14 research outputs found
Diversification and obfuscation techniques for software security: A systematic literature review
Context: Diversification and obfuscation are promising techniques for securing software and protecting computers from harmful malware. The goal of these techniques is not removing the security holes, but making it difficult for the attacker to exploit security vulnerabilities and perform successful attacks.Objective: There is an increasing body of research on the use of diversification and obfuscation techniques for improving software security; however, the overall view is scattered and the terminology is unstructured. Therefore, a coherent review gives a clear statement of state-of-the-art, normalizes the ongoing discussion and provides baselines for future research.Method: In this paper, systematic literature review is used as the method of the study to select the studies that discuss diversification/obfuscation techniques for improving software security. We present the process of data collection, analysis of data, and report the results.Results: As the result of the systematic search, we collected 357 articles relevant to the topic of our interest, published between the years 1993 and 2017. We studied the collected articles, analyzed the extracted data from them, presented classification of the data, and enlightened the research gaps.Conclusion: The two techniques have been extensively used for various security purposes and impeding various types of security attacks. There exist many different techniques to obfuscate/diversify programs, each of which targets different parts of the programs and is applied at different phases of software development life-cycle. Moreover, we pinpoint the research gaps in this field, for instance that there are still various execution environments that could benefit from these two techniques, including cloud computing, Internet of Things (IoT), and trusted computing. We also present some potential ideas on applying the techniques on the discussed environments.</p
Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies
Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology.
Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organizationâs premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure.
The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users.
In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave.
More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application.
As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyÀÀn hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkÀlle kehittyneet palvelut ovat tehneet siitÀ hyvin kysytyn teknologian. Yritykset enenevÀssÀ mÀÀrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa kÀsittelyÀ yrityksen ulkopuolelle, minkÀ voidaan nÀhdÀ nostavan esiin huolia taltioitavan ja kÀsiteltÀvÀn tiedon turvallisuudesta ja yksityisyydestÀ. TÀmÀ korostaa tehokkaiden turvallisuusratkaisujen merkitystÀ osana pilvi-infrastruktuurin turvaamista.
Esineiden internet -laitteiden lukumÀÀrÀ on nopeasti kasvanut. Teknologiana sitÀ sovelletaan laajasti monilla sektoreilla, kuten ÀlykkÀÀssÀ terveydenhuollossa, teollisuusautomaatiossa ja Àlytiloissa. Sellaiset laitteet kerÀÀvÀt ja vÀlittÀvÀt suuria mÀÀriÀ informaatiota, joka voi sisÀltÀÀ laitteiden kÀyttÀjien kannalta kriittistÀ ja yksityistÀ tietoa. TÀstÀ syystÀ johtuen on erittÀin merkityksellistÀ suojata verkon yli kerÀttÀvÀÀ ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkÀysten mÀÀrÀn olevan nousussa, ja samaan aikaan suuri osuus nÀistÀ laitteista ei omaa kunnollisia teknisiÀ ominaisuuksia itse laitteiden tai niiden kÀyttÀjien yksityisen tiedon suojaamiseksi.
TÀssÀ vÀitöskirjassa tutkitaan pilvilaskennan sekÀ esineiden internetin tietoturvaa ja esitetÀÀn ohjelmistopohjaisia tietoturvalÀhestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lÀhestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi nÀissÀ konteksteissa. TÀmÀn saavuttamiseksi työssÀ sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntÀmisen riskiÀ. VÀitöskirjatyössÀ tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. PyrkimyksenÀ on taata suoritusalustan eheys. TyössÀ tutkitaan myös Intel SGX:ÀÀ yhtenÀ luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekÀ luottamuksellisuuden pohjautuen suojatun sÀiliön, saarekkeen, tekniseen toteutukseen.
Tarkemmin ilmaistuna työssÀ turvataan kÀyttöjÀrjestelmÀ- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssÀ suojataan laitteiden vÀlistÀ tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssÀ sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssÀ hyödynnetÀÀn laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisÀksi nÀmÀ ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti.
TÀmÀn vÀitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. TyössÀ esitetÀÀn myös nÀkemyksiÀ jatkotutkimusaiheista
Design, Implementation, and Automation of a Risk Management Approach for Man-at-the-End Software Protection
The last years have seen an increase in Man-at-the-End (MATE) attacks against
software applications, both in number and severity. However, software
protection, which aims at mitigating MATE attacks, is dominated by fuzzy
concepts and security-through-obscurity. This paper presents a rationale for
adopting and standardizing the protection of software as a risk management
process according to the NIST SP800-39 approach. We examine the relevant
constructs, models, and methods needed for formalizing and automating the
activities in this process in the context of MATE software protection. We
highlight the open issues that the research community still has to address. We
discuss the benefits that such an approach can bring to all stakeholders. In
addition, we present a Proof of Concept (PoC) decision support system that
instantiates many of the discussed construct, models, and methods and automates
many activities in the risk analysis methodology for the protection of
software. Despite being a prototype, the PoC's validation with industry experts
indicated that several aspects of the proposed risk management process can
already be formalized and automated with our existing toolbox and that it can
actually assist decision-making in industrially relevant settings.Comment: Preprint submitted to Computers & Security. arXiv admin note:
substantial text overlap with arXiv:2011.0726
The Machinic Imaginary: A Post-Phenomenological Examination of Computational Society
The central claim of this thesis is the postulation of a machinic dimension of the social imaginaryâa more-than-human process of creative expression of the social world. With the development of machine learning and the sociality of interactive media, computational logics have a creative capacity to produce meaning of a radically machinic order. Through an analysis of computational functions and infrastructures ranging from artificial neural networks to large-scale machine ecologies, the institution of computational logics into the social imaginary is nothing less than a reordering of the conditions of social-historical creation.
Responding to dominant technopolitical propositions concerning digital culture, this thesis proposes a critical development of Cornelius Castoriadisâ philosophy of the social imaginary. To do so, a post phenomenological framework is constructed by tracing a trajectory from Maurice Merleau-Pontyâs late ontological turn, through to the process-relational philosophies of Gilbert Simondon and Castoriadis. Introducing the concept of the machinic imaginary, the thesis maps the extent to which the dynamic, interactive paradigm of twenty-first century computation is changing how meaning is socially instituted in ways incomprehensible to human sense. As social imaginary significations are increasingly created and carried by machines, the articulation of the social diverges into human and non-human worlds. This inaccessibility of the machinic imaginary is a core problematic raised by this thesis, indicating a fragmentation of the social imaginary and a novel form of existential alienation. Any political theorisation of the contemporary social condition must therefore work within this alienation and engage with the transsubjective character of social-historical creation
Human Practice. Digital Ecologies. Our Future. : 14. Internationale Tagung Wirtschaftsinformatik (WI 2019) : Tagungsband
Erschienen bei: universi - UniversitÀtsverlag Siegen. - ISBN: 978-3-96182-063-4Aus dem Inhalt:
Track 1: Produktion & Cyber-Physische Systeme
Requirements and a Meta Model for Exchanging Additive Manufacturing Capacities
Service Systems, Smart Service Systems and Cyber- Physical SystemsâWhatâs the difference? Towards a Unified Terminology
Developing an Industrial IoT Platform â Trade-off between Horizontal and Vertical Approaches
Machine Learning und Complex Event Processing: Effiziente Echtzeitauswertung am Beispiel Smart Factory
Sensor retrofit for a coffee machine as condition monitoring and predictive maintenance use case
Stakeholder-Analyse zum Einsatz IIoT-basierter Frischeinformationen in der Lebensmittelindustrie
Towards a Framework for Predictive Maintenance Strategies in Mechanical Engineering - A Method-Oriented Literature Analysis
Development of a matching platform for the requirement-oriented selection of cyber physical systems for SMEs
Track 2: Logistic Analytics
An Empirical Study of Customersâ Behavioral Intention to Use Ridepooling Services â An Extension of the Technology Acceptance Model
Modeling Delay Propagation and Transmission in Railway Networks
What is the impact of company specific adjustments on the acceptance and diffusion of logistic standards?
Robust Route Planning in Intermodal Urban Traffic
Track 3: Unternehmensmodellierung & Informationssystemgestaltung (Enterprise Modelling & Information Systems Design)
Work System Modeling Method with Different Levels of Specificity and Rigor for Different Stakeholder Purposes
Resolving Inconsistencies in Declarative Process Models based on Culpability Measurement
Strategic Analysis in the Realm of Enterprise Modeling â On the Example of Blockchain-Based Initiatives for the Electricity Sector
Zwischenbetriebliche Integration in der Möbelbranche: Konfigurationen und Einflussfaktoren
Novicesâ Quality Perceptions and the Acceptance of Process Modeling Grammars
Entwicklung einer Definition fĂŒr Social Business Objects (SBO) zur Modellierung von Unternehmensinformationen
Designing a Reference Model for Digital Product Configurators
Terminology for Evolving Design Artifacts
Business Role-Object Specification: A Language for Behavior-aware Structural Modeling of Business Objects
Generating Smart Glasses-based Information Systems with BPMN4SGA: A BPMN Extension for Smart Glasses Applications
Using Blockchain in Peer-to-Peer Carsharing to Build Trust in the Sharing Economy
Testing in Big Data: An Architecture Pattern for a Development Environment for Innovative, Integrated and Robust Applications
Track 4: Lern- und Wissensmanagement (e-Learning and Knowledge Management)
eGovernment Competences revisited â A Literature Review on necessary Competences in a Digitalized Public Sector
Say Hello to Your New Automated Tutor â A Structured Literature Review on Pedagogical Conversational Agents
Teaching the Digital Transformation of Business Processes: Design of a Simulation Game for Information Systems Education
Conceptualizing Immersion for Individual Learning in Virtual Reality
Designing a Flipped Classroom Course â a Process Model
The Influence of Risk-Taking on Knowledge Exchange and Combination
Gamified Feedback durch Avatare im Mobile Learning
Alexa, Can You Help Me Solve That Problem? - Understanding the Value of Smart Personal Assistants as Tutors for Complex Problem Tasks
Track 5: Data Science & Business Analytics
Matching with Bundle Preferences: Tradeoff between Fairness and Truthfulness
Applied image recognition: guidelines for using deep learning models in practice
Yield Prognosis for the Agrarian Management of Vineyards using Deep Learning for Object Counting
Reading Between the Lines of Qualitative Data â How to Detect Hidden Structure Based on Codes
Online Auctions with Dual-Threshold Algorithms: An Experimental Study and Practical Evaluation
Design Features of Non-Financial Reward Programs for Online Reviews: Evaluation based on Google Maps Data
Topic Embeddings â A New Approach to Classify Very Short Documents Based on Predefined Topics
Leveraging Unstructured Image Data for Product Quality Improvement
Decision Support for Real Estate Investors: Improving Real Estate Valuation with 3D City Models and Points of Interest
Knowledge Discovery from CVs: A Topic Modeling Procedure
Online Product Descriptions â Boost for your Sales?
EntscheidungsunterstĂŒtzung durch historienbasierte Dienstreihenfolgeplanung mit Pattern
A Semi-Automated Approach for Generating Online Review Templates
Machine Learning goes Measure Management: Leveraging Anomaly Detection and Parts Search to Improve Product-Cost Optimization
Bedeutung von Predictive Analytics fĂŒr den theoretischen Erkenntnisgewinn in der IS-Forschung
Track 6: Digitale Transformation und Dienstleistungen
Heuristic Theorizing in Software Development: Deriving Design Principles for Smart Glasses-based Systems
Mirroring E-service for Brick and Mortar Retail: An Assessment and Survey
Taxonomy of Digital Platforms: A Platform Architecture Perspective
Value of Star Players in the Digital Age
Local Shopping Platforms â Harnessing Locational Advantages for the Digital Transformation of Local Retail Outlets: A Content Analysis
A Socio-Technical Approach to Manage Analytics-as-a-Service â Results of an Action Design Research Project
Characterizing Approaches to Digital Transformation: Development of a Taxonomy of Digital Units
Expectations vs. Reality â Benefits of Smart Services in the Field of Tension between Industry and Science
Innovation Networks and Digital Innovation: How Organizations Use Innovation Networks in a Digitized Environment
Characterising Social Reading Platformsâ A Taxonomy-Based Approach to Structure the Field
Less Complex than Expected â What Really Drives IT Consulting Value
Modularity Canvas â A Framework for Visualizing Potentials of Service Modularity
Towards a Conceptualization of Capabilities for Innovating Business Models in the Industrial Internet of Things
A Taxonomy of Barriers to Digital Transformation
Ambidexterity in Service Innovation Research: A Systematic Literature Review
Design and success factors of an online solution for cross-pillar pension information
Track 7: IT-Management und -Strategie
A Frugal Support Structure for New Software Implementations in SMEs
How to Structure a Company-wide Adoption of Big Data Analytics
The Changing Roles of Innovation Actors and Organizational Antecedents in the Digital Age
Bewertung des Kundennutzens von Chatbots fĂŒr den Einsatz im Servicedesk
Understanding the Benefits of Agile Software Development in Regulated Environments
Are Employees Following the Rules? On the Effectiveness of IT Consumerization Policies
Agile and Attached: The Impact of Agile Practices on Agile Team Membersâ Affective Organisational Commitment
The Complexity Trap â Limits of IT Flexibility for Supporting Organizational Agility in Decentralized Organizations
Platform Openness: A Systematic Literature Review and Avenues for Future Research
Competence, Fashion and the Case of Blockchain
The Digital Platform Otto.de: A Case Study of Growth, Complexity, and Generativity
Track 8: eHealth & alternde Gesellschaft
Security and Privacy of Personal Health Records in Cloud Computing Environments â An Experimental Exploration of the Impact of Storage Solutions and Data Breaches
Patientenintegration durch Pfadsysteme
Digitalisierung in der StressprĂ€vention â eine qualitative Interviewstudie zu Nutzenpotenzialen
User Dynamics in Mental Health Forums â A Sentiment Analysis Perspective
Intent and the Use of Wearables in the Workplace â A Model Development
Understanding Patient Pathways in the Context of Integrated Health Care Services - Implications from a Scoping Review
Understanding the Habitual Use of Wearable Activity Trackers
On the Fit in Fitness Apps: Studying the Interaction of Motivational Affordances and Usersâ Goal Orientations in Affecting the Benefits Gained
Gamification in Health Behavior Change Support Systems - A Synthesis of Unintended Side Effects
Investigating the Influence of Information Incongruity on Trust-Relations within Trilateral Healthcare Settings
Track 9: Krisen- und KontinuitÀtsmanagement
Potentiale von IKT beim Ausfall kritischer Infrastrukturen: Erwartungen, Informationsgewinnung und Mediennutzung der Zivilbevölkerung in Deutschland
Fake News Perception in Germany: A Representative Study of Peopleâs Attitudes and Approaches to Counteract Disinformation
Analyzing the Potential of Graphical Building Information for Fire Emergency Responses: Findings from a Controlled Experiment
Track 10: Human-Computer Interaction
Towards a Taxonomy of Platforms for Conversational Agent Design
Measuring Service Encounter Satisfaction with Customer Service Chatbots using Sentiment Analysis
Self-Tracking and Gamification: Analyzing the Interplay of Motivations, Usage and Motivation Fulfillment
Erfolgsfaktoren von Augmented-Reality-Applikationen: Analyse von Nutzerrezensionen mit dem Review-Mining-Verfahren
Designing Dynamic Decision Support for Electronic Requirements Negotiations
Who is Stressed by Using ICTs? A Qualitative Comparison Analysis with the Big Five Personality Traits to Understand Technostress
Walking the Middle Path: How Medium Trade-Off Exposure Leads to Higher Consumer Satisfaction in Recommender Agents
Theory-Based Affordances of Utilitarian, Hedonic and Dual-Purposed Technologies: A Literature Review
Eliciting Customer Preferences for Shopping Companion Apps: A Service Quality Approach
The Role of Early User Participation in Discovering Software â A Case Study from the Context of Smart Glasses
The Fluidity of the Self-Concept as a Framework to Explain the Motivation to Play Video Games
Heart over Heels? An Empirical Analysis of the Relationship between Emotions and Review Helpfulness for Experience and Credence Goods
Track 11: Information Security and Information Privacy
Unfolding Concerns about Augmented Reality Technologies: A Qualitative Analysis of User Perceptions
To (Psychologically) Own Data is to Protect Data: How Psychological Ownership Determines Protective Behavior in a Work and Private Context
Understanding Data Protection Regulations from a Data Management Perspective: A Capability-Based Approach to EU-GDPR
On the Difficulties of Incentivizing Online Privacy through Transparency: A Qualitative Survey of the German Health Insurance Market
What is Your Selfie Worth? A Field Study on Individualsâ Valuation of Personal Data
Justification of Mass Surveillance: A Quantitative Study
An Exploratory Study of Risk Perception for Data Disclosure to a Network of Firms
Track 12: Umweltinformatik und nachhaltiges Wirtschaften
KommunikationsfĂ€den im Nadelöhr â Fachliche Prozessmodellierung der Nachhaltigkeitskommunikation am Kapitalmarkt
Potentiale und Herausforderungen der Materialflusskostenrechnung
Computing Incentives for User-Based Relocation in Carsharing
Sustainabilityâs Coming Home: Preliminary Design Principles for the Sustainable Smart District
Substitution of hazardous chemical substances using Deep Learning and t-SNE
A Hierarchy of DSMLs in Support of Product Life-Cycle Assessment
A Survey of Smart Energy Services for Private Households
Door-to-Door Mobility Integrators as Keystone Organizations of Smart Ecosystems: Resources and Value Co-Creation â A Literature Review
Ein EntscheidungsunterstĂŒtzungssystem zur ökonomischen Bewertung von Mieterstrom auf Basis der Clusteranalyse
Discovering Blockchain for Sustainable Product-Service Systems to enhance the Circular Economy
Digitale RĂŒckverfolgbarkeit von Lebensmitteln: Eine verbraucherinformatische Studie
Umweltbewusstsein durch audiovisuelles Content Marketing? Eine experimentelle Untersuchung zur Konsumentenbewertung nachhaltiger Smartphones
Towards Predictive Energy Management in Information Systems: A Research Proposal
A Web Browser-Based Application for Processing and Analyzing Material Flow Models using the MFCA Methodology
Track 13: Digital Work - Social, mobile, smart
On Conversational Agents in Information Systems Research: Analyzing the Past to Guide Future Work
The Potential of Augmented Reality for Improving Occupational First Aid
Prevent a Vicious Circle! The Role of Organizational IT-Capability in Attracting IT-affine Applicants
Good, Bad, or Both? Conceptualization and Measurement of Ambivalent User Attitudes Towards AI
A Case Study on Cross-Hierarchical Communication in Digital Work Environments
âShow Me Your People Skillsâ - Employing CEO Branding for Corporate Reputation Management in Social Media
A Multiorganisational Study of the Drivers and Barriers of Enterprise Collaboration Systems-Enabled Change
The More the Merrier? The Effect of Size of Core Team Subgroups on Success of Open Source Projects
The Impact of Anthropomorphic and Functional Chatbot Design Features in Enterprise Collaboration Systems on User Acceptance
Digital Feedback for Digital Work? Affordances and Constraints of a Feedback App at InsurCorp
The Effect of Marker-less Augmented Reality on Task and Learning Performance
Antecedents for Cyberloafing â A Literature Review
Internal Crowd Work as a Source of Empowerment - An Empirical Analysis of the Perception of Employees in a Crowdtesting Project
Track 14: GeschÀftsmodelle und digitales Unternehmertum
Dividing the ICO Jungle: Extracting and Evaluating Design Archetypes
Capturing Value from Data: Exploring Factors Influencing Revenue Model Design for Data-Driven Services
Understanding the Role of Data for Innovating Business Models: A System Dynamics Perspective
Business Model Innovation and Stakeholder: Exploring Mechanisms and Outcomes of Value Creation and Destruction
Business Models for Internet of Things Platforms: Empirical Development of a Taxonomy and Archetypes
Revitalizing established Industrial Companies: State of the Art and Success Principles of Digital Corporate Incubators
When 1+1 is Greater than 2: Concurrence of Additional Digital and Established Business Models within Companies
Special Track 1: Student Track
Investigating Personalized Price Discrimination of Textile-, Electronics- and General Stores in German Online Retail
From Facets to a Universal Definition â An Analysis of IoT Usage in Retail
Is the Technostress Creators Inventory Still an Up-To-Date Measurement Instrument? Results of a Large-Scale Interview Study
Application of Media Synchronicity Theory to Creative Tasks in Virtual Teams Using the Example of Design Thinking
TrustyTweet: An Indicator-based Browser-Plugin to Assist Users in Dealing with Fake News on Twitter
Application of Process Mining Techniques to Support Maintenance-Related Objectives
How Voice Can Change Customer Satisfaction: A Comparative Analysis between E-Commerce and Voice Commerce
Business Process Compliance and Blockchain: How Does the Ethereum Blockchain Address Challenges of Business Process Compliance?
Improving Business Model Configuration through a Question-based Approach
The Influence of Situational Factors and Gamification on Intrinsic Motivation and Learning
Evaluation von ITSM-Tools fĂŒr Integration und Management von Cloud-Diensten am Beispiel von ServiceNow
How Software Promotes the Integration of Sustainability in Business Process Management
Criteria Catalog for Industrial IoT Platforms from the Perspective of the Machine Tool Industry
Special Track 3: Demos & Prototyping
Privacy-friendly User Location Tracking with Smart Devices: The BeaT Prototype
Application-oriented robotics in nursing homes
Augmented Reality for Set-up Processe
Mixed Reality for supporting Remote-Meetings
Gamification zur Motivationssteigerung von Werkern bei der Betriebsdatenerfassung
Automatically Extracting and Analyzing Customer Needs from Twitter: A âNeedminingâ Prototype
GaNEsHA: Opportunities for Sustainable Transportation in Smart Cities
TUCANA: A platform for using local processing power of edge devices for building data-driven services
Demonstrator zur Beschreibung und Visualisierung einer kritischen Infrastruktur
Entwicklung einer alltagsnahen persuasiven App zur Bewegungsmotivation fĂŒr Ă€ltere Nutzerinnen und Nutzer
A browser-based modeling tool for studying the learning of conceptual modeling based on a multi-modal data collection approach
Exergames & Dementia: An interactive System for People with Dementia and their Care-Network
Workshops
Workshop Ethics and Morality in Business Informatics (Workshop Ethik und Moral in der Wirtschaftsinformatik â EMoWIâ19)
Model-Based Compliance in Information Systems - Foundations, Case Description and Data Set of the MobIS-Challenge for Students and Doctoral Candidates
Report of the Workshop on Concepts and Methods of Identifying Digital Potentials in Information Management
Control of Systemic Risks in Global Networks - A Grand Challenge to Information Systems Research
Die Mitarbeiter von morgen - Kompetenzen kĂŒnftiger Mitarbeiter im Bereich Business Analytics
Digitaler Konsum: Herausforderungen und Chancen der Verbraucherinformati
Digital Forensics AI: on Practicality, Optimality, and Interpretability of Digital Evidence Mining Techniques
Digital forensics as a field has progressed alongside technological advancements over the years, just as digital devices have gotten more robust and sophisticated. However, criminals and attackers have devised means for exploiting the vulnerabilities or sophistication of these devices to carry out malicious activities in unprecedented ways. Their belief is that electronic crimes can be committed without identities being revealed or trails being established. Several applications of artificial intelligence (AI) have demonstrated interesting and promising solutions to seemingly intractable societal challenges. This thesis aims to advance the concept of applying AI techniques in digital forensic investigation. Our approach involves experimenting with a complex case scenario in which suspects corresponded by e-mail and deleted, suspiciously, certain communications, presumably to conceal evidence. The purpose is to demonstrate the efficacy of Artificial Neural Networks (ANN) in learning and detecting communication patterns over time, and then predicting the possibility of missing communication(s) along with potential topics of discussion. To do this, we developed a novel approach and included other existing models. The accuracy of our results is evaluated, and their performance on previously unseen data is measured. Second, we proposed conceptualizing the term âDigital Forensics AIâ (DFAI) to formalize the application of AI in digital forensics. The objective is to highlight the instruments that facilitate the best evidential outcomes and presentation mechanisms that are adaptable to the probabilistic output of AI models. Finally, we enhanced our notion in support of the application of AI in digital forensics by recommending methodologies and approaches for bridging trust gaps through the development of interpretable models that facilitate the admissibility of digital evidence in legal proceedings
Digital Forensics AI: on Practicality, Optimality, and Interpretability of Digital Evidence Mining Techniques
Digital forensics as a field has progressed alongside technological advancements over the years, just as digital devices have gotten more robust and sophisticated. However, criminals and attackers have devised means for exploiting the vulnerabilities or sophistication of these devices to carry out malicious activities in unprecedented ways. Their belief is that electronic crimes can be committed without identities being revealed or trails being established. Several applications of artificial intelligence (AI) have demonstrated interesting and promising solutions to seemingly intractable societal challenges. This thesis aims to advance the concept of applying AI techniques in digital forensic investigation. Our approach involves experimenting with a complex case scenario in which suspects corresponded by e-mail and deleted, suspiciously, certain communications, presumably to conceal evidence. The purpose is to demonstrate the efficacy of Artificial Neural Networks (ANN) in learning and detecting communication patterns over time, and then predicting the possibility of missing communication(s) along with potential topics of discussion. To do this, we developed a novel approach and included other existing models. The accuracy of our results is evaluated, and their performance on previously unseen data is measured. Second, we proposed conceptualizing the term âDigital Forensics AIâ (DFAI) to formalize the application of AI in digital forensics. The objective is to highlight the instruments that facilitate the best evidential outcomes and presentation mechanisms that are adaptable to the probabilistic output of AI models. Finally, we enhanced our notion in support of the application of AI in digital forensics by recommending methodologies and approaches for bridging trust gaps through the development of interpretable models that facilitate the admissibility of digital evidence in legal proceedings
Recommended from our members
The Search for an Internationalist Aesthetics: Soviet Images of China, 1920-1935.
This dissertation examines images of China produced in early Soviet culture, focusing in particular on the mid-to-late 1920s, a period of heightened Soviet involvement in Chinese politics. It argues that China became in this period the primary testing ground for the creation of an "internationalist aesthetics": a mode of representation that might express horizontal solidarity over vertical dominance, and inscribe China into the global map envisioned by Marist-Leninist theories of revolution. Seeking to produce a new China to replace the exotic Orient, Soviet artists and writers experimented with multiple genres and media--reportage, film, theatre, biography--in their search for the correct mode for internationalist aesthetics. The struggle over how to represent the world for a revolutionary society thus coalesces, in this period, around the question of how to represent China.
Such an aesthetics is inevitably interconnected with politics, and internationalist aesthetics encountered and expressed the same ambiguities as the political project of Soviet internationalism: a liberatory, anti-imperial ideology that simultaneously sought to control political and historical narratives from the world revolution's proclaimed centre in Moscow. Consequently, these disparate images are united by an insistence on the privileged position and perspective of the Soviet observer, who looks at Chinese reality with a combination of advanced modern knowledge, sympathy with oppression, and revolutionary experience that is purportedly inaccessible to other Europeans, or indeed to the Chinese themselves. This privileged perspective on China undergirds the claims of internationalist aesthetics to present a true image of the world. The search for an authoritative mode for internationalist aesthetics is hampered, however, by recurrent issues of access, mediation and translatability, and by lingering parallels between this avowedly anti-imperialist discourse and the imperial systems of knowledge production it supposedly replaces
Recommended from our members
A paradigmatic framework for flight safety
Statistically, travel by air is one of the safest forms of transportation. Yet we continue to experience aviation tragedies. Do we fully understand flight safety or is there another way of looking at the problem? In this work a new way of approaching the question of flight safety is developed, justified and illustrated. Traditional methods are shown to be insufficient for a full understanding of flight safety. They do not provide an adequate explanation of the context of aviation safety. The issue is approached from a new perspective with a methodology based on a philosophical understanding of explanation. For the examination of the context of aviation safety traditional modes of scientific explanation are rejected in favor of a paradigmatic explanation. A framework for explaining the context of accidents and safety, in general, is synthesized from four broad paradigms which characterize its patterned nature: the cognitive paradigm, the paradigm of normal accidents, the paradigm of technology, and the paradigm of organizational complexes. The development of the framework is supported by a wide diversity of literature from philosophers, psychologists, social scientists and engineers. It is explicated with numerous examples throughout. The framework is then compared with the traditional mode of explanation through an extensive pedagogical case-study of a specific accident. The new framework is complementary to traditional approaches and new insights are pointed up. Finally, some broad recommendations are made for the community of professionals concerned with improving aviation safety