|Titel:||Ausgewählte Themen in Verteilten Systemen|
|Englischer Titel:||Selected Topics in Distributed Systems|
|Kürzel / Nr. / Modulnr.:||ATVS / CS5900.113 / 72041|
|SWS / LP:||2S / 4LP|
|Dozent:||Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck|
|Betreuer:||Ala'a Al-Momani, Felix Engelmann, Benjamin Erb, Eugen Frasch, Gerhard Habiger, Stephan Kleber, Henning Kopp, Dominik Lang, Thomas Lukaseder, Matthias Matousek, David Mödinger, Rens van der Heijden|
|Termine:||18.04.2017 10:15-11:45: Einführungsveranstaltung (verpflichtend) |
25.04.2017 10:15-11:45: Wissenschaftliches Arbeiten (verpflichtend)
27.04.2017 16:15-17:45: LaTeX-Einführung (freiwillig)
22.06.2017 16:15-17:45: Präsentationstechniken (verpflichtend)
14.07.2017: Vortragsblocktermin (ganztägig), Räume werden noch bekannt gegeben
|Lernplattform:||Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch hinzugefügt, sobald Sie eines unserer Seminare besuchen.|
|Themenvergabe:||Die Themenvergabe erfolgt über die zentrale Seminarthemen-Vergabe-Plattform.|
|Sprache:||Alle Themen können in deutscher oder englischer Sprache bearbeitet werden, sofern nicht anders angegeben.|
• frei ✘ belegt
✘ Vehicle Platooning – English only
Vehicle Platooning is considered one of the most promising applications to be implemented in vehicular networks. It gained its importance due to the huge number of benefits it provides for cars/trucks on, specially, highways. Despite the benefits it provides, it suffers from a quite number of limitations and challenges. Within this seminar, you are going to investigate vehicle platooning in more details by addressing the limitations and challenges it suffers from. In addition, the possible ways to defeat them need to be examined.
✘ Machine Learning Applications in Vehicular Networks – English onlyMachine learning brings enormous number of benefits to fields where it is applied on. In vehicular networks, it is considered one of the main bases of critical applications, e.g. Autonomous Driving. In this seminar, Machine learning approaches that has been proposed to be used in vehicular networks generally and autonomous driving in particular will be investigated. The implications of applying such techniques -e.g. delay, decision accuracy, etc...- need to be examined as well.
✘ Digital Identities for 3D Printed Objects – English only3D printing technologies are spreading in many big scale manufacturing processes and introduce challenges which are otherwise only relevant in the digital world. Simplified duplication of physical objects can lead to piracy or safety issues in regulated industries. A promising solution to this would be uniquely identifiable, unclonable objects, e.g. with an integrated physically unclonable function (PUF). The goal of this seminar is to survey the different approaches to link a physical object to a digital identity.
✘ Challenges of Scanning the IPv6 Address Space – English onlyWith the progress of IPv6 deployment, surveys of the complete internet address space by enumeration are no longer feasible, compared to the 2^32 IPv4s, which can be contacted in a few minutes. However there are approaches to reduce the search space by preselecting active DNS entries, common host suffixes, promising subnets from BGP announcements and many more. The goal of this seminar is to elaborate on the possible scanning methods and counter measures in the IPv6 network.
✘ Machine Bias and the Threat of Algocracy – English onlyThe rise of big data, artificial intelligence, and related technological trends are going to transform the everyday life of people. A potential rule of algorithms and the hidden biases carved into data analytics and machine learning models represent significant challenges on society, entailing political, ethical, and psychological consequences. This seminar paper should unveil these challenges and assess the dystopic perspective while pointing out corrective actions.
• π-calculus – English onlyAs a process calculus the p-calculus describes the movement of a piece of data in exactly the same way as the tranfer of a message. Thus the p-calculus is used to define concurrent computations whose network configuration may change during the computation. The goal of this seminar is to look at motivation, theory and expressiveness of pi-calculus.
✘ Slurm – English onlyAs a cluster management and job scheduling system Slurm is used in small and large Linux clusters. Slurm is open-source, fault tolerant, highly scalable and relatively self-contained. The goal of this seminar is to give an overview of Slurm, it's functionality and deeper characteristics.
✘ Apache Eagle – English onlyApache Eagle is an open source, distributed real-time monitoring alerting engine for instant identification of sensitive data access and recognition of malicious activities. Eagle audits access to HDFS files, Hive, and HBase tables in real time, enforces policies and alerts or blocks users’ access in real time.
The goal of this seminar is to give an overview of Apache Eagle, it's architecture and functionality.
✘ The State of Logical Time – English onlyIn distributed systems there is no global time. To work around this limitation logical clocks, a form of event counters, like vector clocks were introduced in the 1980s. The goal of this seminar is to research some more recent developments on the state of logical clocks, especially improvements in size or performance.
✘ Temporal Logic of Actions: model checking concurrent distributed systems – English onlyDue to their diversity and complexity, distributed systems often exhibit indeterministic behaviour. This makes it very hard to correctly design new systems, since errors may only manifest themselves rarely and under specific circumstances, which are difficult to test for. Mathematically modeling such systems allows to formally test their behaviour and exhaustively check every possible state they can ever be in, making it (theoretically) impossible for a system to fail due to design flaws. One tool to model concurrent distributed systems is Lamport's TLA+. The goal of this seminar is to give an introduction to TLA+ and its current state, and to provide an example of a real world application of TLA+.
✘ Misbehavior reporting and revocation in Vehicular PKIs – English onlyVehicular ad-hoc networks are an attempt to improve driving safety for both drivers and autonomous vehicles, by allowing the exchange of information between vehicles. Because this information is safety-relevant, it should be authenticated, which current standards propose to do with a PKI. Such a PKI typically also allows reporting of malicious messages (misbehavior reporting). The goal of this seminar is to analyze different possible strategies on how to transfer and process the reports, which should result in the revocation of an attacker.
✘ Alignment-free Protocol Message Format Reverse Engineering – English onlyUnderstanding the communication of networked systems without knowing the protocol specification can be achieved by the reverse engineering of the network traffic. Examples for use cases of this approach are the analysis of botnets and vulnerability detection in network protocol implementations.
Several methods to infer the protocol message format use the Needleman-Wunsch-algorithm-based progressive multiple sequence alignment. Instead, also alignment-free methods to find structure in byte sequences are available. Especially interesting examples are the Sequitur algorithm and the Leimeister et al. alignment-free method.
The goal of this seminar topic is to identify commonalities and differences between these algorithms with focus on applicability to infer message formats of protocols and to discuss their respective strengths and weaknesses.
✘ Formal Methods in Program Analysis – English onlyTo reason about a program, naively one can run it on different inputs and compare the outputs in order to find structure. In contrast, one can execute the program only symbolically, not with concrete inputs but instead with symbolic variables. Then it becomes possible to reason about a program by comparing the execution paths in the program.
The student should describe symbolic execution and its shortcomings and improvements like concolic execution. Examples in an appropriate framework like angr are welcome.
✘ Cryptography Engineering – English onlyEvery day we rely on the security of applied cryptography (e.g. security protocols) to protect our data. This application of cryptography in real world solutions is difficult and prone to errors; one mistake can compromise the entire security.
Cryptography engineering is the discipline of creating these real world solutions and entails two different aspects: the creation of cryptographic protocols by combining several cryptographic primitives (e.g. MAC and symmetric encryption), and the implementation (software / hardware) of cryptographic protocols.
The goal of this seminar paper is to give an overview of cryptography engineering with a focus on dos and don'ts, and best practices for creating and implementing cryptographic protocols.
Note: It is highly recommended that the student has basic knowledge of cryptography, for example by having attended a cryptography and/or IT security lecture.
✘ Software-Defined Networking – Chances and Risks for Network Security – English onlySoftware-Defined Networking (SDN) is an approach to computer networking that decouples the control plane—that is the network administration—from the data plane where the regular packet forwarding occurs. The most common SDN technology is the OpenFlow protocol. The design of this protocol features one controlling device—the SDN controller—that monitors all network devices and network policies. Such a centralized design can both help network security by simplifying network monitoring and be a threat to security by implementing a single point of failure that in turn has full control over the network topology. Goal of this seminar is to analyze both threats and opportunities of this technology regarding network security.
• Policy Checking of Network Topologies – English onlyNetwork policies are rules that define how a network needs to be set up. They contain for instance demands concerning the reachability of certain network devices or filter rules for firewalls. Tools like netplumber exist to help in the verification process whether a network topology complies with these policies. Goal of this seminar is to analyze how these tools work and which policies can or cannot be analyzed by these tools.
✘ Applications for Secure Multiparty Computation – English only
Distributed computation offers many opportunities for novel and advanced applications. However, significant privacy concerns arise when some of the computing parties cannot be trusted sufficiently. Secure multiparty computation (MPC) is an active research field that is attempting to solve the issue of several parties computing specific functions without disclosing their private input data. This seminar thesis should survey and asses applications for MPC.
✘ Machine Learning Privacy – English only
Machine Learning has a number of very useful applications and offers great benefits. Machine learning algorithms can be used for recommendation systems, data analysis, or security applications. However, while machine learning can provide useful predictions and analysis, there are also privacy concerns. The aim of this seminar is to identify privacy issues, and survey possible solutions.
✘ Secure Messaging: Signal & Co (recommended at master's level) – English only
Security in instant messaging predates the smartphone era, but has recently received a lot of attention from both the cryptographic community and from government agencies. In this seminar, we are going to consider both OTR and the Signal protocol. We will look at the different challenges that are new to instant messaging done via smartphones, and at how Signal tries to overcome them.
Marcus Gelderie (BMW Car IT)
✘ Cryptographic Message Syntax: Standardized Protocol for Encryption, Signatures, and Integrity Protection (recommended at bachelor's level) – English only
The Cryptographic Message Syntax (CMS) is a standardized format for crafting encrypted and signed messages. It is used in S/MIME, but is a much more flexible format that covers use-cases beyond S/MIME. We will look at the CMS standard, at the threat model underlying CMS, and at the overall organizational implications that are imposed by CMS on the user.
Marcus Gelderie (BMW Car IT)
Beschreibung und allgemeine Angaben, Modulbeschreibung
|Einordnung in die Studiengänge:||Informatik, B.Sc.: Seminar |
Medieninformatik, B.Sc.: Seminar
Software-Engineering, B.Sc.: Seminar
Informatik, Dipl.: Hauptseminar
Medieninformatik, Dipl.: Hauptseminar
(siehe auch unsere Hinweise zu Seminaren)
|Lehr- und Lernformen:||Ausgewählte Themen in Verteilten Systemen, 2S, 4LP|
|Verantwortlich:||Prof. Dr. Frank Kargl|
|Turnus / Dauer:||jedes Semester / ein volles Semester|
|Voraussetzungen (inhaltlich):||Grundlagen der Rechnernetze, Proseminar|
|Grundlage für (inhaltlich):||-|
|Lernergebnisse:||Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten.|
|Inhalt:||Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt.|
|Literatur:||Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben.|
|Bewertungsmethode:||Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit.|
|Arbeitsaufwand:||Präsenzzeit: 30 h |
Vor- und Nachbereitung: 90 h
Summe: 120 h