Titel: Ausgewählte Themen in Verteilten Systemen
Englischer Titel: Selected Topics in Distributed Systems
Typ: Seminar, Modul
Kürzel / Nr. / Modulnr.: ATVS / CS5900.113 / 72041
SWS / LP: 2S / 4LP
Dozent: Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck
Betreuungspersonen: Leonard Bradatsch, Gerhard Habiger, Alexander Heß, Dominik Meißner, Migena YmerajNataša Trkulja, Externe
Termine: Einführungsveranstaltung
Wissenschaftliches Arbeiten
LaTeX-Einführung
Präsentationstechniken
Vortragsblocktermin (ganztägig)
Räume und Daten siehe Moodlekurs.
Lernplattform: Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen.
Themenvergabe: Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester").
Sprache: Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben.

Themen

AlphaFold and RoseTTa - Democratizing Microbiology through Software – English only

Proteins are one of the central building blocks of biological life on earth. They perform an unimaginably large collection of tasks within our bodies every nanosecond of our existence, while we breathe and think and write seminar papers for our curriculum. The basic structure and genesis of proteins seems very simple: Proteins are created by simpy linking together molecules from a set of 20 available building blocks (called amino acids), to form long chains of these building blocks. Governed by fundamental molecular forces acting between the links of the chains, they then fold up into complicated shapes to yield a working Protein and fulfil their designated function. Since the discovery of the mechanisms behind the creation of proteins, the prediction of the resulting shape of a protein when only given the input sequence of its building blocks, i.e., how a protein folds up after being created, has been one of the longest standing and hardest problems of computational biology.
Very recently and with great fanfare, AlphaFold and RoseTTAFold, two tools to predict protein structures from an input sequence of amino acids, have been released to the public, putting the potential power of microbiological revolution at the fingertips of millions of interested researches. Being able to predict the shape of proteins allows us to design new medications against a myriad of diseases, engineer organisms to act as bioreactors for new and exciting industries, and understand life at its smallest levels. This seminar paper should provide a short introduction and overview over RoseTTAFold and AlphaFold. It should discuss their inner workings, explore introductory demos the tools provide, write about the relationship between both tools, and show their current shortcomings.

Gerhard Habiger

Authentication in Web Applications – English only

Modern web application development encompasses a variety of approaches to implement authentication and session handling, ranging from traditional password-based authentication and cookie-based session handling to multi-factor authentication and complex authentication protocols, such as OAuth, OpenID, and SAML. Depending on the requirements of the application some approaches are better suited than others. This seminar should explore the authentication design space and compare stateful and stateless session handling approaches.

dome Meißner

Containerization Technologies – English only

Kubernetes, Docker Swarm, Openshift, Portainer, Apache Mesos and others are in everyones mind. They've been made to revolutionize how to separate several applications and software stacks from each other. But did you ever had a look at the underlying technologies? In this survey the student is asked to examine, compare and summarize the main differences between many (at least five) different OS-level virtualization technologies currently existing in modern desktop and server environments. As a first task, the student needs to introduce the main ideas behind the concepts of such user space instances and its differences to other approaches like hardware-based virtualization. Maybe, also an historical overview can be given as a guide for the reader. In a second step the student has to examine the differences of the proposed technologies and summarize them according to their dis-/advantages. Finally, the student has to conclude which technology might be the best for which use cases, e.g. working in privacy-aware, secure or speed-optimized environments.

Thomas Bläsing

Cybersecurity vulnerabilities and attacks on C-V2X networks – English only

Cellular Vehicle-to-Everything (C-V2X) networks have emerged as an alternative to Dedicated Short Range Communications (DSRC), a 802.11p-based vehicular network. C-V2X networks can operate in the so-called Mode 3, that relies on the cellular base-station to manage the allocation of frequencies for each vehicle to transmit on, as well as Mode 4, that enables the vehicles to allocate transmission frequencies on their own. This seminar aims to identify potential security vulnerabilities in C-V2X networks operating in both Mode 3 and Mode 4 and, subsequently, classify the types of attacks that could be launched on these vehicular networks.

Nataša Trkulja

Distributed Machine Learning – English only

Due to the poor scalability and efficiency of learning algorithms, Machine Learning cannot handle large-scale data. This issue gave rise to Distributed Machine Learning. Even though it is a promising line of research, it still faces a lot of challenges. The goal of this seminar is to discover the importance of Distributed Machine Learning, while comparing it with traditional Machine Learning environments and investigating its challenges.

Migena Ymeraj

Egalitarian Consensus – English only

The majority of consensus protocols require an elected leader for the coordination of the replicas, and the interaction with the clients. However, Egalitarian consensus protocols omit an explicit leader in order to provide better load-balancing throughout all replicas. While such approaches are able to achieve significantly lower latencies, given that certain preconditions are met, they also introduce further challenges in their implementation.
The task of this seminar is to dive into the internals of a few selected Egalitarian consensus protocols, and provide an overview of their architectural characteristics.

Alexander Heß

Failure Recovery from Persistent Memory in SMR – English only

Persistent memory modules provide a non-volatile alternative to DRAM modules. These modules are also accessible through the system's memory bus, however the stored data survives a power outage. While they come with a performance penalty compared to DRAM modules, their access time is still significantly faster in comparison to solid state disks.

A suitable use case for such memory modules, are state-machine replicated systems that achieve fault tolerance by operating multiple replicated servers. In case one of these replicas suffers from a power outage, it may lose state updates that have not yet been written to disk. After a reboot, such a replica has to recover by querying other replicas for the missing data. The use of persistent memory modules would allow to circumvent this extra step, since the updates are still present. However, simply replacing DRAM modules with persistent memory modules would drastically reduce the system's performance. Instead, different techniques have been proposed to mitigate their performance penalty, while still achieving efficient recovery. The task of this seminar is to provide an overview and a comparison of these different strategies.

Alexander Heß

Feasibility of real-world evasion attacks against machine learning for image recognition – English only

This seminar topic shall compare existing machine learning evasion attacks on image recognition models to estimate their feasibility under the assumption of a limited attacker. Thus, the most recent attacks that propose to work with a physical patch or object–forged to manipulate the recognition outcome without direct access to the software or hardware (e. g., digital camera image)–should be identified from literature. A selection of three of these attacks should be compared with each other with focus on the qualitative discussion how likely the attack may be a threat to a deployed cyber physical system.

Stephan Kleber (Daimler TSS)

Federated Learning – English only

Federated Learning (FL) is a privacy-preserving machine learning technique, enabling parties to train their own model, using their own data on the device. An important aspect of FL is that data never leaves the device. Your task in this seminar is to investigate the role of FL in supporting privacy-sensitive applications, while analyzing its advantages and core challenges.

Migena Ymeraj

Machine learning methods for cybersecurity applications – English only

Machine learning has been used in a variety of applications ranging from recommendation engines, medical diagnosis, financial market analysis to self-driving vehicles. The goal of this seminar is to investigate how different machine learning methods have been employed for cybersecurity applications, as well as to analyze the effectiveness of these methods in such applications.

Nataša Trkulja

Network Security Breaches – English only

The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained.

Leonard Bradatsch

Feasibility of real-world evasion attacks against machine learning for image recognition – English only

Block ciphers only work on inputs that are a multiple of the cipher’s block length in commonly used modes such as CBC. As data usually comes in arbitrary lengths, inputs to these algorithms need to be extended (padded) to a multiple of the block length. This seemingly simple problem lead to quite huge cryptographic problems. Depending on the scenario, it is even possible that an attacker is able to completely decrypt the ciphertext or encrypt data of their choosing. Your paper and presentation should explain the details of how a padding oracle works and how it can be used for decryption and ciphertext forgery. Moreover, you should give an overview of the problems this attack scenario caused as well as how the security community tries to avoid it nowadays.

Martin Lang (BMW)

Perimeter Security and why it is no longer sufficient – English only

Perimeter security is still the dominant network security architecture in 2022. In this paper, the basic principle of perimeter security will be presented. Above all, however, the weak points are to be pointed out.

Leonard Bradatsch

Privacy-Preserving Machine Learning in Healthcare Domain – English only

Hospitals, other public institutions or companies are using medical information to perform computations and use the results for their own analysis. However, the data being collected or shared, might be sensitive and leak critical information about the data source. Therefore, Privacy-Preserving Machine Learning (PPML) plays an essential role, enabling machine learning process without compromising the private data. The goal of this seminar is to give an overview of PPML approaches applied in the healthcare domain, while explaining their role in protecting health data.

Migena Ymeraj

Secure Multi-Party Computation – English only

The goal of Secure Multi-Party Computation (MPC) is to enable parties to work together without ever knowing one another's confidential information. It plays an important role in solving security and privacy issues and there are many examples of where it can be helpful. The aim of this seminar is to investigate MPC with respect to both theoretical and practical aspects.

Migena Ymeraj

Security Vulnerabilities in Video Games – English only

The video game industry is booming, fueled by the Covid crysis, but also driven by eSports where tournaments are held with a price money of up to 45 million dollars. In order to take a good share of this cake, video games are released in faster cycles. As with other software applications, less development times, means more flaws. Latest releases of big publishers showed games with a huge number of bugs, where most of them affect stability or the user experience. But some do also affect the security of the gamers' computer. In this seminar you should gather security vulnerabilities introduced by the gaming industry (including their clients), analyze and categorize them.

Michael Wolf

Smart Contract Security – English only

Distributed ledgers such as Ethereum allow digital ownership of funds and their programmatical transfer via so-called smart contracts. The novel architecture of these distributed state machines poses new security challenges. As smart contracts deal with financial values, each security issue potentially has a financial impact. This seminar should highlight the unique security challenges of smart contracts such as re-entrancy issues, the impossibility of storing private data on-chain, or the dependence on randomness oracles that can be manipulated.

Henning Kopp (Code White)

Software-transactional Memory – English only

Software-transactional memory, or STM for short, is a concept to change content within main memory with a single atomic action. This can be used to implement atomic operations, or even transactions as known from database management systems. To implement classic transactions multiple versions of data may be kept in memory, and some tracking of dependencies is necessary to finally avoid inconsistent transactional semantics. Some implementation avoid any form of locking, but rely on atomic memory-access instructions like swapping one or two to memory words. Others add locking to avoid retries. For this topic, the student shall introduce the idea of STM and consider some of the techniques how to use and/or implement it. The approach could be more theory oriented or more implementation oriented, e.g. by also considering implementations for Java.

Franz J. Hauck

The Raft Consensus Algorithm and its Applications – English only

Raft is a Crash-Fault Tolerant consensus algorithm, which was developed with the motivation of providing a more comprehensible alternative to the Paxos algorithm. The Raft algorithm was proposed in 2014, and has been heavily adopted by different orchestration and database management tools by now.
The task of this seminar is to provide an overview of the Raft algorithm's internals and its application in fault-tolerant systems.

Alexander Heß

Zero-knowledge Proofs – English only

In cryptography zero-knowledge proofs are protocols for two parties where on party can proof a statement to a verifying party without revealing additional information to the verifier except that the statement is true. This cryptographic building block is used within a variety of applications and other cryptographic protocols, such as authentication, distributed ledgers, and online voting. This topic should introduce zero-knowledge proofs and provide an overview of different types of zero-knowledge proofs as well as how proofs for different statements can be constructed.

dome Meißner

Sorted by Topics

  • Machine Learning
    • Distributed Machine Learning
    • Federated Learning
    • Feasibility of real-world evasion attacks against machine learning for image recognition
    • Machine learning methods for cybersecurity applications
    • Privacy-Preserving Machine Learning in Healthcare Domain
  • Cryptography
    • Padding Oracles
    • Secure Multi-Party Computation
    • Zero-knowledge Proofs
  • IT Security in the Wild
    • Authentication in Web Applications
    • Cybersecurity vulnerabilities and attacks on C-V2X networks
    • Network Security Breaches
    • Perimeter Security and why it is no longer sufficient
    • Smart Contract Security
  • Fault Tolerance in Distributed Systems
    • Egalitarian Consensus
    • Failure Recovery from Persistent Memory in SMR
    • The Raft Consensus Algorithm and its Applications
  • Systems, Technologies, and Beyond
    • AlphaFold and RoseTTa - Democratizing Microbiology through Software
    • Containerization Technologies
    • Software-transactional Memory

Beschreibung und allgemeine Angaben, Modulbeschreibung

Einordnung in die Studiengänge:
Informatik, B.Sc.: Seminar
Medieninformatik, B.Sc.: Seminar
Software-Engineering, B.Sc.: Seminar
(siehe auch unsere Hinweise zu Seminaren)
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP
Modulkoordinator: Prof. Dr. Frank Kargl
Unterrichtssprache: Deutsch
Turnus / Dauer: jedes Semester / ein volles Semester
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar
Voraussetzungen (formal): -
Grundlage für (inhaltlich): -

Lernziel:

Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten.

Inhalt:

Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt.

Literatur:

Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben

Bewertungsmethode:

FSPO < 2017: Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit.
FSPO ≥ 2017: Die Vergabe der Leistungspunkte für das Modul erfolgt aufgrund der regelmäßigen Teilnahme, der vollständigen Bearbeitung eines übernommenen Themas (Vortrag und schriftliche Ausarbeitung) sowie der Beteiligung an der Diskussion. Die genauen Modalitäten werden zu Beginn der Veranstaltung bekannt gegeben. Die Anmeldung zur Prüfung setzt keinen Leistungsnachweis voraus.

Notenbildung:

FSPO < 2017: unbenotet
FSPO ≥ 2017: Die Modulnote entspricht dem Ergebnis der Modulprüfung. Die Note der Modulprüfung ergibt sich aus den Noten der Ausarbeitung (40%), der Präsentation (40%) und der Arbeitsweise (20%). Im Transcript of Records wird die errechnete Note für die Modulprüfung als eine Prüfungsleistung eingetragen und ausgewiesen.

Arbeitsaufwand:

Präsenzzeit: 30 h
Vor- und Nachbereitung: 90 h
Summe: 120 h