Titel:	Ausgewählte Themen in Verteilten Systemen
Englischer Titel:	Selected Topics in Distributed Systems
Typ:	Seminar, Modul
Kürzel / Nr. / Modulnr.:	ATVS / CS5900.113 / 72041
SWS / LP:	2S / 4LP
Dozent:	Prof. Dr. Frank Kargl, Prof. Dr.-Ing. Franz J. Hauck
Betreuungspersonen:	Benjamin Erb, Echo Meißner, Leonard Bradatsch, Alexander Heß, Mostafa Yehia, Juri Dispan, Artur Hermann, Externe
Termine:	Einführungsveranstaltung Begleitveranstaltungen für Seminare Vortragsblocktermin (ganztägig) Räume und Daten siehe Moodlekurs.
Lernplattform:	Kursmaterialien finden Sie im Moodle-Kurs. Sie werden dem Kurs automatisch zum Semesterstart hinzugefügt, sobald Sie eines unserer Seminare besuchen.
Themenvergabe:	Bitte Beachten: Die zentrale Themenvergabe erfolgt immer bereits gegen Ende des vorherigen Semesters über die zentrale Seminarthemen-Vergabe-Plattform im Moodle ("Anmeldung zur Verteilung der Seminare im kommenden Sommer-/ Wintersemester").
Sprache:	Themen können in deutscher oder englischer Sprache bearbeitet werden, je nach Betreuungsperson und Seminartyp.

Themen


Fault-Tolerance in Cloud Computing Environments – English only Cloud computing has emerged as a cost-effective solution for acquiring scalable computing resources. In order to ensure high availability and reliability, cloud providers rely on fault-tolerance mechanisms to cope with hardware failures, software errors, or interrupted network connections. The goal of this seminar is to examine different fault-tolerance mechanisms used by established cloud computing providers such as AWS or Microsoft Azure. Alexander Heß
Post-Quantum Cryptography – English only The security of most of today's asymmetric cryptographic schemes is based on the assumption that the discrete logarithmic problem is hard to compute. However, with the advent of quantum computing, the security of these schemes is at risk in the indeterminate future. The goal of this seminar is to discuss the implications of the ongoing progress in quantum computing, and explore cryptographic systems that will resist powerful quantum computers in the future. Alexander Heß
Data Consistency in Distributed Systems – English only Consistency models allow to reason about the state of a distributed system, where data is stored and processed across multiple nodes. A given consistency model defines rules for the order of arrival and appearance of updates, while the strictness of the rule set always provides a trade-off between consistency guarantees and implementation effort. The goal of this seminar is to examine different consistency models and discuss their applications in real-world systems. Alexander Heß
Request-level deterministic multithreading: How to solve the problem? – English only For state-machine replication, a fault-tolerance approach, a deterministic execution of client requests is mandatory. This can be easily achieved by sticking to strict sequential execution. As this is not very efficient under high load, some research was done how to achieve deterministic multithreading (DMT), i.e. allowing concurrent client requests to be processed in concurrent threads, but still achieving determinism. Request-level DMT is one category of approaches. The student is expected to look at some of the many approaches and also give own thoughts about how the problem could be solved. Franz J. Hauck
Egalitarian consensus protocols – English only Classic multi-consensus protocols are used to deliver client request in a deterministic order to replicas of a replicated state machine. Typically a leader acts as a sequencer and proposes the order of requests. However, the protocol is robust to tolerate a faulty leader and elect a new one without compromising the delivery order. Egalitarian multi-consensus protocols allow multiple leaders at the same time and do not provide a total order but a partial one so that independent requests could be executed in different order or even concurrently in replicas. The student is supposed to present one of the egalitarian algorithms with a focus on the dependency tracking and its correctness so that the partial order is achieved in every replica under all circumstances. Franz J. Hauck
Gamification vs. Privacy: Identifying and Analysing the Major Concerns – English only Education gamification refers to the use of game design elements and mechanics in educational contexts to enhance learning experiences and outcomes. It involves incorporating elements like points, levels, badges, challenges, and leaderboards into educational activities to make them more engaging, interactive, and motivating for students. It often involves digital platforms or applications that gather information about students' interactions, performance, and progress within the gamified environment. This data may include personal information, such as student names, ages, and learning preferences, as well as behavioural data related to their gameplay. The handling of such sensitive data raises concerns about privacy, data security, and potential misuse or unauthorized access. Initial reading list: www.mdpi.com/1999-5903/11/3/67 link.springer.com/chapter/10.1007/978-3-030-27813-7_8 www.intechopen.com/chapters/71045 www.intechopen.com/chapters/76455 dl.acm.org/doi/10.1145/3503823.3503857 Mostafa Yehia
Privacy Preservation in eLearning: Exploration and Analysis – English only eLearning, short for electronic learning, refers to the process of using technologies to deliver educational content and facilitate learning outside of traditional classroom settings. It encompasses a wide range of activities and resources, including online courses, virtual classrooms, educational websites, multimedia presentations, and interactive simulations. Privacy concerns in eLearning stems from the extensive collection and storage of learner data, and extends to the sharing of this data with third parties, risks to anonymity and identification, limited consent and control over data usage, potential profiling and targeting practices, and the need for legal and regulatory compliance. Initial reading list: ieeexplore.ieee.org/document/10031904 ieeexplore.ieee.org/document/5359353 link.springer.com/chapter/10.1007/978-0-387-73655-6_15 doi.org/10.55630/STEM.2023.0512 Mostafa Yehia
Privacy-Preserving Learning Analytics: Challenges and Techniques – English only Learning analytics (LA) refers to the process of collecting, analysing, and interpreting data from educational activities. It involves using this data to understand and optimize learning and the environments in which it occurs. Privacy-preserving learning analytics (PPLA) is a field aimed at balancing the benefits of LA with the protection of individuals' privacy in educational settings. Initial reading list: ieeexplore.ieee.org/document/7563858 bera-journals.onlinelibrary.wiley.com/doi/10.1111/bjet.13234 link.springer.com/chapter/10.1007/978-981-16-0882-7_53 dl.acm.org/doi/10.1145/2567574.2567613 dl.acm.org/doi/10.1145/3027385.3027414 Mostafa Yehia
Smartphone Theft Protection – English only Goal of this work is to detail modern smartphone theft protection mechanisms. These should be compared. Can attacker bypass these protections? Leonard Bradatsch
Google Dorking – English only Goal of this work is to give an overview of useful Google dorks. Additionally, up-to-date examples of actually working Google dorks should be given (picked from GHDB). During the presentation, a live demonstration should be given. Leonard Bradatsch
Network Security Breaches – English only The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained. Leonard Bradatsch
Vehicle Platooning – English only Vehicle Platooning is one of the most promising applications that can be realized with Vehicular ad hoc networks (VANETs). It is a method for driving in a group of vehicles with a small distance between the them. This offers many benefits such as increasing road capacity and reducing fuel consumption. Despite the benefits, Vehicle Platooning also has limitations and challenges. In this seminar, you will analyze vehicle platooning by describing its limitations and challenges. Furthermore, approaches to overcome these limitations and challenges are explained. Artur Hermann
Misbehavior Detection in VANETs – English only Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other and with infrastructure. In this way, vehicles can send messages, e.g., that there is a traffic jam ahead, which increases safety and efficiency. For the correct and safe operation of applications, it is important that the information sent by other vehicles is trustworthy or can be verified. In this seminar you will describe several approaches to detect misbehavior of vehicles in VANETs. Artur Hermann
Security mechanisms in in-vehicle networks – English only Modern vehicles contain many ECUs that are responsible for various functions of the vehicle. These ECUs are interconnected through in-vehicle networks, such as CAN-bus. Important components of the vehicle, such as brakes or airbags, are controlled via the ECUs. Therefore, ensuring the integrity of in-vehicle communication and ECUs is crucial for safety. In this seminar, you will provide an overview of threat in in-vehicle networks and ECUs. In addition, protection mechanisms for these threats will be described. Artur Hermann
Current Trends in Automatic Log Parsing – English only Logs contain rich information about the internal state of applications and are thus regularly used for anomaly detection. However, logs need to be brought into a structured format before they can be processed. While this can be done by manually writing Regexes, automatic approaches for this task are preferable. With the advent of Large Language Models like ChatGPT, research in the field of automatic log parsing has shifted towards combining artificial intelligence with classical algorithms and produced promising results. This topic's aim is to give an overview on the latest developments in automatic log parsing and to compare AI-assisted algorithms to their classical, established counterparts. Juri Dispan
WebAssembly – English only Web Assembly (WASM) is an emerging technology in web development that provides high-performance execution of code in web browsers. WASM allows developers to compile code from many languages, such as C/C++ and Rust, into a portable binary code format that can run efficiently alongside JavaScript in web browsers. In this seminar, you will explore the fundamental concepts behind WASM, including its design principles, execution model, and integration with existing Web technologies. In addition, this topic should explore the practical applications of WASM in various domains, such as gaming, multimedia, and computational tasks traditionally reserved for native applications. Finally, this seminar should analyze the ecosystem surrounding WASM, including the tools, libraries, and frameworks available to developers for building and optimizing WASM modules. Echo Meißner
Algorithms and Data Structures for Streaming Data – English only In modern distributed systems, the management of streaming data has gained widespread prominence, especially in the context of delivering near-realtime capabilities. This seminar delves into the intricate realm of algorithms and data structures that are necessary for the efficient and scalable handling and processing of such data streams. Benjamin Erb
Fooling GPT: Prompt-based adversarial attacks against and defenses for large language models – English only Becoming the core of the business logic of applications, large language models (LLMs) like GPT also start to attract the attention of malicious actors. Even without access to the model's internals, prompt-based adversarial attacks also called prompt injection attacks pose a threat to the reliability of such systems. This seminar topic shall collect examples for prompt injection attacks, investigate how these attacks succeed to fool a LLM and describe a selection of options to defend against these attacks. Stephan Kleber (Mercedes-Benz Tech Innovation)
Sorted by Topics Automotive Computing and Automotive Security Security mechanisms in in-vehicle networks Vehicle Platooning Misbehavior Detection in VANETs Privacy Gamification vs. Privacy: Identifying and Analysing the Major Concerns (English only) Privacy Preservation in eLearning: Exploration and Analysis (English only) Privacy-Preserving Learning Analytics: Challenges and Techniques (English only) IT-Security Network Security Breaches Smartphone Theft Protection Google Dorking Distributed Systems, AI and Beyond Fooling GPT: Prompt-based adversarial attacks against and defenses for large language models Current Trends in Automatic Log Parsing Post-Quantum Cryptography WebAssembly Algorithms and Data Structures for Streaming Data Fault-Tolerance and Consensus Fault-Tolerance in Cloud Computing Environments Data Consistency in Distributed Systems Request-level deterministic multithreading: How to solve the problem? Egalitarian consensus protocols

Fault-Tolerance in Cloud Computing Environments – English only

Cloud computing has emerged as a cost-effective solution for acquiring scalable computing resources.
In order to ensure high availability and reliability, cloud providers rely on fault-tolerance mechanisms to cope with hardware failures, software errors, or interrupted network connections.
The goal of this seminar is to examine different fault-tolerance mechanisms used by established cloud computing providers such as AWS or Microsoft Azure.

Alexander Heß

Post-Quantum Cryptography – English only

The security of most of today's asymmetric cryptographic schemes is based on the assumption that the discrete logarithmic problem is hard to compute.
However, with the advent of quantum computing, the security of these schemes is at risk in the indeterminate future.
The goal of this seminar is to discuss the implications of the ongoing progress in quantum computing, and explore cryptographic systems that will resist powerful quantum computers in the future.

Alexander Heß

Data Consistency in Distributed Systems – English only

Consistency models allow to reason about the state of a distributed system, where data is stored and processed across multiple nodes.
A given consistency model defines rules for the order of arrival and appearance of updates, while the strictness of the rule set always provides a trade-off between consistency guarantees and implementation effort.
The goal of this seminar is to examine different consistency models and discuss their applications in real-world systems.

Alexander Heß

Request-level deterministic multithreading: How to solve the problem? – English only

For state-machine replication, a fault-tolerance approach, a deterministic execution of client requests is mandatory. This can be easily achieved by sticking to strict sequential execution. As this is not very efficient under high load, some research was done how to achieve deterministic multithreading (DMT), i.e. allowing concurrent client requests to be processed in concurrent threads, but still achieving determinism. Request-level DMT is one category of approaches. The student is expected to look at some of the many approaches and also give own thoughts about how the problem could be solved.

Franz J. Hauck

Egalitarian consensus protocols – English only

Classic multi-consensus protocols are used to deliver client request in a deterministic order to replicas of a replicated state machine. Typically a leader acts as a sequencer and proposes the order of requests. However, the protocol is robust to tolerate a faulty leader and elect a new one without compromising the delivery order. Egalitarian multi-consensus protocols allow multiple leaders at the same time and do not provide a total order but a partial one so that independent requests could be executed in different order or even concurrently in replicas. The student is supposed to present one of the egalitarian algorithms with a focus on the dependency tracking and its correctness so that the partial order is achieved in every replica under all circumstances.

Franz J. Hauck

Gamification vs. Privacy: Identifying and Analysing the Major Concerns – English only

Education gamification refers to the use of game design elements and mechanics in educational contexts to enhance learning experiences and outcomes. It involves incorporating elements like points, levels, badges, challenges, and leaderboards into educational activities to make them more engaging, interactive, and motivating for students. It often involves digital platforms or applications that gather information about students' interactions, performance, and progress within the gamified environment. This data may include personal information, such as student names, ages, and learning preferences, as well as behavioural data related to their gameplay. The handling of such sensitive data raises concerns about privacy, data security, and potential misuse or unauthorized access.
Initial reading list:

Mostafa Yehia

Privacy Preservation in eLearning: Exploration and Analysis – English only

eLearning, short for electronic learning, refers to the process of using technologies to deliver educational content and facilitate learning outside of traditional classroom settings. It encompasses a wide range of activities and resources, including online courses, virtual classrooms, educational websites, multimedia presentations, and interactive simulations. Privacy concerns in eLearning stems from the extensive collection and storage of learner data, and extends to the sharing of this data with third parties, risks to anonymity and identification, limited consent and control over data usage, potential profiling and targeting practices, and the need for legal and regulatory compliance.
Initial reading list:

Mostafa Yehia

Privacy-Preserving Learning Analytics: Challenges and Techniques – English only

Learning analytics (LA) refers to the process of collecting, analysing, and interpreting data from educational activities. It involves using this data to understand and optimize learning and the environments in which it occurs. Privacy-preserving learning analytics (PPLA) is a field aimed at balancing the benefits of LA with the protection of individuals' privacy in educational settings.
Initial reading list:

Mostafa Yehia

Smartphone Theft Protection – English only

Goal of this work is to detail modern smartphone theft protection mechanisms. These should be compared. Can attacker bypass these protections?

Leonard Bradatsch

Google Dorking – English only

Goal of this work is to give an overview of useful Google dorks. Additionally, up-to-date examples of actually working Google dorks should be given (picked from GHDB). During the presentation, a live demonstration should be given.

Leonard Bradatsch

Network Security Breaches – English only

The goal of this seminar is the outlining of popular network security breaches (1-3 examples). Subsequently, state-of-the-art protection or detection approaches against these presented breaches should be explained.

Leonard Bradatsch

Vehicle Platooning – English only

Vehicle Platooning is one of the most promising applications that can be realized with Vehicular ad hoc networks (VANETs). It is a method for driving in a group of vehicles with a small distance between the them. This offers many benefits such as increasing road capacity and reducing fuel consumption. Despite the benefits, Vehicle Platooning also has limitations and challenges. In this seminar, you will analyze vehicle platooning by describing its limitations and challenges. Furthermore, approaches to overcome these limitations and challenges are explained.

Artur Hermann

Misbehavior Detection in VANETs – English only

Vehicular ad hoc networks (VANETs) enable vehicles to communicate with each other and with infrastructure. In this way, vehicles can send messages, e.g., that there is a traffic jam ahead, which increases safety and efficiency. For the correct and safe operation of applications, it is important that the information sent by other vehicles is trustworthy or can be verified. In this seminar you will describe several approaches to detect misbehavior of vehicles in VANETs.

Artur Hermann

Security mechanisms in in-vehicle networks – English only

Modern vehicles contain many ECUs that are responsible for various functions of the vehicle. These ECUs are interconnected through in-vehicle networks, such as CAN-bus. Important components of the vehicle, such as brakes or airbags, are controlled via the ECUs. Therefore, ensuring the integrity of in-vehicle communication and ECUs is crucial for safety. In this seminar, you will provide an overview of threat in in-vehicle networks and ECUs. In addition, protection mechanisms for these threats will be described.

Artur Hermann

Current Trends in Automatic Log Parsing – English only

Logs contain rich information about the internal state of applications and are thus regularly used for anomaly detection.
However, logs need to be brought into a structured format before they can be processed.
While this can be done by manually writing Regexes, automatic approaches for this task are preferable.
With the advent of Large Language Models like ChatGPT, research in the field of automatic log parsing has shifted towards combining artificial intelligence with classical algorithms and produced promising results.
This topic's aim is to give an overview on the latest developments in automatic log parsing and to compare AI-assisted algorithms to their classical, established counterparts.

Juri Dispan

WebAssembly – English only

Web Assembly (WASM) is an emerging technology in web development that provides high-performance execution of code in web browsers. WASM allows developers to compile code from many languages, such as C/C++ and Rust, into a portable binary code format that can run efficiently alongside JavaScript in web browsers. In this seminar, you will explore the fundamental concepts behind WASM, including its design principles, execution model, and integration with existing Web technologies. In addition, this topic should explore the practical applications of WASM in various domains, such as gaming, multimedia, and computational tasks traditionally reserved for native applications. Finally, this seminar should analyze the ecosystem surrounding WASM, including the tools, libraries, and frameworks available to developers for building and optimizing WASM modules.

Echo Meißner

Algorithms and Data Structures for Streaming Data – English only

In modern distributed systems, the management of streaming data has gained widespread prominence, especially in the context of delivering near-realtime capabilities. This seminar delves into the intricate realm of algorithms and data structures that are necessary for the efficient and scalable handling and processing of such data streams.

Benjamin Erb

Fooling GPT: Prompt-based adversarial attacks against and defenses for large language models – English only

Becoming the core of the business logic of applications, large language models (LLMs) like GPT also start to attract the attention of malicious actors. Even without access to the model's internals, prompt-based adversarial attacks also called prompt injection attacks pose a threat to the reliability of such systems. This seminar topic shall collect examples for prompt injection attacks, investigate how these attacks succeed to fool a LLM and describe a selection of options to defend against these attacks.

Stephan Kleber (Mercedes-Benz Tech Innovation)

Sorted by Topics

Automotive Computing and Automotive Security
- Security mechanisms in in-vehicle networks
- Vehicle Platooning
- Misbehavior Detection in VANETs
Privacy
- Gamification vs. Privacy: Identifying and Analysing the Major Concerns (English only)
- Privacy Preservation in eLearning: Exploration and Analysis (English only)
- Privacy-Preserving Learning Analytics: Challenges and Techniques (English only)
IT-Security
- Network Security Breaches
- Smartphone Theft Protection
- Google Dorking
Distributed Systems, AI and Beyond
- Fooling GPT: Prompt-based adversarial attacks against and defenses for large language models
- Current Trends in Automatic Log Parsing
- Post-Quantum Cryptography
- WebAssembly
- Algorithms and Data Structures for Streaming Data
Fault-Tolerance and Consensus
- Fault-Tolerance in Cloud Computing Environments
- Data Consistency in Distributed Systems
- Request-level deterministic multithreading: How to solve the problem?
- Egalitarian consensus protocols

Beschreibung und allgemeine Angaben, Modulbeschreibung
Einordnung in die Studiengänge: Informatik, B.Sc.: Seminar Medieninformatik, B.Sc.: Seminar Software-Engineering, B.Sc.: Seminar (siehe auch unsere Hinweise zu Seminaren)
Lehr- und Lernformen: Ausgewählte Themen in Verteilten Systemen, 2S, 4LP
Modulkoordinator: Prof. Dr. Frank Kargl
Unterrichtssprache: Deutsch
Turnus / Dauer: jedes Semester / ein volles Semester
Voraussetzungen (inhaltlich): Grundlagen der Rechnernetze, Proseminar
Voraussetzungen (formal): -
Grundlage für (inhaltlich): -
Lernziel: Studierende vertiefen exemplarisch an einem Teilgebiet der Informatik ihre Kenntnisse im selbstständigen Arbeiten mit wissenschaftlicher Literatur sowie im mündlichen und schriftlichen Präsentieren von fachwissenschaftlichen Inhalten. In Diskussionen wird die Fähigkeit zur kritischen Reflektion geübt. Im fachlichen Teil des Seminars stehen aktuelle Themen der Verteilten Systeme im Fokus. Abhängig vom Thema lernen Studierende ein konkretes System oder ein Konzept Verteilter Systeme kennen. Sie können diese Systeme in einen größeren Kontext einordnen und deren Vor- und Nachteile selbständig ableiten.
Inhalt: Zu Beginn des Seminars werden Themen des wissenschaftlichen Arbeitens (z.B. Literaturrecherche, Schreiben einer Publikation, Präsentationstechniken) eingeführt, um den Studenten eine methodische Hilfestellung zu geben. Die Erstellung der eigentlichen Ausarbeitung und Präsentation erfolgt in individueller Betreuung. Die Ergebnisse werden in einer Abschlusspräsentation vorgestellt.
Literatur: Wird je nach Thema zu Beginn der Veranstaltung bekannt gegeben
Bewertungsmethode: FSPO < 2017: Leistungsnachweis über erfolgreiche Teilnahme. Diese umfasst Anwesenheit und enthält Ausarbeitung, Vortrag und Mitarbeit. FSPO ≥ 2017: Die Vergabe der Leistungspunkte für das Modul erfolgt aufgrund der regelmäßigen Teilnahme, der vollständigen Bearbeitung eines übernommenen Themas (Vortrag und schriftliche Ausarbeitung) sowie der Beteiligung an der Diskussion. Die genauen Modalitäten werden zu Beginn der Veranstaltung bekannt gegeben. Die Anmeldung zur Prüfung setzt keinen Leistungsnachweis voraus.
Notenbildung: FSPO < 2017: unbenotet FSPO ≥ 2017: Die Modulnote entspricht dem Ergebnis der Modulprüfung. Die Note der Modulprüfung ergibt sich aus den Noten der Ausarbeitung (40%), der Präsentation (40%) und der Arbeitsweise (20%). Im Transcript of Records wird die errechnete Note für die Modulprüfung als eine Prüfungsleistung eingetragen und ausgewiesen.
Arbeitsaufwand: Präsenzzeit: 30 h Vor- und Nachbereitung: 90 h Summe: 120 h

Sommersemester 2024

Themen

Sorted by Topics

Beschreibung und allgemeine Angaben, Modulbeschreibung