt für die Synchronisation seiner Dienste einen Dienst namens Chubby. Dieser nutzt einen Einigungsalgorithmus welcher Paxos, dem Prototyp aller Einigungsalgorithmen, sehr ähnlich ist. In dieser Seminararbeit soll der Dienst und seine Implementierung vorgestellt werden. |
Google Data Storage (vergeben) Christian Spann | Der Google Data Storage ist ein hochverfügbarer Datenspeicherdienst. Er synchronisiert seine Zugriffe mittes Paxos. In dieser Seminararbeit soll die Architektur und die von dem Speicherdienst gewährleistete Konsistenz beleuchtet und vorgestellt werden. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen in Verteilten Systemen |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / 72041 |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Stefan Dietzel, Benjamin Erb, Steffen Kächele, Stephan Kleber, Henning Kopp, Thomas Lukaseder, Christian Spann, Rens van der Heijden |
Termine: | Montag, 12.30 Uhr – 14.00 Uhr, O27-341 Dienstag, 14.15 Uhr – 15.45 Uhr, O27-341 |
Vorbesprechung: | Montag, 13.10.2014, 12.30 Uhr - 14.00 Uhr, O27-341 |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt ab 14.08.2014 über die zentrale Seminarthemen-Vergabe-Plattform. |
Hinweis: Wenige freie Themen sind noch bis zu Semesterbeginn zu vergeben. Kontakt: Stefan Dietzel
Themen
Verteilte Graph-Algorithmen (vergeben) Benjamin Erb | Graphen sind wichtige Werkzeuge für Rechnernetze und verteile Systeme. Erst duch passende Algorithmen lassen sich auf Graphen interessante Berechungen und Anwendungen ausführen. Im Rahmen dieser Arbeit sollen wichtige verteilte Algorithmen am Beispiel von Netzwerken vorgestellt und untersucht werden. |
Distributed Systems Archaeology (vergeben) Benjamin Erb | Fortgeschrittene Konzepte verteilter Systeme ermöglichten erst Erscheinungen wie Google oder Facebook, Cloud Computing oder Big Data. Überraschenderweise sind eine Vielzahl der verwendeten Konzepte und Ansätze das Resultat von Forschungen aus den Sechziger, Siebziger und Achtziger Jahre – also älter als man vermuten könnte. Im Rahmen dieser Seminararbeit soll aufgezeigt werden, welchen Historie die heutigen "Hot Topics" der verteilten Systeme und Anwendungen besitzen und wie sie sich entwickelt haben. Dieses Thema richtet sich vor allem an Master-Studierende oder Studierende mit Erfahrungen im Bereich verteilter Systeme. |
Padding Oracle Attacks (vergeben) Henning Kopp | Verschlüsselungen operieren oft auf Datenblöcken fester Größe. Um nun beliebig lange Daten verschlüsseln zu können müssen diese auf Blockgröße aufgefüllt werden. Diese Auffüllung nennt sich Padding. Wenn Daten nun entschlüsselt werden, muss geprüft werden ob das Padding korrekt ist, da sonst ein Übertragungsfehler vorlag. Bekommt ein Angreifer die Information ob das Padding einer Nachricht korrekt ist, zum Beispiel durch Fehlermeldungen, so kann er mittels speziell manipulierter Nachrichten beliebig verschlüsselte Nachrichten entschlüsseln. |
Kleptography (vergeben) Henning Kopp | Bei Kleptographie geht es darum, dass ein Angreifer einen Verschlüsselungs- oder Signaturalgorithmus durch einen eigenen Algorithmus ersetzt. Der Algorithmus des Angreifers muss weiterhin alle Spezifikationen des originalen Algorithmusses erfüllen, soll aber zusätzlich Schlüsselmaterial des Benutzers leaken. Dieses Leaking soll unauffällig geschehen. Das bedeutet, dass nur der Angreifer überhaupt erkennen kann, dass der Algorthmus manipuliert wurde. |
Ethereum (vergeben) Henning Kopp | Ethereum stammt von digitalen Währungen wie Bitcoin ab. Im Gegensatz zu Bitcoin ist jedoch die Skriptsprache von Ethereum Turing-vollständig, was es erlaubt, Ethereum auch als öffentlichen, verteilten Computer zu benutzen. In dieser Arbeit sollen die Grundideen von Ethereum herausgearbeitet werden. |
Sybil attacks in Vehicular Ad-hoc Networks (vergeben) Rens van der Heijden | In dieser Seminararbeit geht es darum, verschiedene Ansätze zum Erkennen so genannter Sybil Attacks in Fahrzeug-Fahrzeug-Kommunikation zu beprechen. Sybil Attacks sind, in der einfachsten Form, eine Angriff wo ein Angreifer mehrere Identitäten verwendet um irgendein Ziel zu erreichen, bzw. um einen Angriff zu verbessern. Es ist nicht Ziel der Arbeit, einzelne Erkennungsmechanismen zu beschreiben, sondern verschiedene Klassen zu unterscheiden und deren Vor- und Nachteile zu besprechen. |
Jamming in Wireless Ad-hoc Networks (vergeben) Rens van der Heijden | In dieser Seminararbeit geht es darum, das Problem von Jamming in verschiedenen drahtlosen Szenarien zu beschreiben und Erkennungs- und Präventionsansätze zu besprechen. Ein möglicher Anwendungsfall ist Fahrzeug-Fahrzeug-Kommunikation, wo die zeitnahe Zustellung von Paketen sehr wichtig ist für die Funkionsweise des Netzes. In der Literatur gibt es verschiedene Ansätze und Angreifermodelle, die dieses Problem umgehen können. |
Data consistency in Vehicular Ad-hoc Networks (vergeben) Rens van der Heijden | In Fahrzeug-Fahrzeug-Kommunikation ist es insbesondere für sicherheitsrelevante Anwendungen sehr wichtig, dass Daten die aus dem Netzwerk kommen auch verifiziert werden. Eine mögliche Art, dies zu erreichen, ist dass Daten miteinander in Bezug gesetzt und auf Konsistenz geprüft werden. Trifft man die Annahme, das jedes Fahrzeug genau eine Identität besitzt, und diese Identität nicht gefälscht werden kann, so kann man mittels eines Vergleichs zwischen verschiedenen Nachrichten mit ähnlichem Inhalt feststellen, wie die tatsächliche Situation ausseht. In dieser Seminararbeit geht es darum, mehrere Mechanismen zu diskutieren, die das versuchen zu erreichen. |
Programmable Network Devices (vergeben) Thomas Lukaseder | |
High-Speed Intrusion Detection Systems (vergeben) Thomas Lukaseder | |
Identifikation notwendiger Garantien der Netzwerkschicht in BFT Algorithmen (frei) Christian Spann | Byzantinisch Fehlertolerante Systeme ermöglichen durch Replikation, dass Dienste im Netz den Ausfall oder die Korrumpierung einzelner Replikate des replizierenden Systems überstehen. Der Dienst bleibt somit auch beim Ausfall einer definierten Teilmenge an Replikaten weiter verfügbar. Das Netzwerk, welches die Replikate verbindet, kann hierbei asynchron sein, Nachrichten verlieren und weitere Schwächen aufweisen. Dennoch verlassen sich die in der Literatur vorgeschlagenen Algorithmen meist darauf, dass eine Zwischenschicht die meisten tolerierten Netzwerkfehler wieder maskiert, da der Algorithmus sonst zu komplex in der Darstellung würde. Ziel dieser Arbeit ist es, diese notwendigen Garantien der Zwischenschicht in verschiedenen etablierten BFT Algorithmen zu identifizieren und eine Obermenge herauszuarbeiten um eine generische Implementierung der Zwischenschicht zu ermöglichen. |
"Exotische" Injection Flaws (vergeben) Stephan Kleber | Insbesondere im Bereich der Web-Security sind Injections Flaws ein häufiger Angriffsvektor. Gängig ist dabei die SQL-Injection, aber auch andere Injections sind denkbar und als Schwachstellen bekannt: XPath-Injection, LDAP Injection, Hibernate Query Language Injection, Direct OS Code/Command?? Injection, XML Entity Injection, Log Injection, Reflection Injection, Interpreter Injection. Diese Arbeit soll einen Überblick über diese Schwachstellen geben, Zusammenhänge, Ähnlichkeiten und Unterschiede aufzeigen und bekannte Gegenmaßnahmen erläutern. |
Algorithmen zum Protocol Reverse Engineering (vergeben) Stephan Kleber | Die Analyse von unbekannten Netzwerkprotokollen erfordert spezialisierte Algorithmen zur automatischen Erkennung von syntaktischen und semnatischen Strukturen in Datenströmen. Verschiedene Algorithmen, die teilweise in Kombination eingesetzt werden, wurden aus der Bioinformatik entlehnt, wo sie der DNS-Analyse dienen. Die gängigsten Algorithmen sollen im Rahmen dieser Arbeit aufbereitet und erklärt werden. |
Aktuelle Return-Oriented-Programming (ROP) Gegenmaßnahmen (vergeben) Stephan Kleber | Eine aktuelle Untersuchung hat die Effektivität von ROP Gegenmaßnahmen erhoben. Die Ergebnisse dieser Untersuchung stellen Vor- und Nachteile verschiedener Ansätze gegenüber. Diese Ergebnisse sollen in dieser Arbeit beleuchtet und kritisch diskutiert werden. |
Probabilistic Data Structures: Theory and Distributed Applications (vergeben) Stefan Dietzel | Große Datenbanken und verteilte Systeme benötigen gleichermaßen Datenstrukturen zum effizienten Finden von gespeicherten Elementen. Es ist dabei wichtig, dass diese Datenstrukturen Speicherplatz-effizient sind und schnell durchsucht werden können. In den letzten Jahren haben sich probabilistische Datenstrukturen wie Bloom Filter, FM-Sketches, HyperLogLog und andere immer mehr für solche Anwendungen durchgesetzt. Diese Arbeit soll einen Überblick über de theoretischen Eigenschaften sowie praktische Anwendungen geben. |
In-Network Data Aggregation in VANETs (vergeben) Stefan Dietzel | Fahrzeug-Fahrzeug-Netze benötigen effiziente Mechanismen, um Informationen über weite Strecken zu verbreiten. Aufgrund der hohen potentiellen Datenmenge, die von allen Fahrzeugen kollaborativ generiert wird, werden Mechanismen benötigt, die Informationen bereits während der Ausbreitung im Netz effizient komprimieren. Diese Arbeit soll einen Überblick über solche Verbreitungsmechanismen geben. |
Vergleich von Ansätzen zum Configuration Management (vergeben) Franz J. Hauck | Bei der Verwaltung vieler verteilter Rechensystemen muss jedes System indiviudell konfiguriert werden. Entsprechende Software kann diesen Prozess automatisieren. Das Thema soll eine Auswahl von Open-Source Systemen vergleichend gegenüber stellen. |
Cloud Foundry (vergeben) Franz J. Hauck | Cloud Foundry ist ein Open-Source Cloud-System aus der PaaS (Platform-as-a-Service) Gruppe. Das Thema soll das System mit seinen Facetten möglichst umfassend präsentieren. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen in Verteilten Systemen, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Voraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Voraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen Verteilter Systeme |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / ? |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Stefan Dietzel, Steffen Kächele, Benjamin Erb, Stephan Kleber, Christian Spann, Rens van der Heijden, Henning Kopp |
Termine: | Mittwoch, 14.15 Uhr - 15.45 Uhr, O27-341 |
Themenvorstellung: | Unverbindliche Themenvorstellung am Mittwoch, 23.04.2014, 14.15 Uhr im Raum O27-341. |
Lernplattform: | Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt sobald sie eines unserer Seminare besuchen. |
Themenvergabe: | Die Themenvergabe erfolgt ab 01.04.2014 über die zentrale Seminarthemen-Vergabe-Plattform. |
Themen
Anomalie-basierte Angriffserkennungssystemen für Indusrie-steuersysteme Rens van der Heijden | In aktuellen Fabriken und Kraftwerken werden häufig elektronische Steuersysteme eingesetzt, um einen Prozess automatisch zu kontrolieren und steuern. Diese Steuersysteme nennen sich Industrial Control Systems (ICS), und werden meistens verwendet, um kritische Systeme zu monitoren und auch automatisch auf Ereignisse zu reagieren. Diese Systeme werden immer häufiger an das Internet angebunden, und damit gibt es ein deutlich höheres Risiko auf Angriffe. Dazu werden in Forschungsarbeiten sogenannte Intrusion Detection Systems (IDS) entwickelt, um diese Angriffe zu erkennen. Ziel dieser Seminararbeit ist, eine Übersicht zu schaffen, welche Arten von IDS es gibt, insbesondere in dem Teilbereich der anomalie-basierten (anomaly-based) IDS. |
Sicherheitsherausforderungen von intelligente Strom-Infrastrukturen Rens van der Heijden | In den letzten Jahren sind verschiedene Arten von sogenannten "Smart Meters" eingeführt, eine Art von Stromzähler, die es ermöglicht Verbrauch von einem Haus zu kommunizieren. Diese Informationen können von Stromlieferant verwendet werden, um die Produktion von Strom auf dem aktuellem Bedarf des Stromnetzes an zu passen. Dies wird immer wichtiger, weil die Produktion nicht länger nur am Kraftwerk statt findet, sonder dann auch bei Häuser, aufgrund eines zunehmendes Anzahl von Stromproduktion aus erneuerbare Energiequellen wie Wind und Sonne. Das gesamte Netzwerk von Produzenten und Verbraucher bezeichnet man auch mit "Smart Grid". Ziel dieser Arbeit ist, die Sicherheitsanforderungen in diese Netzwerken zu analysieren, und insbesondere fest zu stellen, wie diese sich von traditionelle Netzwerken unterscheiden. |
Verbesserte Vorgangs- und Störfallserkennung mit fahrzeug-fahrzeug Netzwerken Rens van der Heijden | Fahrzeug-Fahrzeug Kommunikation ist ein Forschungsgebiet das sich in die letzte 10-15 Jahren verbreitet hat, mit das Hauptziel die Sicherheit des Fahrers zu erhöhen. Zusätzlich gibt es Möglichkeiten die gesammelte Daten so zu verwenden, das z.B. Staus erkannt werden können, oder freie Parkplätze gefunden werden können. Dazu ist es notwendig, das Fahrzeuge innerhalb des Netzes identifizieren können, wenn interessante Ereignisse passieren. Ziel dieser Arbeit ist, ausgewählte Mechanismen zu diskutieren, die mittels Nachrichten aus dem Fahrzeug-Fahrzeug Kommunikationssystem verschiedene Arten von Ereignisse bzw. Störfälle erkennen. |
Commutative Replicated Data Types Benjamin Erb | Commutative Replicated Data Types (CRDTs) sind spezielle Datentypen, deren Operationen vertauschbar sind. Somit konvergieren nebenläufige Operationen auf Replikaten letztendlich auf den gleichen Zustand, ohne das dafür besondere Nebenläufigkeitskontrolle notwendig ist. CRDTs eignen sich deswegen vor allem für den Einsatz in verteilten Anwendungen und Datenbanken. Ziel der Arbeit ist eine Vorstellung von CRDTs und ihren Konzepten. |
Reactive Programming Benjamin Erb | Reactive Programming fasst einen Architekturtrend zusammen, der auf das Design und die Implementierung von ereignisbasierten, skalierbaren, fehlertoleranten und interaktiven verteilten Anwendungen abzielt. Ziel der Arbeit ist die Vorstellung der Grundidee und der einzelnen architektonischen Konzepte, sowie eine Einordnung zu anderen verteilten Architekturen. Desweiteren soll auf verfügbare Frameworks wir RxJava und Akka eingegangen werden, die den Einsatz von Reactive Programming erleichtern. |
Graphenbasierte Computing-Frameworks Benjamin Erb | Neben klassischen Batch-Processing-Plattformen wie Hadoop und speziellen graph-basierten NoSQL-Datenbanken wie neo4j gibt es auch dedizierte Frameworks, um auf graph-basierten Daten Berechnungen durchzuführen. In dieser Seminararbeit sollen solche Frameworks, wie zum Beispiel GraphX, Pregel oder PowerGraph, vorgestellt und erläutert werden. |
Sponge functions | Ein wichtiger Baustein in Sicherheitssystemen sind kryptographische Hashfunktionen. Man kann sie sich vorstellen als eine Art mathematische Einbahnstraße. Eine oft verwendete Konstruktion um Hashfunktionen zu bauen ist die Merkle-Damgard-Konstruktion. Leider sind die so entworfenen Hashfunktionen verwundbar durch Length extension Angriffe. Der neue Standard SHA-3 verwendet dagegen die sogenannte sponge construction, die sogar beweisbare Sicherheitsgarantien liefert. Ziel dieser Arbeit ist die Herausarbeitung der Vor- und Nachteile der sponge Konstruktion. |
Miller-Rabin primality test | Primzahltests finden häufig Anwendung in Zufallszahlengeneratoren oder asymmetrischen Verschlüsselungsverfahren wie zum Beispiel RSA. Der probabilistische Primzahltest von Miller-Rabin ist trotz seines Alters und seiner einfachen Implementierung momentan einer der effektivsten Primzahltests. Je nach Kenntnisstand des Studenten wird eventuell noch ein zweiter Primzahltest besprochen, Anwendungsgebiete erläutert oder die mathematische Grundlagen vertieft. |
Das Bitcoin-protokoll | Bitcoin ist die beliebteste dezentrale virtuelle Währung. Die einzelnen Bitcoins werden durch ein Peer-to-peer Netzwerk erzeugt. In dieser Arbeit soll ein Überblick über die Funktionsweise von Bitcoins gegeben werden. Je nach Aufwand können noch Details vertieft oder die gesellschaftlichen Folgen besprochen werden. |
Subjective Logic Stefan Dietzel | Subjective Logic ist eine von Adun Josang entwickelte Logik die einige Vorzüge gegenüber klassischer Boolescher Logik oder probabilistischer Logik bietet. Subjective Logic bietet eine flexible Modellierungssprache für Aussagen und deren Kombination. In verteilten Systemen kann Subjective Logic für Web-of-Trust-Anwendungen, aber auch für mobile ad-hoc Netze wie drahtlose Sensornetze eingesetzt werden. Diese Seminararbeit soll einen Überblick über Subjective Logik geben und den Einsatz anhand von praktischen Anwendungsbeispielen diskutieren. |
VANET-Anwendungen für Verkehrseffizienz Stefan Dietzel | VANETs sind ad-hoc Netze, die zwischen Fahrzeugen aufgebaut werden. Neben Anwendungen die die Sicherheit der Fahrer erhöhen ist die Steigerung der Verkehrseffizienz das Haupt-Anwendungsgebiet. Mögliche Umsetzungen sind virtuelle Ampeln, dynamische Ampelschaltungen, dynamische Routenanpassung sowie verbesserte Parkplatzsuche. In dieser Arbeit soll ein Überblick über mögliche Anwendungen gegeben werden sowie die darunter liegenden Herausforderungen, wie etwa effiziente Informationsverbreitung im Netzwerk, beleuchtet werden. |
Privacy in VANETs Stefan Dietzel | VANETs sind ad-hoc Netze, die zwischen Fahrzeugen aufgebaut werden. Gleichwohl sie viele Anwendungen ermöglichen, ist die Basis für viele dieser Anwendungen der ständige Austausch von feingranularen Positions-Daten der einzelnen Fahrzeuge. Ein Angreifer der die Positionsdaten sammelt kann so detaillierte Bewegungsmuster erstellen. Diese Arbeit soll einen Überblick über das Ausmaß möglicher Angriffe geben sowie exemplarisch verschiedene Gegenmaßnahmen vorstellen. |
Binary Instrumentation | Zur dynamischen Analyse von Programmen kann die sogenannte Binary Instrumentation verwendet werden. Hierbei werden mit unterschiedlichen Verfahren Hooks in das Programm eingebracht, die auf bestimmte Funktionsaufrufe reagieren und diese protokollieren können, ohne den Programmablauf selbst zu beeinflussen. Auf gewisse Weise handelt es sich hierbei um den komplementären Ansatz zu Taint Tracking, das zur Verfolgung von Datenflüssen eingesetzt wird. Mit geeigneter Prozessorunterstützung ist es sogar möglich solche Hooks auf eine Binärdatei anzuwenden, ohne dass diese rekompiliert werden muss. Ein Beispiel für ein solches Tool ist PIN, das von Intel entwickelt wurde. Diese Arbeit soll die Konzepte und Grundlagen von Binary Instrumentation darstellen und dazu PIN zur Veranschaulichung nutzen. |
Binäranalyse als Reverse Engineering Technik | Bei der Analyse von Programmen mit unbekanntem Quellcode, wie es etwa bei Malware der Fall ist, ist die Analyse der Binärdatei eine wichtige Technik. Diese enthält den Programmcode, der in der Regel direkt durch den Prozessor ausgeführt wird. Da durch das Übersetzen des Quellcodes in den Programmcode viel von der Semantik einer Hochsprache verloren geht, ist eine solche Analyse nicht trivial. In dieser Arbeit soll erläutert werden, wie dieser Umstand durch geeignete Tools möglichst ausgeglichen und dem Analysten das Verständnis für das Programmverhalten erleichtert werden kann. Ein Tool das hierbei sowohl dynamische als auch statische Analyseverfahren vereint ist BitBlaze, welches als Beispiel dienen soll. |
Techniken zur Generierung von Kommunikationsprotokoll-Zustandsautomaten (Protocol Reverse-Engineering) | Bei Sicherheitsanalysen liegen in vielen Fällen Mitschnitte von Kommunikation oder kommunizierende Geräte vor, deren Protokoll vollkommen unbekannt ist. Zur Analyse und Rekonstruktion des Protokolls einer solchen Kommunikation sind nun verschiedene Ansätze denkbar. Neben der Erkennung des Paketformats ist wichtig zu ermitteln welche Abfolge von Paketen gültige Protokolläufe ausmachen. Tools wie "PEXT", "MACE" und "Netzob" stellen Vertreter verschiedener Ansätze hierzu dar. Ziel dieser Arbeit soll sein die Stärken und Schwächen der einzelnen Ansätze herauszuarbeiten und darzustellen, wo deren Grenzen beim Reverse-Engineering der Zustandsmaschine eines Protokolls liegen. |
Identifikation notwendiger Garantien der Netzwerkschicht in BFT Algorithmen Christian Spann | Byzantinisch Fehlertolerante Systeme ermöglichen durch Replikation, dass Dienste im Netz den Ausfall oder die Korrumpierung einzelner Replikate des replizierenden Systems überstehen. Der Dienst bleibt somit auch beim Ausfall einer definierten Teilmenge an Replikaten weiter verfügbar. Das Netzwerk, welches die Replikate verbindet, kann hierbei asynchron sein, Nachrichten verlieren und weitere Schwächen aufweisen. Dennoch verlassen sich die in der Literatur vorgeschlagenen Algorithmen meist darauf, dass eine Zwischenschicht die meisten tolerierten Netzwerkfehler wieder maskiert, da der Algorithmus sonst zu komplex in der Darstellung würde. Ziel dieser Arbeit ist es, diese notwendigen Garantien der Zwischenschicht in verschiedenen etablierten BFT Algorithmen zu identifizieren und eine Obermenge herauszuarbeiten um eine generische Implementierung der Zwischenschicht zu ermöglichen. |
Distributed Event Processing Frameworks Jörg Domaschka | Die zunehmende Größe verteilter Anwendungen stellt auch größere Ansprüche an das Monitoring der zahlreichen Anwendungskomponenten und involvierten Hardware-Knoten. Dies kann zum Beispiel mit dem Einsatz von Verteilten Event Processing Frameworks realisiert werden. Zu diesen gehören unter anderem S4 (Yahoo), Storm (Twitter), Riehmann und Vert.igo. Ziel dieser Arbeit ist die Definition von Vergleichskriterien für Verteilte Event Processing Frameworks und ein anschließender Vergleich von drei solcher Systeme. Eine Feature-basierte Analyse der drei System in Hinblick auf Monitoring rundet die Arbeit ab. |
Vergleich von CloudFoundry und Apache Stratos Jörg Domaschka | Der Cloud Hype der vergangenen Jahre hat ein reichaltiges Öko-System an Cloud Plattformen und Cloud Anbietern hervorgebracht. Nachdem die Angebote von Infrastructure-as-a-Service (IaaS) Clouds inzwischen kommerziell voll ausgeschöpft werden, steht die Verwendung von Platform-as-a-Service (PaaS) Angeboten noch am Anfang. In dieser Arbeit sollen zunächst die verschiedenen Cloud Angebote (IaaS, PaaS, SaaS) erklärt und gegeneinander abgegrenzt werden. Im Anschluss daran sollen die beiden Software Stacks CloudFoundry und Apache Stratos hinsichtlich Kriterien wie Ansatz, Architektur, Portabilität, ... verglichen werden. Zum Schluss folgt eine kritische Diskussion. |
In-memory Indizierung von (kleinen) Daten Jörg Domaschka | Große Web-Anwendungen wie Twitter und Facebook benötigen effiziente Algorithmen um schnell auf viele kleine Datenstrukturen wie Tweets oder Posts zugreifen zu können. Meist wird dazu ein verteilter Index im Speicher gehalten während die Daten auf Grund der schieren Menge auf persistenten Datenträgern liegen (müssen). In diesem Vortrag sollen verschiedene Algorithmen zur Indizierung vorgestellt und miteinander verglichen werden. Dazu gehören zum Beispiel SILT, SkimpyStash, BufferHash oder FAWN-DS. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, BSc.: Seminar Medieninformatik, BSc.: Seminar Software-Engineering, BSc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen Verteilter Systeme, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Vorraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Vorraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen Verteilter Systeme |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / ? |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Stefan Dietzel, Jörg Domaschka, Benjamin Erb, Steffen Kächele, Stephan Kleber, Christian Spann, Rens van der Heijden |
Termine: | Mittwoch, 14.00 – 16.00 Uhr, O27-341 |
Vorbesprechung: | Gemeinsame Vorbesprechung der Seminare ATVS und RTDS am Montag, 14.10.2013, 12.30 Uhr im Raum O27-341. |
Lernplattform: | Die Seminarplätze werden per ILIAS vergeben. Bitte melden Sie sich dazu im ILIAS-Kurs an. |
Themenvergabe: | Die Themenvergabe erfolgt während der Vorbesprechung nach Anmeldereihenfolge im ILIAS-Kurs. Alternativ können Themen vorab in Absprache mit dem jeweiligen Betreuer vergeben werden, wir empfehlen aber die Vorbesprechung abzuwarten, um einen besseren Überblick über die Themen zu erhalten. |
Themen
Graphenbasierte Computing-Frameworks | Neben klassischen Batch-Processing-Plattformen wie Hadoop und speziellen graph-basierten NoSQL-Datenbanken wie neo4j gibt es auch dedizierte Frameworks, um auf graph-basierten Daten Berechnungen durchzuführen. In dieser Seminararbeit sollen solche Frameworks, wie zum Beispiel GraphX, Pregel oder PowerGraph, vorgestellt und erläutert werden. | |
Erlang's OTP Library | Erlang ist eine funktionale Programmiersprache, die insbesondere für nebenläufige und verteilte Anwendungen zunehmend Verbreitung findet. Ursprünglich für Telefonie-Anwendungen entworfen, stellt Erlang mit Open Telecom Platform (OTP) eine Standardbibliothek und Framework für verteilte, hochverfügbare Systeme bereit. In dieser Seminararbeit sollen die generischen Konzepte von OTP vorgestellt werden. | |
Flow-based Programming Betreuer: Benjamin Erb (Thema bereits vergeben)
| Flow-based Programming ist ein Programmierparadigma, welches Anwendungen in Form von vernetzten Komponenten modelliert, die via Message Passing Daten austauschen. Als eine spezielle Variante von Dataflow Programming erlaubt dieses Paradigma unter anderem auch deklarative Nebenläufigkeit. Flow-based Programming ist durch Spracherweiterungen und Frameworks mittlerweile auch in mehreren Mainstream-Programmiersprachen verfügbar und ermöglicht unter anderem die Entwicklung von Web-Applikationen. | |
Event Sourcing & Command-Query Responsibility Segregation Betreuer: Benjamin Erb (Thema bereits vergeben) | Event Sourcing (ES) und Command-query Responsibility Segregation (CQRS) stellen zwei neuartige architektonische Muster für verteilte Softwareanwendungen dar. ES betrachtet den Zustand der Geschäftslogik nicht als direkt änderbaren Wert, sondern vielmehr als Resultat einer Reihe von gespeicherten Ereignissen (Events). CQRS ergänzt ES und ersetzt das traditionelle Lesen und Schreiben von Anwendugszuständen und trennt zwischen zustandsändernden Kommandos und Queries zur Zustandsabfrage. Ziel der Arbeit ist ein Überblick über beide Muster sowie eine Einordnung in verteilte Architekturen und verwandte Forschungsgebiete. | |
(Distributed) Complex Event Processing Betreuer: Jörg Domaschka (Thema bereits vergeben) | Beim event processing handelt es sich um einen Ansatz einen Strom von Events zu analysieren und aus diesem Schlussfolgerungen zu ziehen. Complex Event Processing (CEP) betrachtet dabei zusätzlich Daten aus verschiedene Quellen. Viele kommerzielle Produkte zur Umsetzung von CEP, aber auch Forschungsarbeiten basieren auf einem Systemmodell, in dem die Event-Analyse auf nur einem Knoten stattfindet, was notwendigerweise eine Begrenzung des maximalen Durchsatzes zur Folge hat. In dieser Seminarabeit soll zunächst CEP anhand existierender Systeme vorgestellt werden. Daneben sollen Event Processing Frameworks herangezogen werden und mit CEP Systemen hinsichtlich Komplexität, Ausdrucksmächtigkeit und Skalierbarkeit verglichen werden. | |
Vereinheitlichung für die Beschreibung und Programmierung von Cloud Anwendungen Betreuer: Jörg Domaschka (Thema bereits vergeben) | In den letzten Jahren sind eine Vielzahl von Cloud Platformen entstanden, die auf einer der drei Schichten Software as a Service, Platform as a Service und Infrastructure as a Service operieren. Clouds auf einer der Schichten bieten oft eine ähnliche Funktionalität an, verwenden aber unterschiedliche Sprachen um die auszubringende Cloud-Anwendung bzw. die zur Verfügung stehenden Cloud Resourcen zu beschreiben. Gleiches gilt für die programmiersprachlichen Schnittstellen um auf die Funktionalität einer Cloud Platform zuzugreifen. In diesem Thema sollen Ansätze betrachtet werden, die zum Ziel haben die Beschreibung von Cloud Resourcen sowie Cloud Anwendungen aber auch die Programmierschnittstelle zu vereinheitlichen. | |
Vergleich von Cloud Taxonomien Betreuer: Jörg Domaschka und Steffen Kächele (Thema bereits vergeben) | Die Arbeitsgruppe um Prof. Hauck hat vor kurzem einen Beitrag für eine Konferenz eingereicht, der eine Taxonomie für Cloud Systeme vorschlägt. In diesem Papier wird versucht die drei Aspekte Computing, Storage und Netzwerk voneinander zu trennen und für den jeweiligen Aspekt verschiedene Abstraktionsebenen einzuführen, auf denen Dienste angeboten werden können. Als Beispiel zeigt das Papier wie die Amazon Cloud Dienste auf diese Art kategorisiert werden können. Im Seminar sollen weitere Angebote von anderen Cloud Anbietern klassifiziert und daneben noch zusätzliche Aspekte von Cloud Diensten (wie zum Beispiel Sicherheit) identifiziert werden, an denen die vorgeschlagene Taxonomie nicht ausreicht und folglich noch erweitert werden muss. Im Zuge dessen soll nach bestehenden Taxonomien/Nomenklaturen gesucht werden, die die fehlenden Aspekte abbilden und diese Taxonomien mit der vorgeschlagenen vergleichen. | |
CoreOS Betreuer: Steffen Kächele | CoreOS ist ein Server Betriebssystem, welches relativ einfach und problemlos mit Aktualisierungen versorgt werden kann. Durch ein tiefgreifendes Container-Prinzip, wird hierbei vermieden, dass es zu Inkompatibilitäten zu den auf dem Server laufenden Anwendungen kommt. Container können zur Aktualisierung auf andere Rechner verschoben werden. Nach Vorstellung der CoreOS-Entwickler sollen so Server-Betriebssysteme ähnlich flexibel mit neuen Funktionen ausgestattet werden können, wie es bei heutigen Browsern der Fall ist. | |
Cloud Dienst für Qt (Thema bereits vergeben) | Digia betreibt mit Qt eine C++ Bibliothek zur plattformübergreifenden Entwicklung von GUI-Anwendungen. Unter dem Namen BaaS (Backend as a Service) stellt der Betreiber nun einen Dienst vor, mit welchem Entwickler sehr schnell ein Backend für ihre Qt and QML Anwendung erstellen können. Die Qt-Cloud nimmt ihnen dabei die Wartung von Server und Datenbanken, Skalierbarkeit sowie das Benutzermanagement ab. Im Rahmen dieser Seminararbeit sollen die Architektur, Funktionsweise und Entwicklung von Frontend Anwendungen mithilfe des neuen Backend Dienstes vorgestellt werden. | |
Automatische Analyse von Protokollen (Protocol Reverse-Engineering) Betreuer: Stephan Kleber (Thema bereits vergeben) | Bei Sicherheitsanalysen liegen in vielen Fällen Mitschnitte von Kommunikation oder kommunizierende Geräte vor, deren Protokoll vollkommen unbekannt ist. Zur Analyse und Rekonstruktion des Protokolls einer solchen Kommunikation sind nun verschiedene Ansätze denkbar. Neben der reinen statischen Analyse der Mitschnitte ist es in manchen Fällen möglich den Binärcode zumindest eines des Kommunikationspartners zu analysieren oder selbst generierte Pakete zu senden, deren Auswirkungen auf die kommunizierenden Entitäten beobachtet werden können. Tools wie "Discoverer", "ScriptGen" und "Dispatcher" stellen Vertreter dieser Ansätze dar. Ziel dieser Arbeit soll sein die Stärken und Schwächen der einzelnen Ansätze herauszuarbeiten und darzustellen, wo deren Grenzen beim Reverse-Engineering eines Protokolls liegen. | |
Binary Instrumentation Betreuer: Stephan Kleber | Zur dynamischen Analyse von Programmen kann die sogenannte Binary Instrumentation verwendet werden. Hierbei werden mit unterschiedlichen Verfahren Hooks in das Programm eingebracht, die auf bestimmte Funktionsaufrufe reagieren und diese Protokollieren können, ohne den Programmablauf selbst zu beeinflussen. Auf gewisse Weise handelt es sich hierbei um den komplementären Ansatz zu Taint Tracking, das zur Verfolgung von Datenflüssen eingesetzt wird. Mit geegneter Prozessorunterstützung ist es sogar möglich solche Hooks auf eine Binärdatei anzuwenden, ohne dass diese rekompiliert werden muss. Ein Beispiel für ein solches Tool ist PIN, das von Intel entwickelt wurde. Diese Arbeit soll die Konzepte und Grundlagen von Binary Instrumentation darstellen und dazu PIN zur Veranschaulichung nutzen. | |
Privacy-Risiken durch Sensorik von Mobilgeräten Betreuer: Stephan Kleber (Thema bereits vergeben) | Eine Vielzahl von Sensoren begleitet uns in Form eines Smartphones fast auf Schritt und Tritt. Dabei ist uns häufig gar nicht klar wie detailliert die Messungen dieser Sensoren sind und was wir damit an persönlichen Informationen preisgeben. Dabei können Angreifer unerwarteten Nutzen aus GPS, Kamera, Beschleunigungssensoren, Magnetfeldsensoren, Helligkeitssensoren und dergleichen ziehen. Daneben können auch interne Datenbanken wie Kontakte und Kalender als virtuelle Sensoren betrachtet werden. All dies macht Smartphones zu einem attraktiven Ziel für Angreifer, die Profilinformationen über den Nutzer generieren wollen. Ziel dieser Arbeit ist es, die verschiedenen Gefährungsarten der Privacy durch die einzelnen Sensoren zu formulieren und Beispiele für entsprechende Angriffe in der Literatur zu finden. | |
Angriffe auf Distance Bounding Protokolle Betreuer: Stephan Kleber (Thema bereits vergeben) | Distance Bounding Protokolle sollen dazu in der Lage sein, einer Entität "Prover" nachzuweisen, dass sich diese physisch in der Nähe einer anderen Entität "Verifier" befindet. Ein Anwendungsfall sind Keyless Entry Systeme, die den Zugang zu Räumen oder Fahrzeugen kontaktlos ermöglichen. Neuere Untersuchungen lassen jedoch Zweifel an der Eignung bekannter Distance Bounding Schemata aufkommen, den geforderten Nachweis fälschungssicher erbringen zu können. Ziel dieser Arbeit soll sein, die vorgebrachten Zweifel kritisch zu hinterfragen und gegen Literatur abzuwägen, die im Gegenteil behauptet, die Modelle, gegen welche solcherlei Beweise geführt wurden, seien zu stark. | |
Two-Factor-Authentication Betreuer: Stefan Dietzel (Thema bereits vergeben) | Immer mehr Dienste reagieren auf mögliche Schwachstellen von Passwörtern und führen zusätzliche Identifikationsmerkmale ein. Prominente Beispiele sind z.B. Google, Dropbox, Github. Diese Identifikation durch sowohl ein klassisches Passwort, als auch ein weiteres Merkmal wird Two-Factor-Authentication genannt. Während Passwörter ein nur dem Benutzer bekanntes Geheimnis ("something you know") sind, wird als zweites Merkmal oft ein Gegenstand genutzt, der sich im Besitz des Benutzers befindet ("something you have"). Durch die Kopplung an einen physischen Gegenstand wird die ungewollte wie auch die gewollte Weitergabe an Dritte erschwert. Ziel der Arbeit ist es, einen Überblick über Two-Factor-Authentication Mechanismen (etwa TOTP, HOTP, Ubikey) sowie proprietäre Systeme (etwa sogenannte Wish-It-Was-Two-Factor Systeme, SMS-Verifikation) zu geben und deren Sicherheitsimplikationen zu vergleichen. | |
Informations-Verbreitung in VANETs (Thema bereits vergeben) | VANETs sind Ad-Hoc-Netze die sich ohne Zuhilfenahme von Infrastruktur zwischen Fahrzeugen auf der Straße bilden. Mit Hilfe von VANETs lassen sich Informationen aller Art zwischen Fahrzeugen austauschen; ein plastisches Beispiel sind Verkehrs-Informations-Systeme, die helfen können, intelligent Staus zu umfahren. Die besondere Herausforderung hierbei ist die hohe Mobilität von Fahrzeugen, welche den Einsatz von klassischen Routingprotokollen verhindert. Auch sind die Anforderungen in VANETs oft anders: Informationen müssen an meist geographisch eingegrenzte Gruppen von interessierten Fahrzeugen verteilt werden anstatt an einzelne Netzwerkteilnehmer versandt zu werden. Ziel dieser Arbeit ist es, einen Überblick vor allem über neuere Protokolle Multi-Hop Verbreitungsmechanismen (z.B. Geocast, Aggregation, Relevance-based Dissemination) zu geben. | |
Reputations-Management in Ad-Hoc Netzen Betreuer: Stefan Dietzel | Mobile Ad-Hoc Netze bilden sich durch spontane drahtlose Vernetzung von nahezu beliebigen Knoten. Hierbei übernehmen alle Knoten Aufgaben die sonst nur von zentralen oder zumindest zentral verwalteten Knoten ausgeführt werden. Beispiele sind Routing von Paketen oder die Erfassung der Umgebung mittels Sensoren. Aufgrund der Ausführung durch beliebige Knoten stellt sich die Frage, ob die Aufgaben korrekt ausgeführt werden oder einzelne Knoten sich egoistisch verhalten oder das Netzwerk anderweitig angreifen. Um solche Knoten zu erkennen werden oft Reputations-Systeme eingesetzt. Diese bilden und verwalten Vertrauen in Knoten basierend auf bisheriger Interation. Ziel der Arbeit ist es verschiedene Reputationssysteme zu kategorisieren, vorzustellen und zu vergleichen. | |
(Netzwerk) Intrusion Detection Systeme Betreuer: Rens van der Heijden (Thema bereits vergeben) | In vielen Geschäfts- und privaten Netzwerken gibt es ein Bedarf, die Geräte innerhalb des Netzes vor Angreifern zu schützen. Eine wichtiges Hilfsmittel hierzu ist ein Intrusion Detection System (IDS), welches versucht, Angreifer zu identifizieren auf Basis von Netzwerkkommunikation. Diese Arbeit soll unterschiedlichen Arten von IDS darstellen und vergleichen. | |
Homomorphe Verschlüsslung (Thema bereits vergeben) | (Dieses Thema ist hauptsächlich für RTDS-Teilnehmer geeignet.) Komplette homomorphe Verschlüsselung gilt seit einiger Zeit als "heiliger Gral" der Kryptographie-Forschung. Dieses Ziel ist seit kurzem Erreicht worden auf Basis von Lattices. Das Ziel für diese Seminararbeit ist, die unterschiedlichen Anwendungen von homomorpher Verschlüsslung zu besprechen. Es gibt die Wahlmöglichkeit, in die Breite zu gehen, oder einen bestimmten Anwendungsfall im Detail auszuarbeiten. Beispiele sind hier multi-party computation, wo man versucht Eingaben von mehrere Parteien zu verrechnen, ohne das die Eingaben bekannt werden, oder searching in encrypted data, wo man einen Cloud-Dienst anbietet, der eine verschlüsselte Datenbank durchsuchen kann, ohne die Schlüssel zu kennen. | |
Elekronisch Wählen: Theorie und Praxis Betreuer: Rens van der Heijden | In manchen Länder gibt es aus praktischen und ökonomischen Gründen einen elektronischen Wahlprozes. Die Implementierung dieses Prozesses ist sehr unterschiedlich: sie variiert von elektronischer Angabe und Zählung (z.B. in den USA) bis zu Internet-Wahlen (z.B. in Estland). Obwohl es seit längerer Zeit (hauptsächlich theoretische) Forschung in diesem Bereich gibt, werden elektronische Systeme im letzten Jahren in manche Länder abgeschafft (z.B. in die Niederlande) wegen mögliche Sicherheitsproblemen. In dieser Arbeit ist das Ziel, die theoretischen und praktischen Aspekte dieses Themas abzudecken sowie die Schwächen zu verstehen. | |
Software Verifikation Betreuer: Rens van der Heijden | In der heutigen automatisierten Welt gibt es mehr und mehr Geräte, die schwere oder gefährliche Aufgaben von Menschen übernehmen. Beispiele sind das Steuern von Flugzeugen bis hin zu Industrie-Steuersystemen und dem Curiosity Mars Rover. In diesen Geräten gibt es eingebettete Software, die sich nicht einfach austauschen lässt, und eine Bug in solchem Code könnte großen Schaden verursachen. Obwohl Testing eine Ansatz ist, um solches zu vermeiden, kann man sich damit eher schwierig gegen gezielte Angreifer schützen. Deswegen gibt es auch den Ansatz von Software Verifikation, der in dieser Arbeit vorgestellt werden soll. Dazu soll die Arbeit Grundlagen und praktische Aspekte abdecken. | |
Byzantinische Fehlertoleranz anschaulich erklärt Betreuer: Christian Spann | Byzantinisch Fehlertolerante Systeme schaffen es, in asynchronen Netzwerken mit dem Ausfahl einer definierten Anzahl von Teilknoten des Systems zurechtzukommen. Dabei kann das System sich nicht einmal darauf stützen, ob ein Teilknoten antwortet oder nicht, da das System wie oben erwähnt in einem asynchronen Netzwerk operiert in welchem Nachrichten beliebig verzögert werden können. Da die Algorithmen zur Lösung dieses Problems teilweise etwas knifflig sind, ist es Ziel dieses Themas, alle zu lösenden Teilprobleme vergleichend anhand zweier Algorithmen anschaulich vorzustellen. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, BSc.: Seminar Medieninformatik, BSc.: Seminar Software-Engineering, BSc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen Verteilter Systeme, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Vorraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Vorraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen Verteilter Systeme |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Kürzel / Nr. / Modulnr.: | ATVS / CS5900.113 / ? |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Stefan Dietzel,Steffen Kächele, Benjamin Erb, Stephan Kleber, Vladimir Nikolov, Sven Schober, Christian Spann, Rens van der Heijden |
Termine: | Mittwochs, 14.00 – 16.00 Uhr, O27-122 |
Vorbesprechung: | Unverbindliche Vorbesprechung am Mittwoch, 17.04.2013, 14.15 Uhr im Raum O27-122. |
Lernplattform: | Die Seminarplätze werden per ILIAS vergeben. Bitte melden Sie sich dazu im ILIAS-Kurs an. |
Themenvergabe: | Die Themenvergabe erfolgt während der Vorbesprechung nach Anmeldereihenfolge im ILIAS-Kurs. Alternativ können Themen vorab in Absprache mit dem jeweiligen Betreuer vergeben werden, wir empfehlen aber die Vorbesprechung abzuwarten, um einen besseren Überblick über die Themen zu erhalten. |
Themen | |
Software Defined Networking Betreuer: Benjamin Erb | Software Defined Networking ermöglicht die Programmierung von Netzwerkkomponenten über offene Schnittstellen wie OpenFlow. Dadurch können zum Beispiel Netzwerk-Infrastrukturen virtualisiert oder neuartige Netzwerkdienste implementiert werden. Ebenso können Anwendungen über APIs Zugriff auf die Netzwerk-Infrastruktur bekommen. |
Das Disruptor Pattern Betreuer: Benjamin Erb | Das Disruptor Pattern bietet eine Alternative zu traditionellen Queues für die Inter-Thread-Kommunikation und wurde ursprünglich für "high-frequency trading" entwickelt. Es zielt hierbei insbesondere auf hochperformanten Durchsatz ab und orientiert sich an modernen CPU-Architekturen. Damit ist der Disruptor auch allgemein für nebenläufige Programmierung interessant. |
Time-Warp Algorithmus für nebenläufige Simulationen Betreuer: Benjamin Erb | Der Time-Warp Algorithmus stellt einen populären Mechanismus für die Ausführung von nebenläufigen, diskret-ereignisbasierten Simulationen dar. Er ermöglicht eine optimistische Ausführung bei gleichzeitiger Wahrung von zeitlicher Konsistenz. |
Gegenmaßnahmen für Angriffe auf Anonymitätsnetze Betreuer: Rens van der Heijden | Ziel dieser Arbeit ist, Angriffe auf Anonymitätsnetze, wie z.B. TOR, zu besprechen. Die Arbeit soll erklären, welche Sicherheitsziele angegriffen werden. Weiterhin sollen mögliche Gegenmaßnahmen erklärt werden. Es gibt die Wahlmöglichkeit, entweder detailliert auf 1-2 Angriffe einzugehen oder etwas weniger detailliert einen breiteren Bereich von Angriffen zu erklären. |
Privacy-preserving Biometrics Betreuer: Rens van der Heijden | In diese Arbeit sollen privacy-preserving biometrische Systeme besprochen werden. Hauptziel der Arbeit soll sein, zu erklären, warum man diese Systeme überhaupt braucht, und wie diese Systeme Privacy de(r/s) Benutzer(in/s) und Sicherheit des Systems beinflussen. |
Bitcoins Betreuer: Stefan Dietzel | (vergeben) Bitcoins sind eine neuartige, elektronische, verteilt berechnete Währung. Ziel der Arbeit ist es, einen Überblick über Bitcoins im allgemeinen sowie die verteilte Berechnung im speziellen zu geben. |
Einsatz von Physically Unclonable Functions im Bereich IT-Sicherheit Betreuer: Stephan Kleber | Physically Unclonable Functions (PUFs) nutzen phyikalische Eigenschaften einzelner Hardwareinstanzen aus, um spezifisches, einzigartiges und nicht nachahmbares Verhalten von Algorithmen auf diesem einen Gerät zu erlangen. Insbesondere im Bereich der IT-Sicherheit ist ein solches Verhalten für Attestierung und spezielle Nutzung von Verschlüsselung sehr wertvoll. Diese Arbeit soll die aktuelle Forschung in diesem Bereich im Überblick beschreiben und interessante Anwendungsweisen dieses Konzeptes herausarbeiten. |
Wireless Physical Layer Security Betreuer: Stephan Kleber | Zu einem umfassenden Verständnis von sicherer Kommunikation gehört auch die Betrachtung der grundlegendsten Schicht der Datenübertragung: des "Physical Layers." Tatsächlich bietet gerade drahtlose Kommunikation, mit ihrem öffentlichen Medium, ein weites Spektrum an Sicherheitsproblemen, gerade durch ihre physikalischen Eigenschaften ergeben sich aber auch Möglichkeiten, um interessante, neuartige Lösungen für ebendiese Probleme zu entwickeln. Solche Lösungsstrategien sollen durch diese Arbeit im Überblick zusammengefasst und nach eigenem Interesse vertiefend betrachtet werden. |
Mobile Phone Security Betreuer: Stephan Kleber | (vergeben) Je ubiquitärer und je leistungsfähiger die Sensorik und die Hardware von Smart Phones wird, desto attraktiver werden diese Plattformen für Angreifer. Ziel dieser Arbeit ist es die Frage zu beantworten, warum dies der Fall ist und Ansätze wie AppFence und TaintDroid in diese Antwort einzuordnen. |
Botnets: Verteilungsaspekte und Sicherheit Betreuer: Stefan Dietzel | (vergeben) Botnets werden von Angreifern benutzt, um große Mengen von schlecht geschützten Rechnern für ihre Zwecke zu missbrauchen. Ein bekanntes Beispiel ist der Versand von SPAM-E-Mails. Um große Mengen von Rechnern zu koordinieren, sind verteilte Kommunikationsmechanismen notwendig. Um Botnets vor der Übernahme durch andere zu schützen wird die Kommunikation oft verschlüsselt. Ziel der Arbeit ist es, verschiedene Ansätze und aktuelle Strategien zu analysieren und einen Überblick zu geben. |
Simulation und Testen verteilter Anwendungen Betreuer: Christian Spann | (vergeben) Die Erforschung und Entwicklung verteilter Anwendungen stellt eine Vielzahl komplexer Herausforderungen an uns Informatiker. Für die Fehlersuche und parametrisierung muss ein solches System deshalb lokal und verteilt ausgiebig getestet werden. In diesem Seminar soll eine Recherche vorhandener Techniken und Anwendungen, welche diesen Prozess unterstützen durchegführt und die Resultate vorgestellt werden |
Effiziente Programmiersprachen für verteilte Algorithmen Betreuer: Christian Spann | Verteilte Algorithmen zeichnen sich häufig durch wiederkehrenden Nachrichtenverkehr zwischen verschiedenen Knoten und die verteilte nebenläufige Behandlung dieser Nachrichten aus. In klassischen imperativen Programiersprachen wie Java ist die Implementierung solcher Dienste meist nicht sehr elegant. Ziel des Seminars ist die Untersuchung Recherche von Design Patterns und alternativen Programmiermodellen für verteilte Algorithmen. |
Application-layer Multicast Betreuer: Sven Schober | IP-Multicast ist eine relativ alte Idee die von 1-zu-N-Kommunikation erzeugte Bandbreitenlast zu optimieren. Dabei muss die Datenquelle nicht N Ströme versenden, sondern kann, unterstützt durch Verteilerknoten im Netzwerk (Multicast-fähige Router), die Duplikation der zu versendenden Paket auf ein Minimum reduzieren. Die Voraussetzung von Infrastrukturknoten im Internet hat die weite Verbreitung von IP-Multicast bis heute verhindert. Application Layer Multicast (ALM) ist der Versuch die geschilderte Funktionalität auf Anwendungsebene nachzubilden. End-Systeme nehmen dabei die Stelle der vorher im Netz befindlichen Verteilerknoten ein. Die sich dabei ergebenden Herausforderungen sind Ziel reger Forschungsaktivtät. Dieses kann synoptisch (Überblicksartige Darstellung vorhandener Ansätze), als auch fokussiert (Darstellung eines Ansatzes im Detail) bearbeitet werden. |
Moderne Bandbreitenmesstechniken Betreuer: Sven Schober | Die Verfügbare Bandbreite von einem Internet-Host zu einem anderen ist eine schwer bestimmbare Größe. Zum einen ist sie abhängig vom gewählten Pfad, zum anderen von den physischen Gegebenheiten jedes einzelnen Links entlang dieses Pfades. Desweiteren beeinflußt Drittverkehr (seien es Anwendungen auf den Meßendpunkten, oder völlig unbeteiligte Hosts, welche Pfadsegmente mit dem gemessenen teilen) erheblich die Messwerte. Aufgrund dieser Probleme wurden minimalinvasive Meßverfahren entwickelt, welche die verfügbare Bandbreite mit möglichst geringem Overhead zu bestimmen versuchen. Ziel dieses Themas ist es einen Überblick über aktuellste Entwicklungen in diesem Gebiet zu geben. |
Softwareverteilungsalgorithmen für Datenzentren Betreuer: Steffen Kächele | Das Auslagern von Software in entfernte Datenzentren gewinnt zunehmend an Bedeutung (Cloud Computing). Hierbei werden durch Einsatz von Virtualisierung gewöhnlich Knoten von mehreren Nutzern gleichzeitig verwendet. Die Auswahl der Computing-Knoten sowie das Deployment der Software geschieht in der Regel für den Nutzer völlig transparent. In dieser Seminararbeit sollen Algorithmen vorgestellt werden, welche beim Installieren oder Skalieren von Software passende Knoten bestimmen. |
OpenShift Betreuer: Steffen Kächele
| PaaS-Plattformen bieten ihren Nutzern eine Umgebung, in welcher sie eigene Software in entfernten Datenzentren ausführen können. In dieser Seminararbeit soll die OpenSource PaaS-Plattform OpenShift vorgestellt werden. |
Resource Reclaiming in Echtzeitsystemen Betreuer: Vladimir Nikolov | Reservierungsbasierte Echtzeitsysteme arbeiten mit abstrakten Ressourcenkapazitäten, um für zeitliche Isolierung zwischen Tasks garantieren zu können. Diese Kapazitäten werden in einer offline-betriebenen Analyse des Taskverhaltens ermittelt und den Tasks zugewiesen. Zur Laufzeit jedoch kann das Verhalten, aufgrund diverser unvorhersehbarer Faktoren, variieren. Benötigen Tasks weniger Ressourcen als zuvor angenommen, so werden im Gesamtsystem Ressourcen verschwendet. Resource Reclaiming ermöglicht die dynamische Anpassung der Kapazitäten bei pessimistischen Annahmen. Die prominentesten Algorithmen hierzu sind CASH und GRUB. Diese Algorithmen sollen hier kurz vorgestellt und gegenübergestellt werden. |
Verteilte Dateisysteme Betreuer: Jörg Domaschka | Verteilte Dateisysteme sind seit langem Forschungsthema in Bereich der verteilten Systemen. Eine größere Beachtung finden sie allerdings erst seitdem Big Data und Cloud Computing einem Hype unterworfen sind. In dieser Seminararbeit sollen verschiedene verteilte Dateisysteme sowie Cluster Dateisysteme untersucht und vergleichend gegenübergestellt werden. Typische Klassifizierungsmerkmale sind zum Beispiel Fehlertoleranz, Skalierbarkeit, API und Konsistenz. |
(Distributed) Complex Event Processing Betreuer: Jörg Domaschka | Beim event processing handelt es sich um einen Ansatz einen Strom von Events zu analysieren und aus diesem Schlussfolgerungen zu ziehen. Complex Event Processing (CEP) betrachtet dabei zusätzlich Daten aus verschiedene Quellen. Viele kommerzielle Produkte zur Umsetzung von CEP, aber auch Forschungsarbeiten basieren auf einem Systemmodell, in dem die Event-Analyse auf nur einem Knoten stattfindet, was notwendigerweise eine Begrenzung des maximalen Durchsatzes zur Folge hat. In dieser Seminarabeit soll zunächst CEP anhand existierender Systeme vorgestellt werden. Daneben sollen Event Processing Frameworks herangezogen werden und mit CEP Systemen hinsichtlich Komplexität, Ausdrucksmächtigkeit und Skalierbarkeit verglichen werden. |
Deterministische Anwendungen Betreuer: Jörg Domaschka | Eine deterministische Anwendung hat die Eigenschaft, dass sie bei jedem Lauf die gleichen Ergebnisse liefert, wenn man sie mit dem gleichen Initialzustand startet und ihr die selben Eingaben zuführt. Determinismus ist sowohl beim Debuggen als auch bei der Ausführung nebenläufiger Programme eine wünschenswerte Eigenschaft. Daneben ist er essentiell für die Anwendung bestimmter Fehlertoleranztechniken. In dieser Seminararbeit sollen existierende Ansätzeaufgezeigt werden wie Nicht-Determinismus sowohl in Hinblick auf die Dateneingabe als auch hinsichtlich Nebenläufigkeit beseitigt werden kann. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, BSc.: Seminar Medieninformatik, BSc.: Seminar Software-Engineering, BSc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen Verteilter Systeme, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Vorraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Vorraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h |
Titel: | Ausgewählte Themen Verteilter Systeme |
Englischer Titel: | Selected Topics in Distributed Systems |
Typ: | Seminar, Modul |
Nummer / Kürzel: | CS5900.113 / ATVS |
SWS / LP: | 2S / 4LP |
Dozent: | Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck |
Betreuer: | Steffen Kächele, Stefan Dietzel, Benjamin Erb, Stephan Kleber, Vladimir Nikolov, Sven Schober, Christian Spann, Rens van der Heijden |
Termine: | Montag, 12.30 Uhr - 14.00 Uhr, O27-341; Beginn am 15.10.2012 |
Vorbesprechung: | Unverbindliche Vorbesprechung am Montag, 15.10.2012, 12.30 Uhr im Raum O27-341. Themenzuordnung erfolgt während der Vorbesprechung oder vorab per E-Mail an den Betreuer. |
Lernplattform: | Die Veranstaltung wird mit Hilfe des E-Learningsystems ILIAS durchgeführt. Bitte melden Sie sich dort an. |
Themen | |
Protokoll-Analyse SPDY, Microsoft S+M, waka, WebSockets – Mechanismen für HTTP/2.0 | Derzeit arbeitet eine Working Group des IETFs an einer neuen Version des HTTP-Protokolls. Hierbei sollen diverse Probleme des HTTP/1.1 Protokolls aufgeriffen, und das Protokoll zukunftsfähig gemacht werden. Mit SPDY (Google), Speed+Mobility (Microsoft), WebSockets und waka existieren bereits ergänzenden Protokolle zu HTTP/1.1. Vermutlich werden viele Konzepte dieser Protokolle als Grundlage für HTTP/2.0 dienen. Ziel dieser Seminararbeit ist eine kurze Analyse der Probleme in HTTP/1.1, die Vorstellung der neueren Protokolle und die Identifikation und Erläuterung ihrer Konzepte mit Hinblick auf HTTP/2.0. |
Verteiltes Entwickeln und Testen mit Vagrant/Puppet | Die Implementierung verteilter Anwendungen erfordert reproduzierbare und versionierbare Testumgebungen und virtualisierte Maschinen. Hierfür stehen mit Vagrant und Puppet zwei mächtige Ruby-basierte Tools zur Verfügung. Im Rahmen der Seminararbeit soll das verteilte Entwickeln und Testen auf Grundlage von Vagrant/Puppet erklärt und beschrieben werden. |
State-of-the-Art der Netzwerktomografie Betreuer: Sven Schober | Das Internet stellt mit IP einen transparenten Paketzustelldienst zur Verfügung. Absender- und Zieladdresse genügen, um ein Paket seinem Empfänger zuzustellen. Dabei bleibt die Struktur des Netzwerkes verborgen. Für einige Anwendungen kann es jedoch nützlich sein eben diese zu kennen, um z.B. gemeinsame Pfade als potentielle Flaschenhälse zu identifizieren. Das Gebiet der Netzwerktomografie und sein bekanntester Stellvertreter traceroute, befasst sich damit diese Struktur wieder sichtbar zu machen. Dies ist jedoch mit einigen Herausforderungen verbunden, welche in der Literatur bereits angegangen wurden. Der aktuelle Stand der Kunst soll in diesem Thema präsentiert werden. |
Securing Implantable Medical Devices (IMDs) | IMDs wie Herzschrittmacher oder Insulinpumpen sind mit der Fähigkeit ausgestattet, drahtlos kommunizieren zu können. Dies wirft Fragen in Bezug auf Sicherheit und Privatsphäre bei der Verwendung solcher Geräte auf. Es liegt eine Bachelorarbeit vor, die eine gute Übersicht über bestehende Literatur zu diesem Thema gibt. Dort werden Ansätze vorgestellt, die diese Probleme lösen könnten. Im Rahmen dieses Thema soll hieraus anhand vorgegebener Kriterien eine strukturierte Bewertung und Abgrenzung dieser Strategien entstehen. |
Mifare Sicherheit | Das RFID-Technologie einsetzende Mifare System ist weit verbreitet für Zugriffskontrolle, Mitgliedsausweise, Fahrkarten und elektronische Geldbörsen. Inzwischen gelten die von Mifare eingesetzten kryptografischen Protokolle als komplett gebrochen. Diee Arbeit soll einen Überblick über die historische Entwicklung der Angriffe geben mit Schwerpunkt auf bekannten Anwendungen die Mifare einsetzen. Zusätzlich kann ein Ausblick auf mögliche verbesserte Systeme gegeben werden. |
Network Coding Betreuer: Stefan Dietzel | Traditionelle Routing-Protokolle für das Internet leiten Daten unverändert durch das Netzwerk weiter. Hiermit lässt sich zwar eine gute Auslastung der Verfügbaren Leitungskapazitäten erreichen, aber nicht immer die optimale. Der Forschungsbereich Network Coding umfasst eine Reihe von Protokollen und theoretischen Aussagen, die den Datendurchsatz bis zum theoretischen Maximum erhöhen können. Ziel der Arbeit ist es, Network Coding einzuführen und gängige Protokolle vorzustellen. |
Angriffe auf Anonymisierungsnetze (vergeben) Betreuer: Rens van der Heijden | In den letzen 10 Jahren ist Anonymität im Internet immer wichtiger geworden. Um Anonymität zu erreichen, wurden verschiedene Anonymisierungsnetze entwickelt, unter anderem The Onion Router (TOR). TOR zielt ab auf plausible deniability, denn komplette Anonymität ist nicht skalierbar möglich. Ziel dieser Arbeit ist eine Bewertung von Sicherheit in TOR; es ist möglich ein detaillierte Analyse von einigen Angriffen zu machen, oder ein Klassifizierung von bekannten Angriffen. |
Angriffen auf Data-consistenz Mechanismen im Fahrzeugnetzen Betreuer: Rens van der Heijden | Fahrzeugnetze sind eine Anwendung verteilter Systeme, bei den wireless transmitters im Fahrzeugen verbaut werden. Weil kommende Anwendungen für diese Netze mit Verkehrssicherheit zu tun haben, planen Forscher zukünftlige Anwendungen wie eine Verbesserung der Verkehrsleistungsfähigkeit. Sicherheit und Richtigkeit der Daten ist hier ganz wichtig; ein vielversprechender Ansatz ist Datenkonsistenz. Ziel dieser Arbeit ist die Entwicklung eines Frameworks für die Auswertung von Datenkonsistenz-Mechanismen. Diese Arbeit ist nur im Seminar Forschungstrends in Verteilte Systemen wählbar. |
Privacy-aware Access Control in der Praxis Betreuer: Rens van der Heijden | In großen Anwendungssystemem stellen persönliche und private Daten ein Sicherheitsrisiko dar. Selbst bei guter Absicherung können die Daten immer noch gewonnnen werden, unter anderem mit Techniken wie social engineering, oder durch ein (Insider)Angriffe. Um diesen möglichen Sicherheitslücken zu schließen, ist die Idee von Privacy-aware Access Control, mit XML-basierten Sprachen wie EPAL von IBM und XACML von OASIS Zugang zu solchen Daten zu regeln. Ziel dieser Arbeit ist es, den praktischen Nutzen dieser Mechanismen festzustellen |
Angriffe auf Cloud Systeme (vergeben) Betreuer: Steffen Kächele | Cloud Computing Plattformen haben sich in den letzten Jahren stark verbreitet. Dadurch wandern zunehmend kritische und senible Anwendungen und Daten in gemeinsam genutzte Serverfarmen. In diesem Seminar sollen ausgehend von den Techniken, welche im Cloud Computing Umfeld eingesetzt werden (Hardware Virtualisierung, Netzwerkvirtualisierung, gemeinsam genutzte Applicationcontainer, etc.) bekannte Angriffsszenarien aus der Literatur aufgearbeitet und auf das Cloud Computing Gebiet übertragen werden. |
OSGi für Cloud Anwendungen Betreuer: Steffen Kächele | OSGi unterstützt Entwickler dabei, Java Anwendungen modular aufzubauen. OSGi Anwendungen sind hoch flexibel. So kann die Funktionalität von Anwendungen zur Laufzeit dynamisch angepasst werden, indem Softwaremodule dynamisch nachgeladen oder entfernt werden. Im Rahmen dieser Seminararbeit soll ein kurzer Einstieg in OSGi gegeben werden. Hierbei soll insbesondere auf die Enterprise OSGi Standards Subsystems, Bundle Repository und Remote Service Admin eingegangen werden. |
Simulation und Testen verteilter Anwendungen | Die Erforschung und Entwicklung verteilter Anwendungen stellt eine Vielzahl komplexer Herausforderungen an uns Informatiker. Für die Fehlersuche und parametrisierung muss ein solches System deshalb lokal und verteilt ausgiebig getestet werden. In diesem Seminar soll eine Recherche vorhandener Techniken und Anwendungen, welche diesen Prozess unterstützen durchegführt und die Resultate vorgestellt werden. |
Effiziente Programmiersprachen für verteilte Algorithmen | Verteilte Algorithmen zeichnen sich häufig durch wiederkehrenden Nachrichtenverkehr zwischen verschiedenen Knoten und die verteilte nebenläufige Behandlung dieser Nachrichten aus. In klassischen imperativen Programiersprachen wie Java ist die Implementierung solcher Dienste meist nicht sehr elegant. Ziel des Seminars ist die Untersuchung Recherche von Design Patterns und alternativen Programmiermodellen für verteilte Algorithmen. |
Vergleich von Real-Time Server Mechanismen Betreuer: Vladimir Nikolov | Server-Mechanismen werden üblicherweise zur Handhabung aperiodischer oder sporadischer Aktivitäten in Echtzeitsystemen eingesetzt. Einerseits sorgen diese für Isolation von den übrigen periodischen Tasks. Andererseits ermöglichen sie eine Beschränkung des Ressourcenverbrauchs von Tasks oder ganzer Applikationen. Bei diesem Thema soll eine Gegenüberstellung bereits existierender Server-Techniken, wie z.B. Polling-, Sporadic-, Deferrable-, Total Bandwidth- und Constant Bandwidth-Server, ausgearbeitet und vorgestellt werden. |
Unzulänglichkeiten in der RTSJ-Spezifikation Betreuer: Vladimir Nikolov | Die RTSJ-Spezifikation (JSR-1) beschreibt notwendige Erweiterungen einer Standard Java Virtual Machine (JVM), um die Ausführung von Programmen mit Echtzeitgarantien zu ermöglichen. Diese Erweiterungen führen unter Anderem neuartige Speicherbereiche, Echtzeit-Threads, spezielle Locks und Scheduler-Abstraktionen innerhalb JVMs ein. Allerdings wurden in der Echtzeitliteratur Unzulänglichkeiten in den spezifizierten Gegenständen kommentiert, gerade im Bereich des Schedulings und der RTSJ Processing Groups. Diese verhindern z.B. Implementierungen von benutzerdefinierten Scheduling- und Server-Mechanismen. Bei diesem Seminarthema sollen diese Defizite und ihre Auswirkungen zusammengefasst und vorgestellt werden. |
Beschreibung und allgemeine Angaben, Modulbeschreibung | |
Einordnung in die Studiengänge: | Informatik, BSc.: Seminar Medieninformatik, BSc.: Seminar Software-Engineering, BSc.: Seminar Informatik, Dipl.: Hauptseminar Medieninformatik, Dipl.: Hauptseminar (siehe auch unsere Hinweise zu Seminaren) |
Lehr- und Lernformen: | Ausgewählte Themen Verteilter Systeme, 2S, 4LP |
Verantwortlich: | Prof. Dr. Frank Kargl |
Unterrichtssprache: | Deutsch |
Turnus / Dauer: | jedes Semester / ein volles Semester |
Vorraussetzungen (inhaltlich): | Grundlagen der Rechnernetze, Proseminar |
Vorraussetzungen (formal): | - |
Grundlage für (inhaltlich): | - |
Lernergebnisse: | Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten. |
Inhalt: | Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt. |
Literatur: | Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben. |
Bewertungsmethode: | Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. |
Notenbildung: | unbenotet |
Arbeitsaufwand: | Präsenzzeit: 40 h Vor- und Nachbereitung: 80 h Summe: 120 h |