005 Computerprogrammierung, Programme, Daten
Refine
H-BRS Bibliography
- no (142) (remove)
Departments, institutes and facilities
Document Type
- Conference Object (108)
- Article (28)
- Part of a Book (3)
- Book (monograph, edited volume) (1)
- Doctoral Thesis (1)
- Master's Thesis (1)
Year of publication
Language
- English (142) (remove)
Keywords
- Cloud (4)
- Global Software Engineering (4)
- HTTP (4)
- REST (4)
- security (4)
- Offshoring (3)
- Qualitative research (3)
- SOA (3)
- Web (3)
- web caching (3)
- web services (3)
- Business Ethnography (2)
- Claim personal data (2)
- Cloud Security (2)
- Data takeout (2)
- GDPR (2)
- Global Software Development (2)
- Human Factors In Software Design (2)
- Malware analysis (2)
- Methodology (2)
- Privacy (2)
- Security (2)
- Software (2)
- TLS (2)
- Usable Security (2)
- WS-Security (2)
- end user development (2)
- software engineering (2)
- usable privacy (2)
- 3D Printer (1)
- API usability (1)
- Adaptive Media Streaming (1)
- Adaptive Streaming (1)
- Advance Encryption Standard (1)
- Affective computing (1)
- Analysis (1)
- Appropriation Infras-tructure (1)
- Articulation Work (1)
- Authentication (1)
- Botnet tracking (1)
- Botnets (1)
- Browser cache (1)
- Cache Poisoning (1)
- Certificates (1)
- Cipher Block Chain (1)
- Cloud Computing security (1)
- Cloud Malware Injection (1)
- Cloud Standards (1)
- CoAP (1)
- Collaborative design (1)
- Community (1)
- Computer Aided Software Engineering (1)
- Computer Security (1)
- Computer Support (1)
- Computing Milieux (1)
- Conficker (1)
- Conformance Testing (1)
- Constructionism (1)
- Context (1)
- Cooperative Work (1)
- Countermeasures (1)
- Crisis management (1)
- Cyber Attacks (1)
- Cyber Security (1)
- Cybercrime (1)
- Cybercrime Legislation (1)
- DASH (1)
- DNSSEC (1)
- DSGVO (1)
- Data Compression (1)
- Data Reduction (1)
- Data Tiles (1)
- Data collection (1)
- Denial of Service (1)
- Deployment (1)
- Design Case Study (1)
- Design patterns (1)
- Difference-coding (1)
- Digital Energy Management (1)
- Digital Plumbing (1)
- Digital signatures (1)
- Disclosive ethics (1)
- Distribute Software Development (1)
- ELSI (1)
- Ecosystems (1)
- Elderly (1)
- Employment (1)
- End-User Development (1)
- Evaluation (1)
- File carving (1)
- Food (1)
- Fragmented files (1)
- Frontend architecture (1)
- Full-text Search (1)
- Grassroots (1)
- HCI (1)
- HFI (1)
- HTML5 (1)
- HTTPS (1)
- Host-Based Code Injection Attacks (1)
- Human factors (1)
- Human-Robot-Interaction (HRI) (1)
- ICT (1)
- IIoT (1)
- Informational self-determination (1)
- Infrastructuring (1)
- Intelligence Amplification (1)
- Intelligence Augmentation (1)
- Internet Technology (1)
- Internet of Things (1)
- Interviews (1)
- IoT (1)
- IoT services security (1)
- JOSE (1)
- JPEGs (1)
- JSON (1)
- Learning (1)
- Learning Environments (1)
- Legal metrology (1)
- Live Streaming (1)
- Malware (1)
- Malware Detection (1)
- Management (1)
- Memory forensics (1)
- Mental Models (1)
- Message Authentication (1)
- Microservices (1)
- Mobility (1)
- Multimedia Communication (1)
- Multimedia forensics (1)
- Nearshoring (1)
- Organizations (1)
- Partial Data Protection (1)
- Partial Signature (1)
- PartialEncryption (1)
- Participatory Design (1)
- Password Masking (1)
- Password Visualization (1)
- Passwords (1)
- Performance (1)
- Phishing (1)
- Platform economy (1)
- Privacy in the workplace (1)
- Privacy perceptions (1)
- Privatsphäre (1)
- Programmer Workbench (1)
- Public Key Infrastructure (1)
- Push-based Streaming (1)
- RACS (1)
- REST security (1)
- Research Trajectories (1)
- Research methods (1)
- Restful Web Services (1)
- SELMA (1)
- SID (1)
- SME (1)
- SOAP (1)
- SOS calls (1)
- SaaS (1)
- Secure Cloud Storage (1)
- Secure data transfer (1)
- Security APIs (1)
- Security Protocol (1)
- Service-Oriented Architecture (1)
- Small to medium-sized enterprises (1)
- Smart metering (1)
- Sociable Technologies (1)
- Social Capital (1)
- Social Media (1)
- Social learning (1)
- Socio Informatics (1)
- Software Development (1)
- Software Security (1)
- Stuxnet (1)
- Sustainability (1)
- Sustainable HCI (1)
- Testing (1)
- Testing Tool (1)
- Thin Client (1)
- Transportation (1)
- UI-Dressing (1)
- URI (1)
- Usable Privacy (1)
- Usage Experience (1)
- User-Centered Design (1)
- Video (1)
- Warnings (1)
- Web Browser (1)
- Web Browser Cache (1)
- Web Information Systems and Technologies (1)
- Web Interfaces and Applications (1)
- Web Portal (1)
- Web Security (1)
- Web Service (1)
- Web Service Security (1)
- Web Services and Web Engineering (1)
- Web-Tracking (1)
- WebSocket (1)
- WebSockets (1)
- Wind Fields (1)
- Wind Flow Visualization (1)
- Work (1)
- Workflow (1)
- XML (1)
- XML Security (1)
- XML Signature (1)
- XML Signature Wrapping (1)
- XSpRES (1)
- attacks (1)
- caching (1)
- cooperation (1)
- cryptographic apis (1)
- culture (1)
- culture of participation (1)
- data visualization (1)
- design probe (1)
- developer console (1)
- digital fabrication (1)
- distributed systems (1)
- eco-feedback (1)
- emergency response (1)
- emotion recognition (1)
- end-to-end security (1)
- ethnographically informed studies (1)
- focus groups (1)
- humanoidrobot (1)
- knowledge management (1)
- knowledge sharing practices (1)
- maker communities (1)
- mobile computing (1)
- organizational management and coordination (1)
- participatory design (1)
- pervasive computing (1)
- privacy preferences (1)
- privacy settings (1)
- process infrastructure (1)
- project management (1)
- prosumption (1)
- qualitative research methods (1)
- security warning design (1)
- services (1)
- sharing (1)
- signature (1)
- small enterprises (1)
- smart meters (1)
- social robots (1)
- software development (1)
- sustainability (1)
- technological platform (1)
- validity (1)
- visibility (1)
- visualization (1)
- web services security (1)
Most people use disaster apps infrequently, primarily only in situations of turmoil, when they are physically or emotionally vulnerable. Personal data may be necessary to help them, data protections may be waived. In some circumstances, free movement and liberties may be curtailed for public protection, as was seen in the current COVID pandemic. Consuming and producing disaster data can deepen problems arising at the confluence of surveillance and disaster capitalism, where data has become a tool for solutionist instrumentarian power (Zuboff 2019, Klein 2008) and part of a destructive mode of one world worlding (Law 2015, Escobar 2020). The special use of disaster apps prompts us to ask what role consumer protection could play in safeguarding democratic liberties. Within this work, a set of current approaches are briefly reviewed and two case studies are presented of what we call appropriation or design against datafication. These combine document analysis and literature research with several months of online and field ethnographic observation. The first case study examines disaster app use in response to the 2010 Haiti earthquake, the second explores COVID Contact Tracing in Taiwan in 2020/21. Against this backdrop we ask, ‘how could and how should consumer protection respond to problems of surveillance disaster capitalism?’ Drawing on our work with the is IT ethical? Exchange, a co-designed community platform and knowledge exchange for disaster information sharing, and a Societal Readiness Assessment Framework that we are developing alongside it, we explore how co-design methodologies could help define answers.
Recent years have seen extensive adoption of domain generation algorithms (DGA) by modern botnets. The main goal is to generate a large number of domain names and then use a small subset for actual C&C communication. This makes DGAs very compelling for botmasters to harden the infrastructure of their botnets and make it resilient to blacklisting and attacks such as takedown efforts. While early DGAs were used as a backup communication mechanism, several new botnets use them as their primary communication method, making it extremely important to study DGAs in detail.
In this paper, we perform a comprehensive measurement study of the DGA landscape by analyzing 43 DGAbased malware families and variants. We also present a taxonomy for DGAs and use it to characterize and compare the properties of the studied families. By reimplementing the algorithms, we pre-compute all possible domains they generate, covering the majority of known and active DGAs. Then, we study the registration status of over 18 million DGA domains and show that corresponding malware families and related campaigns can be reliably identified by pre-computing future DGA domains. We also give insights into botmasters’ strategies regarding domain registration and identify several pitfalls in previous takedown efforts of DGA-based botnets. We will share the dataset for future research and will also provide a web service to check domains for potential DGA identity.
Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User Study
(2016)
In education, finding the appropriate learning pace that fits to the members of a large group is a challenging task. This becomes especially evident when teaching multidisciplinary subjects such as epidemiology in medicine or computer science in most study programs, since lecturers have to face a very heterogeneous state of previous knowledge. Approaching this issue requires an individual supervision of each and every student, which is obviously bounded by the available resources. Moreover, when referring back to the second example, writing computer programs requires a complex installation and configuration of development tools. Many beginning programmers already become stuck at this entry stage. This paper introduces WHELP, a Web-based Holistic E-Learning Platform, which provides an integrated environment enabling the learning and teaching of computer science topics without the need to install any software. Moreover, WHELP includes an interactive feedback system for each programming exercise, where lecturers or tutors can supply comments, improvements, code assistance or tips helping the students to accomplish their tasks. Furthermore, WHELP offers a statistical analysis module as well as a real-time classroom polling system both promoting an overview of the state of knowledge of a course. In addition to that, WHELP enables collaborative working including code-sharing and peer-to-peer learning. This feature enables students to work on exercises simultaneously at distinct places. WHELP has been successfully deployed in the winter term 2013 at the Cologne University of Applied Sciences supporting the 120 students and 3 lecturers to learn and teach basic topics of computer science in an engineering study program.
Botnets
(2013)
Malware poses one of the major threats to all currently operated computer systems. The scale of the problem becomes obvious by looking at the global economic loss caused by different kinds of malware, which is estimated to be more than US$ 10 billion every year. Botnets, a special kind of malware, are used to reap economic gains by criminals as well as for politically motivated activities. In contrast to other kinds of malware, botnets utilize a hidden communication channel to receive commands from their operator and communicate their current status. The ability to execute almost arbitrary commands on the infected machines makes botnets a general-purpose tool to perform malicious cyber-activities. (Verlagsangaben)
XML Encryption and XML Signature are fundamental security standards forming the core for many applications which require to process XML-based data. Due to the increased usage of XML in distributed systems and platforms such as in SOA and Cloud settings, the demand for robust and effective security mechanisms increased as well. Recent research work discovered, however, substantial vulnerabilities in these standards as well as in the vast majority of the available implementations. Amongst them, the so-called XML Signature Wrapping attack belongs to the most relevant ones. With the many possible instances of this attack type, it is feasible to annul security systems relying on XML Signature and to gain access to protected resources as has been successfully demonstrated lately for various Cloud infrastructures and services. This paper contributes a comprehensive approach to robust and effective XML Signatures for SOAP-based Web Services. An architecture is proposed, which integrates the r equired enhancements to ensure a fail-safe and robust signature generation and verification. Following this architecture, a hardened XML Signature library has been implemented. The obtained evaluation results show that the developed concept and library provide the targeted robustness against all kinds of known XML Signature Wrapping attacks. Furthermore the empirical results underline, that these security merits are obtained at low efficiency and performance costs as well as remain compliant with the underlying standards.
The Web has become an indispensable prerequisite of everyday live and the Web browser is the most used application on a variety of distinct devices. The content delivered by the Web has changed drastically from static pages to media-rich and interactive Web applications offering nearly the same functionality as native applications, a trend which is further pushed by the Cloud and more specifically the Cloud’s SaaS layer. In the light of this development, security and performance of Web browsing has become a crucial issue.