Refine
Year of publication
Document Type
- Master's Thesis (34)
- Report (17)
- Bachelor Thesis (3)
- Conference Proceeding (2)
- Working Paper (2)
- Article (1)
Has Fulltext
- yes (59) (remove)
Keywords
Institute
- Fakultät Informatik (59) (remove)
This thesis emphasizes problems that reports generated by vulnerability scanners impose on the process of vulnerability management, which are a. an overwhelming amount of data and b. an insufficient prioritization of the scan results.
To assist the process of developing means to counteract those problems and to allow for quantitative evaluation of their solutions, two metrics are proposed for their effectiveness and efficiency. These metrics imply a focus on higher severity vulnerabilities and can be applied to any simplification process of vulnerability scan results, given it relies on a severity score and time of remediation estimation for each vulnerability.
A priority score is introduced which aims to improve the widely used Common Vulnerability Scoring System (CVSS) base score of each vulnerability dependent on a vulnerability’s ease of exploit, estimated probability of exploitation and probability of its existence.
Patterns within the reports generated by the Open Vulnerability Assessment System (OpenVAS) vulnerability scanner between vulnerabilities are discovered which identify criteria by which they can be categorized from a remediation actor standpoint. These categories lay the groundwork of a final simplified report and consist of updates that need to be installed on a host, severe vulnerabilities, vulnerabilities that occur on multiple hosts and vulnerabilities that will take a lot of time for remediation. The highest potential time savings are found to exist within frequently occurring vulnerabilities, minor- and major suggested updates.
Processing of the results provided by the vulnerability scanner and creation of the report is realized in the form of a python script. The resulting reports are short, straight to the point and provide a top down remediation process which should theoretically allow to minimize the institutions attack surface as fast as possible. Evaluation of the practicality must follow as the reports are yet to be introduced into the Information Security Management Lifecycle.
Die digitale Transformation von Geschäftsprozessen und die stärkere Einbindung von IT-Systemen erzeugen bei kleinen und mittelständischen Unternehmen (KMU) Chancen und Risiken zugleich. Risiken, die insbesondere in einer fehlenden IT-Compliance resultieren können. Wie Studien zeigen, sind KMU in Bezug auf IT-Compliance-Maßnahmen im Vergleich zu kapitalmarktorientierten Unternehmen jedoch im Rückstand [1]. Im Beitrag wird mithilfe von Experteninterviews und einer qualitativen Datenanalyse der Frage nachgegangen, welcher Status quo an Maßnahmen aktuell implementiert und wie der empfundene Compliance-Reifegrad ist. Weiterhin werden die Gründe und Motive erörtert, die zu diesem Zustand geführt haben. Letztlich sind Treiber identifiziert worden, die zu einem höheren Bewusstsein in der Zukunft führen können. Die Arbeit zeigt interessante Erkenntnisse aus der Praxis, da die Experteninterviews Einblicke in den aktuellen Status quo in Bezug auf IT-Compliance liefern.
Der Gegenstand dieser Bachelorarbeit ist die automatisierte Extraktion von Polygonzügen anhand eines Grundrissbildes. Diese Polygonzüge sollen die Räumlichkeiten wiedergeben. In dieser Bachelorarbeit wurde daher ein Algorithmus für die Grundrissbildverarbeitung mittels Python entwickelt und implementiert. Zuerst wird ein Grundrissbild bereinigt, d. h. es werden unerwünschte Bildstrukturen verwaschen. Mithilfe des Canny-Kantendetektors werden anschließend die Kanten detektiert. Danach werden die Ecken im Grundrissbild via Harris-Eckendetektor lokalisiert. Um die Ecken sinnvoll zu verbinden, wird eine abgewandelte Form des Dijkstra Algorithmus herangezogen. Die daraus gewonnen Daten dienen zur Erstellung der Polygonzüge, welche für die Simulation von pFlow benötigt werden. Der entwickelte Algorithmus eignet sich insbesondere für klare und simple Grundrissbilder.
Interpretability and uncertainty modeling are important key factors for medical applications. Moreover, data in medicine are often available as a combination of unstructured data like images and structured predictors like patient’s metadata. While deep learning models are state-of-the-art for image classification, the models are often referred to as ’black-box’, caused by the lack of interpretability. Moreover, DL models are often yielding point predictions and are too confident about the parameter estimation and outcome predictions.
On the other side with statistical regression models, it is possible to obtain interpretable predictor effects and capture parameter and model uncertainty based on the Bayesian approach. In this thesis, a publicly available melanoma dataset, consisting of skin lesions and patient’s age, is used to predict the melanoma types by using a semi-structured model, while interpretable components and model uncertainty is quantified. For Bayesian models, transformation model-based variational inference (TM-VI) method is used to determine the posterior distribution of the parameter. Several model constellations consisting of patient’s age and/or skin lesion were implemented and evaluated. Predictive performance was shown to be best by using a combined model of image and patient’s age, while providing the interpretable posterior distribution of the regression coefficient is possible. In addition, integrating uncertainty in image and tabular parts results in larger variability of the outputs corresponding to high uncertainty of the single model components.
In my research sabbatical I was working on three different topics, namely orthogonal polynomials in geometric modeling, re-parametrized univariate subdivision curves, and reconstruction of 3d-fish-models and other zoological artifacts. In the subsequent Sections, I will describe my particular activity in these different fields. The sections are meant to present an overview of my research activities, leaving out the technical details.
Section 1 is on orthogonal polynomials and other related generating systems for functions systems of smooth function.
In Section 2, I will discuss the application of various re-parametrization schemes for interpolatory subdivision algorithms for the generation of space curves.
The next Section 3 is concerned with my research at the University of Queensland, Brisbane, in collaboration with Dr. Ulrike Siebeck from the School of Biomedical Sciences on fish behavior and reconstruction of 3d-fish models in particular.
In the last Section 4, I will describe what effects this research will have on in my subsequent teaching at the University of Applied Science Konstanz (HTWG).
Fatigue and drowsiness are responsible for a significant percentage of road traffic accidents. There are several approaches to monitor the driver’s drowsiness, ranging from the driver’s steering behavior to analysis of the driver, e.g. eye tracking, blinking, yawning or electrocardiogram (ECG). This paper describes the development of a low-cost ECG sensor to derive heart rate variability (HRV) data for the drowsiness detection. The work includes the hardware and the software design. The hardware has been implemented on a printed circuit board (PCB) designed so that the board can be used as an extension shield for an Arduino. The PCB contains a double, inverted ECG channel including low-pass filtering and provides two analog outputs to the Arduino, that combined them and performs the analog-to-digital conversion. The digital ECG signal is transferred to an NVidia embedded PC where the processing takes place, including QRS-complex, heart rate and HRV detection as well as visualization features. The compact resulting sensor provides good results in the extraction of the main ECG parameters. The sensor is being used in a larger frame, where facial-recognition-based drowsiness detection is combined with ECG-based detection to improve the recognition rate under unfavorable light or occlusion conditions.