The European Union's digital assertiveness

The European institutions and EU member states are pushing hard for closer digital integration. In view of the diverse challenges -from protecting critical infrastructure and safeguarding civil liberties to the creation of common markets- "positive integration", that is targeted EU regulatory action, is the way to tackle market failure within and beyond Europe. Draft regulations at the EU level are to take effect inside and outside the internal market: the Digital Single Market Strategy (DSM), the General Data Protection Regulation (GDPR) and the Directive on Network and Information Security (NIS). Digital integration is a precondition for establishing European standards and norms effectively, especially in international politics. (Autorenreferat

Adaptive optics testbed for pre- and post-compensation of earth-to-geo optical communication: downlink results

Optical communication between optical ground stations (OGS) and geostationary (GEO) satellites is a promising technology for future high-speed data transfer between Earth and space. However, such optical communication links suffer from distortions caused by atmospheric turbulence. To explore adaptive optics mitigation of this effect both in the uplink and the downlink beam, we have developed an adaptive optics testbed. In an earlier publication [1], we reported on the results of uplink compensation. In this contribution, we wish to elaborate more on the efficiency of downlink compensation. Further, we will highlight the differences between uplink and downlink compensation

Die digitale Selbstbehauptung der EU

Institutionen und Mitgliedstaaten der EU treiben derzeit mit Hochdruck die digitale Integration voran. In Anbetracht der vielfältigen Herausforderungen - vom Schutz kritischer Infrastrukturen über die Wahrung persönlicher Freiheitsrechte bis zur Schaffung grenzübergreifender Märkte - ist die "positive Integration", also regulative Vorgaben durch die EU, der richtige Weg, um gegen Marktversagen im Binnenmarkt und darüber hinaus anzugehen. Auf EU-Ebene sollen Regulierungen geschaffen werden, die inner- und außereuropäische Wirkung entfalten. Vehikel dazu sind die Strategie für einen digitalen Binnenmarkt (DSM), die Datenschutzgrundverordnung (DSGVO) und die Richtlinie zur Gewährleistung einer gemeinsamen Netzwerk- und Informationssicherheit (NIS). Die digitale Integration ist Voraussetzung dafür, europäische Standards und Normen auch in der internationalen Politik effektiver durchzusetzen. (Autorenreferat

Avoiding the hook : influential factors of phishing awareness training on click-rates and a data-driven approach to predict email difficulty perception

Phishing attacks are still seen as a significant threat to cyber security, and large parts of the industry rely on anti-phishing simulations to minimize the risk imposed by such attacks. This study conducted a large-scale anti-phishing training with more than 31000 participants and 144 different simulated phishing attacks to develop a data-driven model to classify how users would perceive a phishing simulation. Furthermore, we analyze the results of our large-scale anti-phishing training and give novel insights into users’ click behavior. Analyzing our anti-phishing training data, we find out that 66% of users do not fall victim to credential-based phishing attacks even after being exposed to twelve weeks of phishing simulations. To further enhance the phishing awareness-training effectiveness, we developed a novel manifold learning-powered machine learning model that can predict how many people would fall for a phishing simulation using the several structural and state-of-the-art NLP features extracted from the emails. In this way, we present a systematic approach for the training implementers to estimate the average “convincing power” of the emails prior to rolling out. Moreover, we revealed the top-most vital factors in the classification. In addition, our model presents significant benefits over traditional rule-based approaches in classifying the difficulty of phishing simulations. Our results clearly show that anti-phishing training should focus on the training of individual users rather than on large user groups. Additionally, we present a promising generic machine learning model for predicting phishing susceptibility

Web content signing with service workers

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust and therefore the security of the HTTPS system. In this paper we introduce an approach allowing to secure JavaScript files in case a HTTPS connection between web server and browser is compromised. Our paper presents a solution to safeguard the user's browser so that it only processes content (e.g., JavaScript or HTML) that was genuinely provided by the web application service providers themselves. Our solution makes use of service workers, a recently proposed W3C Candidate Recommendation enabling applications to take advantage of persistent background processing, including hooks to enable bootstrapping of web applications while offline. It demonstrates how service workers are able to validate the integrity of JavaScript files within the client's browser and how service workers are used to detect and mitigate malicious JavaScript files

Spin density matrix of the ω in the reaction p¯p→ωπ0

The spin density matrix of the ω has been determined for the reaction p¯p→ωπ0 with unpolarized in-flight data measured by the Crystal Barrel LEAR experiment at CERN. The two main decay modes of the ω into π0γ and π+π-π0 have been separately analyzed for various p¯ momenta between 600 and 1940 MeV/c. The results obtained with the usual method by extracting the matrix elements via the ω decay angular distributions and with the more sophisticated method via a full partial wave analysis are in good agreement. A strong spin alignment of the ω is clearly visible in this energy regime and all individual spin density matrix elements exhibit an oscillatory dependence on the production angle. In addition, the largest contributing orbital angular momentum of the p¯p system has been identified for the different beam momenta. It increases from Lp¯pmax = 2 at 600 MeV/c to Lp¯pmax = 5 at 1940 MeV/c

A Profile Likelihood Analysis of the Constrained MSSM with Genetic Algorithms

The Constrained Minimal Supersymmetric Standard Model (CMSSM) is one of the simplest and most widely-studied supersymmetric extensions to the standard model of particle physics. Nevertheless, current data do not sufficiently constrain the model parameters in a way completely independent of priors, statistical measures and scanning techniques. We present a new technique for scanning supersymmetric parameter spaces, optimised for frequentist profile likelihood analyses and based on Genetic Algorithms. We apply this technique to the CMSSM, taking into account existing collider and cosmological data in our global fit. We compare our method to the MultiNest algorithm, an efficient Bayesian technique, paying particular attention to the best-fit points and implications for particle masses at the LHC and dark matter searches. Our global best-fit point lies in the focus point region. We find many high-likelihood points in both the stau co-annihilation and focus point regions, including a previously neglected section of the co-annihilation region at large m_0. We show that there are many high-likelihood points in the CMSSM parameter space commonly missed by existing scanning techniques, especially at high masses. This has a significant influence on the derived confidence regions for parameters and observables, and can dramatically change the entire statistical inference of such scans.Comment: 47 pages, 8 figures; Fig. 8, Table 7 and more discussions added to Sec. 3.4.2 in response to referee's comments; accepted for publication in JHE