Refine
H-BRS Bibliography
- no (175) (remove)
Departments, institutes and facilities
- Institut für Cyber Security & Privacy (ICSP) (175) (remove)
Document Type
- Conference Object (120)
- Article (34)
- Book (monograph, edited volume) (6)
- Contribution to a Periodical (6)
- Part of a Book (4)
- Doctoral Thesis (2)
- Lecture (2)
- Conference Proceedings (1)
Year of publication
Has Fulltext
- no (175)
Keywords
- Cloud (4)
- DPA (4)
- HTTP (4)
- Privacy (4)
- REST (4)
- security (4)
- Power Analysis (3)
- SOA (3)
- Security (3)
- Stochastic Model (3)
- Web (3)
- visualization (3)
- web caching (3)
- web services (3)
- Basic Access Control (2)
- Boolean Masking (2)
- Cloud Security (2)
- E-Passport (2)
- Host-Based Code Injection Attacks (2)
- Java <Programmiersprache> (2)
- MRTD (2)
- Malware (2)
- Malware analysis (2)
- Memory forensics (2)
- Mobility modeling (2)
- Python <Programmiersprache> (2)
- Side Channel Cryptanalysis (2)
- TLS (2)
- Template Attack (2)
- Usable Security (2)
- WS-Security (2)
- knowledge learning (2)
- neural networks (2)
- virtual reality (2)
- AES hardware (1)
- API usability (1)
- Adaptive Media Streaming (1)
- Adaptive Streaming (1)
- Advance Encryption Standard (1)
- Adversarial Model (1)
- Affective computing (1)
- Agent-oriented software engineering (1)
- Analysis (1)
- Attacks and Attack Implementations (1)
- Authentication (1)
- Biometrics (1)
- Black Hole (1)
- Boolean and arithmetic operations (1)
- Botnet tracking (1)
- Botnets (1)
- Browser cache (1)
- COPACOBANA (1)
- CRT (1)
- Cache Poisoning (1)
- Certificates (1)
- Cipher Block Chain (1)
- Cloud Computing security (1)
- Cloud Malware Injection (1)
- Cloud Standards (1)
- CoAP (1)
- Computer Security (1)
- Conficker (1)
- Conformance Testing (1)
- Conversational Interface (1)
- Countermeasures (1)
- Cryptography (1)
- Cyber Attacks (1)
- Cyber Security (1)
- Cybercrime (1)
- Cybercrime Legislation (1)
- D [Software] (1)
- DASH (1)
- DEMA (1)
- DES (1)
- DNSSEC (1)
- Data Compression (1)
- Data Reduction (1)
- Data Tiles (1)
- Denial of Service (1)
- Design patterns (1)
- Difference-coding (1)
- Differential Side Channel Cryptanalysis (1)
- Differential side-channel analysis (1)
- Differentielle Kryptoanalyse (1)
- Digital signatures (1)
- Disaster Area (1)
- Disaster area scenario (1)
- Distance Bounding (1)
- EM Algorithm (1)
- Electromagnetic Analysis (1)
- Electronic Immobilizer (1)
- Evaluation (1)
- Explainability (1)
- Fake Link (1)
- Fault analysis (1)
- Fehlerbehandlung (1)
- File carving (1)
- Fragmented files (1)
- Frontend architecture (1)
- Full-text Search (1)
- Gaussian Mixture Models (1)
- HMAC-construction (1)
- HTML5 (1)
- HTTPS (1)
- Hardware Testbed (1)
- High-Order Attacks (1)
- Higher-Order Analysis (1)
- Higher-Order Side Channel Analysis (1)
- Human factors (1)
- Human-Robot-Interaction (HRI) (1)
- Human-agent interaction (1)
- IDEA (1)
- Implementation Attack (1)
- Informational self-determination (1)
- Informationssicherheit (1)
- Internet Technology (1)
- IoT services security (1)
- JOSE (1)
- JPEGs (1)
- JSON (1)
- Key Search Machine (1)
- Legal metrology (1)
- Live Streaming (1)
- MRTD Cracker (1)
- Machine Learning (1)
- Mafia Attack (1)
- Malware Detection (1)
- Maximum Likelihood Principle (1)
- Mental Models (1)
- Message Authentication (1)
- Microservices (1)
- Minimum Principle (1)
- Mobility Model (1)
- Model-based engineering approaches to AI safety (1)
- Motion Generator (1)
- Motor Control Unit (1)
- Multi-hop Net-works (1)
- Multimedia Communication (1)
- Multimedia forensics (1)
- Multivariate Analyse (1)
- Multivariate Side Channel Analysis (1)
- Partial Data Protection (1)
- Partial Signature (1)
- PartialEncryption (1)
- Password Masking (1)
- Password Visualization (1)
- Passwords (1)
- Performance (1)
- Performance Analysis (1)
- Performance Evaluation (1)
- Phishing (1)
- Physical Security (1)
- Physikalischer Effekt (1)
- Privacy in the workplace (1)
- Privacy perceptions (1)
- Public Key Infrastructure (1)
- Push-based Streaming (1)
- RACS (1)
- RC6 (1)
- REST security (1)
- RF Eavesdropper (1)
- RFID (1)
- RSA (1)
- Rank correlation (1)
- Restful Web Services (1)
- Robot Perception (1)
- Runtime AI safety monitoring (1)
- SELMA (1)
- SHA-1 (1)
- SOAP (1)
- SaaS (1)
- Second-Order DPA (1)
- Secure Cloud Storage (1)
- Secure data transfer (1)
- Security APIs (1)
- Security Approaches (1)
- Security Protocol (1)
- Seitenkanalattacke (1)
- Semi-Virtual Testbed (1)
- Service-Oriented Architecture (1)
- Side Channel Analysis (1)
- Side Channel Cryptanalysis, Stochastic Methods (1)
- SmartMANET Jamming (1)
- Software Security (1)
- Stuxnet (1)
- TOGBAD (1)
- Tactical Wireless Multi-hop Networks (1)
- Tamper-Proof Hardware (1)
- Tampering (1)
- Template attacks (1)
- Templates (1)
- Testing (1)
- Testing Tool (1)
- Thin Client (1)
- Transponder (1)
- Trusted Computing (1)
- UI-Dressing (1)
- URI (1)
- VLSI (1)
- Video (1)
- Warnings (1)
- Web Browser (1)
- Web Browser Cache (1)
- Web Information Systems and Technologies (1)
- Web Interfaces and Applications (1)
- Web Portal (1)
- Web Security (1)
- Web Service (1)
- Web Service Security (1)
- Web Services and Web Engineering (1)
- WebSocket (1)
- WebSockets (1)
- Wind Fields (1)
- Wind Flow Visualization (1)
- Wireless multi-hop networks (1)
- Wizard of Oz (1)
- Workflow (1)
- Worm Hole (1)
- XAI (1)
- XML (1)
- XML Security (1)
- XML Signature (1)
- XML Signature Wrapping (1)
- XSpRES (1)
- attacks (1)
- caching (1)
- cognitive agents (1)
- cooperation (1)
- cryptographic apis (1)
- developer console (1)
- distributed systems (1)
- emotion recognition (1)
- end-to-end security (1)
- focus groups (1)
- humanoidrobot (1)
- interactive-learning (1)
- intrusion detection (1)
- link quality (1)
- model-driven engineering (1)
- modular reduction (1)
- network (1)
- neural-networks (1)
- participatory design (1)
- reproducible node motion (1)
- reverse engineering, malware, machine learning (1)
- routing attacks (1)
- routing metrics (1)
- security warning design (1)
- services (1)
- signature (1)
- smartcard (1)
- social robots (1)
- software development (1)
- software variability (1)
- tactical environments (1)
- tactical multi-hop networks (1)
- virtual-reality (1)
- web services security (1)
- wormhole detection (1)
In Fortführung zu den drei erfolgreichen „Usable Security und Privacy“ Workshops der letzten drei Jahre, sollen in einem vierten ganztätigen wissenschaftlichen Workshop auf der diesjährigen Mensch und Computer sechs bis acht Arbeiten auf dem Gebiet Usable Security and Privacy vorgestellt und diskutiert werden. Vorgesehen sind Beiträge aus Forschung und Praxis, die neue nutzerzentrierte Ansätze aber auch praxisrelevante Lösungen zur nutzerzentrierten Entwicklung und Ausgestaltung von digitalen Schutzmechanismen thematisieren. Mit dem Workshop soll das etablierte Forum weiterentwickelt werden, in dem sich Experten aus unterschiedlichen Domänen, z. B. dem Usability-Engineering und Security-Engineering, transdisziplinär austauschen können. Der Workshop wird von den Organisatoren als klassischer wissenschaftlicher Workshop ausgestaltet. Ein Programmkomitee bewertet die Einreichungen und wählt daraus die zur Präsentation akzeptierten Beiträge aus. Diese werden zudem im Poster- und Workshopband der Mensch und Computer 2018 veröffentlicht.
Recent years have seen extensive adoption of domain generation algorithms (DGA) by modern botnets. The main goal is to generate a large number of domain names and then use a small subset for actual C&C communication. This makes DGAs very compelling for botmasters to harden the infrastructure of their botnets and make it resilient to blacklisting and attacks such as takedown efforts. While early DGAs were used as a backup communication mechanism, several new botnets use them as their primary communication method, making it extremely important to study DGAs in detail.
In this paper, we perform a comprehensive measurement study of the DGA landscape by analyzing 43 DGAbased malware families and variants. We also present a taxonomy for DGAs and use it to characterize and compare the properties of the studied families. By reimplementing the algorithms, we pre-compute all possible domains they generate, covering the majority of known and active DGAs. Then, we study the registration status of over 18 million DGA domains and show that corresponding malware families and related campaigns can be reliably identified by pre-computing future DGA domains. We also give insights into botmasters’ strategies regarding domain registration and identify several pitfalls in previous takedown efforts of DGA-based botnets. We will share the dataset for future research and will also provide a web service to check domains for potential DGA identity.
Today’s computer systems face a vast array of severe threats that are posed by automated attacks performed by malicious software as well as manual attacks by individual humans. These attacks not only differ in their technical implementation but may also be location-dependent. Consequentially, it is necessary to join the information from heterogeneous and distributed attack sensors in order to acquire comprehensive information on current ongoing cyber attacks.
We present a universal modular robot architecture. A robot consists of the following intelligent modules: central control unit (CCU), drive, actuators, a vision unit and sensor input unit. Software and hardware of the robot fit into this structure. We define generic interface protocols between these units. If the robot has to solve a new application and is equipped with a different drive, new actuators and different sensors, only the program for the new application has to be loaded into the CCU. The interfaces to the drive, the vision unit and the other sensors are plug-and-play interfaces. The only constraint for the CCU-program is the set of commands for the actuators.
Online media consumption is the main driving force for the recent growth of the Web. As especially realtime media is becoming more and more accessible from a wide range of devices, with contrasting screen resolutions, processing resources and network connectivity, a necessary requirement is providing users with a seamless multimedia experience at the best possible quality, henceforth being able to adapt to the specific device and network conditions. This paper introduces a novel approach for adaptive media streaming in the Web. Despite the pervasive pullbased designs based on HTTP, this paper builds upon a Web-native push-based approach by which both the communication and processing overheads are reduced significantly in comparison to the pull-based counterparts. In order to maintain these properties when enhancing the scheme by adaptation features, a server-side monitoring and control needs to be developed as a consequence. Such an adaptive push-based media streaming approach is intr oduced as main contribution of this work. Moreover, the obtained evaluation results provide the evidence that with an adaptive push-based media delivery, on the one hand, an equivalent quality of experience can be provided at lower costs than by adopting pull-based media streaming. On the other hand, an improved responsiveness in switching between quality levels can be obtained at no extra costs.
One of the main aims of current social robotic research is to improve the robots’ abilities to interact with humans. In order to achieve an interaction similar to that among humans, robots should be able to communicate in an intuitive and natural way and appropriately interpret human affects during social interactions. Similarly to how humans are able to recognize emotions in other humans, machines are capable of extracting information from the various ways humans convey emotions-including facial expression, speech, gesture or text-and using this information for improved human computer interaction. This can be described as Affective Computing, an interdisciplinary field that expands into otherwise unrelated fields like psychology and cognitive science and involves the research and development of systems that can recognize and interpret human affects. To leverage these emotional capabilities by embedding them in humanoid robots is the foundation of the concept Affective Robots, which has the objective of making robots capable of sensing the user’s current mood and personality traits and adapt their behavior in the most appropriate manner based on that. In this paper, the emotion recognition capabilities of the humanoid robot Pepper are experimentally explored, based on the facial expressions for the so-called basic emotions, as well as how it performs in contrast to other state-of-the-art approaches with both expression databases compiled in academic environments and real subjects showing posed expressions as well as spontaneous emotional reactions. The experiments’ results show that the detection accuracy amongst the evaluated approaches differs substantially. The introduced experiments offer a general structure and approach for conducting such experimental evaluations. The paper further suggests that the most meaningful results are obtained by conducting experiments with real subjects expressing the emotions as spontaneous reactions.