subject:(Ing nierie informatique technologie Sciences informatiques C05 )

1. Arora, Chetan. AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/28922

► Natural Language (NL) is arguably the most common vehicle for specifying requirements. This dissertation devises automated assistance for some important tasks that requirements engineers need… (more)

▼ Natural Language (NL) is arguably the most common vehicle for specifying requirements. This dissertation devises automated assistance for some important tasks that requirements engineers need to perform in order to structure, manage, and elaborate NL requirements in a sound and effective manner. The key enabling technology underlying the work in this dissertation is Natural Language Processing (NLP). All the solutions presented herein have been developed and empirically evaluated in close collaboration with industrial partners. The dissertation addresses four different facets of requirements analysis: • Checking conformance to templates. Requirements templates are an effective tool for improving the structure and quality of NL requirements statements. When templates are used for specifying the requirements, an important quality assurance task is to ensure that the requirements conform to the intended templates. We develop an automated solution for checking the conformance of requirements to templates. • Extraction of glossary terms. Requirements glossaries (dictionaries) improve the understandability of requirements, and mitigate vagueness and ambiguity. We develop an auto- mated solution for supporting requirements analysts in the selection of glossary terms and their related terms. • Extraction of domain models. By providing a precise representation of the main concepts in a software project and the relationships between these concepts, a domain model serves as an important artifact for systematic requirements elaboration. We propose an automated approach for domain model extraction from requirements. The extraction rules in our approach encompass both the rules already described in the literature as well as a number of important extensions developed in this dissertation. • Identifying the impact of requirements changes. Uncontrolled change in requirements presents a major risk to the success of software projects. We address two different dimen- sions of requirements change analysis in this dissertation: First, we develop an automated approach for predicting how a change to one requirement impacts other requirements. Next, we consider the propagation of change from requirements to design. To this end, we develop an automated approach for predicting how the design of a system is impacted by changes made to the requirements. Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Briand, Lionel [superviser], Sabetzadeh, Mehrdad [superviser], Le Traon, Yves [president of the jury], Gorschek, Tony [member of the jury], Sawyer, Pete [member of the jury], Nejati, Shiva [member of the jury].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

14 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Arora, C. (2016). AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28922

Chicago Manual of Style (16^th Edition):

Arora, Chetan. “AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/28922.

MLA Handbook (7^th Edition):

Arora, Chetan. “AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.” 2016. Web. 18 Oct 2019.

Vancouver:

Arora C. AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/28922.

Council of Science Editors:

Arora C. AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28922

Université du Luxembourg

2. Di Nardo, Daniel. Model-Based Test Automation Strategies for Data Processing Systems.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/26911

► Data processing software is an essential component of systems that aggregate and analyse real-world data, thereby enabling automated interaction between such systems and the real… (more)

▼ Data processing software is an essential component of systems that aggregate and analyse real-world data, thereby enabling automated interaction between such systems and the real world. In data processing systems, inputs are often big and complex files that have a well-defined structure, and that often have dependencies between several of their fields. Testing of data processing systems is complex. Software engineers, in charge of testing these systems, have to handcraft complex data files of nontrivial size, while ensuring compliance with the multiple constraints to prevent the generation of trivially invalid inputs. In addition, assessing test results often means analysing complex output and log data. Complex inputs pose a challenge for the adoption of automated test data generation techniques; the adopted techniques should be able to deal with the generation of a nontrivial number of data items having complex nested structures while preserving the constraints between data fields. An additional challenge regards the automated validation of execution results. To address the challenges of testing data processing systems, this dissertation presents a set of approaches based on data modelling and data mutation to automate testing. We propose a modelling methodology that captures the input and output data and the dependencies between them by using Unified Modeling Language (UML) class diagrams and constraints expressed in the Object Constraint Language (OCL). The UML class diagram captures the structure of the data, while the OCL constraints formally describe the interactions and associations between the data fields within the different subcomponents. The work of this dissertation was motived by the testing needs of an industrial satellite Data Acquisition (DAQ) system; this system is the subject of the empirical studies used within this dissertation to demonstrate the application and suitability of the approaches that we propose. We present four model-driven approaches that address the challenges of automatically testing data processing systems. These approaches are supported by the data models generated according to our modelling methodology. The results of an empirical evaluation show that the application of the modelling methodology is scalable as the size of the model and constraints was manageable for the subject system. The first approach is a technique for the automated validation of test inputs and oracles; an empirical evaluation shows that the approach is scalable as the input and oracle validation process executed within reasonable times on real input files. The second approach is a model-based technique that automatically generates faulty test inputs for the purpose of robustness testing, by relying upon generic mutation operators that alter data collected in the field; an empirical evaluation shows that our automated approach achieves slightly better instruction coverage than the manual testing taking place in practice. The third approach is an evolutionary algorithm to automate the… Advisors/Committee Members: Briand, Lionel [superviser].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Di Nardo, D. (2016). Model-Based Test Automation Strategies for Data Processing Systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/26911

Chicago Manual of Style (16^th Edition):

Di Nardo, Daniel. “Model-Based Test Automation Strategies for Data Processing Systems.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/26911.

MLA Handbook (7^th Edition):

Di Nardo, Daniel. “Model-Based Test Automation Strategies for Data Processing Systems.” 2016. Web. 18 Oct 2019.

Vancouver:

Di Nardo D. Model-Based Test Automation Strategies for Data Processing Systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/26911.

Council of Science Editors:

Di Nardo D. Model-Based Test Automation Strategies for Data Processing Systems. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/26911

Université du Luxembourg

3. Li, Li. Boosting Static Security Analysis of Android Apps through Code Instrumentation.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/29387

► Within a few years, Android has been established as a leading platform in the mobile market with over one billion monthly active Android users. To… (more)

▼ Within a few years, Android has been established as a leading platform in the mobile market with over one billion monthly active Android users. To serve these users, the official market, Google Play, hosts around 2 million apps which have penetrated into a variety of user activities and have played an essential role in their daily life. However, this penetration has also opened doors for malicious apps, presenting big threats that can lead to severe damages. To alleviate the security threats posed by Android apps, the literature has proposed a large body of works which propose static and dynamic approaches for identifying and managing security issues in the mobile ecosystem. Static analysis in particular, which does not require to actually execute code of Android apps, has been used extensively for market-scale analysis. In order to have a better understanding on how static analysis is applied, we conduct a systematic literature review (SLR) of related researches for Android. We studied influential research papers published in the last five years (from 2011 to 2015). Our in-depth examination on those papers reveals, among other findings, that static analysis is largely performed to uncover security and privacy issues. The SLR also highlights that no single work has been proposed to tackle all the challenges for static analysis of Android apps. Existing approaches indeed fail to yield sound results in various analysis cases, given the different specificities of Android programming. Our objective is thus to reduce the analysis complexity of Android apps in a way that existing approaches can also succeed on their failed cases. To this end, we propose to instrument the app code for transforming a given hard problem to an easily-resolvable one (e.g., reducing an inter-app analysis problem to an intra-app analysis problem). As a result, our code instrumentation boosts existing static analyzers in a non-invasive manner (i.e., no need to modify those analyzers). In this dissertation, we apply code instrumentation to solve three well-known challenges of static analysis of Android apps, allowing existing static security analyses to 1) be inter-component communication (ICC) aware; 2) be reflection aware; and 3) cut out common libraries. ICC is a challenge for static analysis. Indeed, the ICC mechanism is driven at the framework level rather than the app level, leaving it invisible to app-targeted static analyzers. As a consequence, static analyzers can only build an incomplete control-flow graph (CFG) which prevents a sound analysis. To support ICC-aware analysis, we devise an approach called IccTA, which instruments app code by adding glue code that directly connects components using traditional Java class access mechanism (e.g., explicit new instantiation of target components). Reflection is a challenge for static analysis as well because it also confuses the analysis context. To support reflection-aware analysis, we provide DroidRA, a tool-based approach, which instruments Android apps to explicitly replace reflective calls… Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [superviser], Briand, Lionel [president of the jury], Bissyande, Tegawendé François D Assise [president of the jury], Zhang, Xiangyu [member of the jury], Backes, Michael [member of the jury].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Li, L. (2016). Boosting Static Security Analysis of Android Apps through Code Instrumentation. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29387

Chicago Manual of Style (16^th Edition):

Li, Li. “Boosting Static Security Analysis of Android Apps through Code Instrumentation.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/29387.

MLA Handbook (7^th Edition):

Li, Li. “Boosting Static Security Analysis of Android Apps through Code Instrumentation.” 2016. Web. 18 Oct 2019.

Vancouver:

Li L. Boosting Static Security Analysis of Android Apps through Code Instrumentation. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/29387.

Council of Science Editors:

Li L. Boosting Static Security Analysis of Android Apps through Code Instrumentation. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29387

Université du Luxembourg

4. Huynen, Jean-Louis. Socio-Technical Aspects of Security Analysis.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/29006

► This thesis seeks to establish a semi-automatic methodology for security analysis when users are considered part of the system. The thesis explores this challenge, which… (more)

▼ This thesis seeks to establish a semi-automatic methodology for security analysis when users are considered part of the system. The thesis explores this challenge, which we refer to as ‘socio-technical security analysis’. We consider that a socio-technical vulnerability is the conjunction of a human behaviour, the factors that foster the occurrence of this behaviour, and a system. Therefore, the aim of the thesis is to investigate which human-related factors should be considered in system security, and how to incorporate these identified factors into an analysis framework. Finding a way to systematically detect, in a system, the socio-technical vulnerabilities that can stem from insecure human behaviours, along with the factors that influence users into engaging in these behaviours is a long journey that we can summarise in three research questions: 1. How can we detect a socio-technical vulnerability in a system? 2. How can we identify in the interactions between a system and its users, the human behaviours that can harm this system’s security? 3. How can we identify the factors that foster human behaviours that are harmful to a system’s security? A review of works that aim at bringing social sciences findings into security analysis reveals that there is no unified way to do it. Identifying the points where users can harm a system’s security, and clarifying what factors can foster an insecure behaviour is a complex matter. Hypotheses can arise about the usability of the system, aspects pertaining to the user or the organisational context but there is no way to find and test them all. Further, there is currently no way to systematically integrate the results regarding hypotheses we tested in a security analysis. Thus, we identify two objectives related to these methodological challenges that this thesis aims at fulfilling in its contributions: 1. What form should a framework that intends to identify harmful behaviours for security, and to investigate the factors that foster their occurrence take? 2. What form should a semi-automatic, or tool-assisted methodology for the security analysis of socio-technical systems take? The thesis provides partial answers to the questions. First it defines a methodological framework called STEAL that provides a common ground for an interdisciplinary approach to security analysis. STEAL supports the interaction between computer scientists and social scientists by providing a common reference model to describe a system with its human and non-human components, potential attacks and defences, and the surrounding context. We validate STEAL in a two experimental studies, showing the role of the context and graphical cues in Wi-Fi networks’ security. Then the thesis complements STEAL with a Root Cause Analysis (RCA) methodology for security inspired from the ones used in safety. This methodology, called S·CREAM aims at being more systematic than the research methods that can be used with STEAL (surveys for instance) and at providing reusable findings for analysing security. To do so,… Advisors/Committee Members: Ryan, Peter [superviser], Lenzini, Gabriele [superviser], Koenig, Vincent [superviser].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Huynen, J. (2016). Socio-Technical Aspects of Security Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29006

Chicago Manual of Style (16^th Edition):

Huynen, Jean-Louis. “Socio-Technical Aspects of Security Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/29006.

MLA Handbook (7^th Edition):

Huynen, Jean-Louis. “Socio-Technical Aspects of Security Analysis.” 2016. Web. 18 Oct 2019.

Vancouver:

Huynen J. Socio-Technical Aspects of Security Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/29006.

Council of Science Editors:

Huynen J. Socio-Technical Aspects of Security Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29006

Université du Luxembourg

5. Ben Fadhel, Ameni. Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/32665

► Prohibiting unauthorized access to critical resources and data has become a major requirement for enterprises. Access control (AC) mechanisms manage requests from users to access… (more)

▼ Prohibiting unauthorized access to critical resources and data has become a major requirement for enterprises. Access control (AC) mechanisms manage requests from users to access system resources; the access is granted or denied based on the authorization policies defined within the enterprise. One of the most used AC paradigms is role-based access control (RBAC), in which access rights are determined based on the user’s role. In this dissertation, we focus on the problems of modeling, specifying and enforcing complex RBAC policies, by making the following contributions: 1. the GemRBAC+CTX conceptual model, a UML extension of the RBAC model that includes all the entities required to express the various types of RBAC policies found in the literature, with a specific emphasis on contextual policies. For each type of policy, we provided the corresponding formalization using the Object Constraint Language (OCL) to operationalize the access decision for a user’s request using model-driven technologies. 2. the GemRBAC-DSL language, a domain-specific language for RBAC policies designed on top of the GemRBAC+CTX model. The language is characterized by a syntax close to natural language, which does not require any mathematical background for expressing RBAC policies. The language supports all the authorization policies captured by the GemRBAC+CTX model. 3. MORRO, a model-driven framework for the run-time enforcement of RBAC policies expressed in GemRBAC-DSL, built on top of the GemRBAC+CTX model. MORRO provides policy enforcement for both access and usage control. 4. three tools (an editor for GemRBAC-DSL, a model transformation tool for GemRBAC-DSL, a run-time enforcement framework) have been implemented and released as part of this work. The GemRBAC+CTX model and the GemRBAC-DSL language have been adopted by our industrial partner for the specification of the access control policies of a Web application in the domain of disaster reliefintervention. We have extensively evaluated the applicability and the scalability of MORRO on this Web application. The experimental results show that an access decision can be made on average, in less than 107 ms and that the time for processing a notification of an AC-related event is less than 512ms. Furthermore, both the access decision time and the execution time for processing a notification of an AC-related event scale—in the majority of the cases—linearly with respect to the parameters characterizing AC configurations; in the remaining cases, the access decision time is constant. Advisors/Committee Members: Briand, Lionel [superviser], Bianculli, Domenico [superviser], Klein, Jacques [president of the jury], Balzarotti, Davide [member of the jury], Steimann, Friedrich [member of the jury].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Ben Fadhel, A. (2017). Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/32665

Chicago Manual of Style (16^th Edition):

Ben Fadhel, Ameni. “Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/32665.

MLA Handbook (7^th Edition):

Ben Fadhel, Ameni. “Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach.” 2017. Web. 18 Oct 2019.

Vancouver:

Ben Fadhel A. Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/32665.

Council of Science Editors:

Ben Fadhel A. Comprehensive Specification and Efficient Enforcement of Role-based Access Control Policies using a Model-driven Approach. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/32665

Université du Luxembourg

6. Ayetiran, Eniafe Festus. A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/31289

► Electronic data discovery (EDD), e-discovery or eDiscovery is any process by which electronically stored information (ESI) is sought, identified, collected, preserved, secured, processed, searched for… (more)

▼ Electronic data discovery (EDD), e-discovery or eDiscovery is any process by which electronically stored information (ESI) is sought, identified, collected, preserved, secured, processed, searched for the ones relevant to civil and/or criminal litigations or regulatory matters with the intention of using them as evidence. Searching electronic document collections for relevant documents is part of eDiscovery which poses serious problems for lawyers and their clients alike. Getting efficient and effective techniques for search in eDiscovery is an interesting and still an open problem in the field of legal information systems. Researchers are shifting away from traditional keyword search to more intelligent approaches such as machine learning (ML) techniques. State-of-the-art algorithms for search in eDiscovery focus mainly on supervised approaches, mainly; supervised learning and interactive approaches. The former uses labelled examples for training systems while the latter uses human assistance in the search process to assist in retrieving relevant documents. Techniques in the latter approach include interactive query expansion among others. Both approaches are supervised form of technology assisted review (TAR). Technology assisted review is the use of technology to assist or completely automate the process of searching and retrieval of relevant documents from electronically stored information (ESI). In text retrieval/classification, supervised systems are known for their superior performance over unsupervised systems. However, two serious issues limit their application in the electronic discovery search and information retrieval (IR) in general. First, they have associated high cost in terms of finance and human effort. This is particularly responsible for the huge amount of money expended on eDiscovery on annual basis. Secondly, their case/project-specific nature does not allow for resuse, thereby contributing more to organizations' expenses when they have two or more cases involving eDiscovery. Unsupervised systems on the other hand, is cost-effective in terms of finance and human effort. A major challenge in unsupervised ad hoc information retrieval is that of vocabulary problem which causes terms mismatch in queries and documents. While topic modelling techniques try to tackle this from the thematic point of view in the sense that both queries and documents are likely to match if they discuss about the same topic, natural language processing (NLP) approaches view it from the semantic perspective. Scalable topic modelling algorithms, just like the traditional bag of words technique, suffer from polysemy and synonymy problems. Natural language processing techniques on the other hand, while being able to considerably resolve the polysemy and synonymy problems are computationally expensive and not suitable for large collections as is the case in eDiscovery. In this thesis, we exploit the peculiarity of eDiscovery collections being composed mainly of e-mail communications and their attachments, mining topics of… Advisors/Committee Members: Boella, Guido [superviser], Torre, Leon van der [superviser].

Subjects/Keywords: eDiscovery; unsupervised; classification; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Ayetiran, E. F. (2017). A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/31289

Chicago Manual of Style (16^th Edition):

Ayetiran, Eniafe Festus. “A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/31289.

MLA Handbook (7^th Edition):

Ayetiran, Eniafe Festus. “A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.” 2017. Web. 18 Oct 2019.

Vancouver:

Ayetiran EF. A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/31289.

Council of Science Editors:

Ayetiran EF. A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/31289

Université du Luxembourg

7. Klein, Johannes. Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/34542

► Computer-supported collaborative work is increasingly common in our professional and personal life. However, the expectations and requirements of the users are frequently neglected when addressing… (more)

▼ Computer-supported collaborative work is increasingly common in our professional and personal life. However, the expectations and requirements of the users are frequently neglected when addressing the technological challenges associated with the development of a distributed collaboration system. The proposed collaboration environment employs an integrative approach to distributed compound document authoring, including both a user- and system-centric perspective on collaborative work. An interruption-free, reliable, and responsive shared work environment with a near real-time representation of the work of others is a core expectation from the users. In order to provide these features, a fine-granular, graph-based data representation has been developed to serve as the basis for this approach. The data representing individual compound document elements is partitioned over sets of three distinct nodes in the graph structure. This separation of metadata and payload data enables the precise attribution of editing operations while maintaining an adaptable and extensible data representation. User-specific preferences allow for the individualization of a user's work environment to account for personal preferences, requirements from the current collaboration scenario, or limitations of the employed computer system. Support for complex, data type-specific editing commands is integrated with a concurrent command application and Layered Consistency Management model. This enables a near real-time representation of the work of others, the preservation of the users' editing intentions, and the maintenance of a globally consistent data state. Intra- and inter-document relations retain semantic connections between distinct data structure elements. Together with an element's supplemental data, this related information enables additional, autonomous conflict resolution approaches and facilitates a comprehensive representation of the conflict in case of a manual resolution process. By integrating these functionalities into one coherent system, the users are provided with an unobtrusive, yet reliable and feature-rich distributed work environment able to actively support collaborative compound document authoring. Advisors/Committee Members: Rothkugel, Steffen [superviser].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Klein, J. (2018). Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/34542

Chicago Manual of Style (16^th Edition):

Klein, Johannes. “Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/34542.

MLA Handbook (7^th Edition):

Klein, Johannes. “Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.” 2018. Web. 18 Oct 2019.

Vancouver:

Klein J. Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/34542.

Council of Science Editors:

Klein J. Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/34542

Université du Luxembourg

8. Wang, Chunhui. Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/32054

► The complexity of embedded software in safety-critical domains, such as automotive and avionics, has significantly increased over the years. For most embedded systems, standards require… (more)

▼ The complexity of embedded software in safety-critical domains, such as automotive and avionics, has significantly increased over the years. For most embedded systems, standards require system testing to explicitly demonstrate that the software meets its functional and safety requirements. In these domains, system test cases are often manually derived from functional requirements in natural language plus other design artefacts, like UML statecharts. The definition of system test cases is therefore time-consuming and error-prone, especially given the quickly rising complexity of embedded systems. The benefits of automatic test generation are widely acknowledged today but existing approaches often require behavioural models that tend to be complex and expensive to produce, and are thus often not part of development practice. The work proposed in this dissertation focusses on the automated generation of test cases for testing the compliance between software and its functional and timing requirements. This dissertation is inspired by contexts where functional and timing requirements are expressed by means of use case specifications and timing automata, respectively. This is the development context of our industrial partner, IEE, an automotive company located in Luxembourg, who provided the case study used to validate the approach and tool described in this dissertation. This dissertation presents five main contributions: (1) A set of guidelines for the definition of functional and timing requirements to enable the automated generation of system test cases. (2) A technique for the automated generation of functional test cases from requirements elicited in the form of use case specifications following a prescribed template and natural-language restrictions. (3) A technique that reuses the automatically generated functional test cases to generate timeliness test cases from minimal models of the timing requirements of the system. (4) A technique for the automated generation of oracles for non-deterministic systems whose specifications are expressed by means of timed automata. In the context of this dissertation, automated oracles for non-deterministic systems are necessary to evaluate the results of the generated timeliness test cases. (5) The evaluation of the applicability and effectiveness of the proposed guidelines and techniques on an industrial case study, a representative automotive embedded system developed by IEE. Advisors/Committee Members: Briand, Lionel [superviser], Pastore, Fabrizio [superviser], Sabetzadeh, Mehrdad [president of the jury], Nejati, Shiva [president of the jury], Legeard, Bruno [member of the jury], Denaro, Giovanni [member of the jury].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Wang, C. (2017). Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/32054

Chicago Manual of Style (16^th Edition):

Wang, Chunhui. “Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/32054.

MLA Handbook (7^th Edition):

Wang, Chunhui. “Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.” 2017. Web. 18 Oct 2019.

Vancouver:

Wang C. Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/32054.

Council of Science Editors:

Wang C. Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/32054

Université du Luxembourg

9. Calafiore, Alessia. REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/37680

► The thesis aimed at rendering machine understandable the social dimension of urban places to provide a new generation of urban analytics based on peoples’ socio-… (more)

Subjects/Keywords: ontology; place; geoinformatics; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Calafiore, A. (2018). REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/37680

Chicago Manual of Style (16^th Edition):

Calafiore, Alessia. “REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/37680.

MLA Handbook (7^th Edition):

Calafiore, Alessia. “REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT.” 2018. Web. 18 Oct 2019.

Vancouver:

Calafiore A. REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/37680.

Council of Science Editors:

Calafiore A. REPRESENTING THE SOCIAL CHARACTER OF PLACES: ONTOLOGY MODELS OF THE URBAN ENVIRONMENT. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/37680

10. Martinez, Jabier. Mining Software Artefact Variants for Product Line Migration and Analysis.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/28675

► Software Product Lines (SPLs) enable the derivation of a family of products based on variability management techniques. Inspired by the manufacturing industry, SPLs use feature… (more)

▼ Software Product Lines (SPLs) enable the derivation of a family of products based on variability management techniques. Inspired by the manufacturing industry, SPLs use feature configurations to satisfy different customer needs, along with reusable assets associated to the features, to allow systematic and planned reuse. SPLs are reported to have numerous benefits such as time-to-market reduction, productivity increase or product quality improvement. However, the barriers to adopt an SPL are equally numerous requiring a high up-front investment in domain analysis and implementation. In this context, to create variants, companies more commonly rely on ad-hoc reuse techniques such as copy-paste-modify. Capitalizing on existing variants by extracting the common and varying elements is referred to as extractive approaches for SPL adoption. Extractive SPL adoption allows the migration from single-system development mentality to SPL practices. Several activities are involved to achieve this goal. Due to the complexity of artefact variants, feature identification is needed to analyse the domain variability. Also, to identify the associated implementation elements of the features, their location is needed as well. In addition, feature constraints should be identified to guarantee that customers are not able to select invalid feature combinations (e.g., one feature requires or excludes another). Then, the reusable assets associated to the feature should be constructed. And finally, to facilitate the communication among stakeholders, a comprehensive feature model need to be synthesized. While several approaches have been proposed for the above-mentioned activities, extractive SPL adoption remains challenging. A recurring barrier consists in the limitation of existing techniques to be used beyond the specific types of artefacts that they initially targeted, requiring inputs and providing outputs at different granularity levels and with different representations. Seamlessly address the activities within the same environment is a challenge by itself. This dissertation presents a unified, generic and extensible framework for mining software artefact variants in the context of extractive SPL adoption. We describe both its principles and its realization in Bottom-Up Technologies for Reuse (BUT4Reuse). Special attention is paid to model-driven development scenarios. A unified process and representation would enable practitioners and researchers to empirically analyse and compare different techniques. Therefore, we also focus on benchmarks and in the analysis of variants, in particular, in benchmarking feature location techniques and in identifying families of variants in the wild for experimenting with feature identification techniques. We also present visualisation paradigms to support domain experts on feature naming during feature identification and to support on feature constraints discovery. Finally, we investigate and discuss the mining of artefact variants for SPL analysis once the SPL is already operational. Concretely, we… Advisors/Committee Members: Le Traon, Yves [superviser], Ziane, Mikal [superviser], Ziadi, Tewfik [superviser], Klein, Jacques [president of the jury], Poizat, Pascal [member of the jury], Jézéquel, Jean-Marc [member of the jury], Schmid, Klaus [member of the jury].

Subjects/Keywords: software product lines; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

10 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Martinez, J. (2016). Mining Software Artefact Variants for Product Line Migration and Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28675

Chicago Manual of Style (16^th Edition):

Martinez, Jabier. “Mining Software Artefact Variants for Product Line Migration and Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/28675.

MLA Handbook (7^th Edition):

Martinez, Jabier. “Mining Software Artefact Variants for Product Line Migration and Analysis.” 2016. Web. 18 Oct 2019.

Vancouver:

Martinez J. Mining Software Artefact Variants for Product Line Migration and Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/28675.

Council of Science Editors:

Martinez J. Mining Software Artefact Variants for Product Line Migration and Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28675

Université du Luxembourg

11. Gallais, Jean-Francois. Microarchitectural Side-Channel Attacks.

Degree: 2013, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/15633

►

Cryptanalysis is the science which evaluates the security of a cryptosystem and detects its weaknesses and flaws. Initially confined to the black-box model, where only… (more)

▼

Cryptanalysis is the science which evaluates the security of a cryptosystem and detects its weaknesses and flaws. Initially confined to the black-box model, where only the input and output data were considered, cryptanalysis is now broadened to the security evaluation of the physical implementation of a cryptosystem. The implementation attacks which compose physical cryptanalysis are divided into fault attacks, exploiting the effect of disruption of the normal functioning of the device, and side-channel attacks, exploiting the dependency between the instructions and data (including key bits) processed by a device and its physical characteristics (e.g. execution time, power consumption, electromagnetic (EM) radiations). In the scope of this thesis, we particularly focus on the latter attacks. “Every computation leaks information” and lowering the physical leakages of an implementation is indeed a complex task both from cryptographic and engineering viewpoints, especially when performance and cost enter the equation. The development of adequate countermeasures necessitates a thorough knowledge of the various vulnerabilities that the microcontroller induces. Although generic side-channel attacks such as Differential Power Analysis (DPA) can generally retrieve the key with weak assumptions on a cryptographic implementation, we show in this thesis that the focus on specific components and properties from the architecture of the target device may allow an adversary to yield better success in a key recovery and sometimes to thwart DPA countermeasures. First, we elaborate on attacks which deduce the cache activity of a device from single side-channel traces and algebraically exploit this information to recover the key. We propose different attacks against embedded software implementations of the Advanced Encryption Standard (AES) in the chosen- and known-plaintext scenarios and make them tolerant to environments where high noise or a partially preloaded cache would normally introduce errors in the key recovery. Second, we discuss the failure of standard DPA against the modular addition and propose a practical and generic approach to circumvent it. Third, we show that microarchitectural leakages and fault inductions can be exploited in a constructive way when induced by hardware Trojans implemented on general-purpose microprocessors. Such Trojans can either provide an adversary with a backdoor access to the trojanized device executing an arbitrary cryptographic software or serve to protect the Intellectual Property (IP) of the chip designer through digital watermarking. The last part concerns divide and conquer side-channel attacks such as DPA. Testing different combinations of key chunk candidates turns out to be very complex when the individual chunk recoveries are bounded in measurement complexity or performed in noisy environments. We address the so-called key enumeration problem with an efficient sorting method.

La cryptanalyse a pour but d’évaluer la sécurité d’un cryptosystème et de déceler ses failles. D’abord…

Advisors/Committee Members: Müller, Volker [superviser].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Gallais, J. (2013). Microarchitectural Side-Channel Attacks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/15633

Chicago Manual of Style (16^th Edition):

Gallais, Jean-Francois. “Microarchitectural Side-Channel Attacks.” 2013. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/15633.

MLA Handbook (7^th Edition):

Gallais, Jean-Francois. “Microarchitectural Side-Channel Attacks.” 2013. Web. 18 Oct 2019.

Vancouver:

Gallais J. Microarchitectural Side-Channel Attacks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2013. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/15633.

Council of Science Editors:

Gallais J. Microarchitectural Side-Channel Attacks. [Doctoral Dissertation]. Université du Luxembourg; 2013. Available from: http://orbilu.uni.lu/handle/10993/15633

Université du Luxembourg

12. Bianculli, Domenico. Open-world Software: Specification, Verification and Beyond.

Degree: 2012, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/8378 ; http://doc.rero.ch/record/32809

► Open-world software systems are built by composing heterogeneous,third-party components, whose behavior and interactions cannot be fully controlled or predicted; moreover, the environment they interact with… (more)

▼ Open-world software systems are built by composing heterogeneous,third-party components, whose behavior and interactions cannot be fully controlled or predicted; moreover, the environment they interact with is characterized by frequent, unexpected, and welcome changes. This class of software exhibits new features that often demand for rethinking and extending the traditional methodologies and the accompanying methods and techniques. In this thesis we deal with a particular class of open- world software, represented by service-based applications (SBAs). We focus on three specific aspects related to the development and provisioning of SBAs: specification, verification, and reputation management. With respect to these aspects, we provide methods and techniques that are i) suitable to deal with aspects such as change, evolution, and reliance on third- parties, and ii) able to improve the overall quality of the systems they are applied to. More specifically, concerning specification, we report on the findings of a study that analyzed requirements specifications of SBAs developed in research settings and in industrial settings. These findings have then driven the design of SOLOIST, a language used to specify the interactions of SBAs. Regarding verification, our contribution is twofold; we propose: i) a technique for automatically generating the behavioral interfaces of the partner services of a service composition, by decomposing the requirements specification of the composite service; ii) a framework for the definition of verification procedures (encoded as synthesis of semantic attributes associated with a grammar) that are made incremental using an approach based on incremental parsing and attributes evaluation techniques. Finally, as for reputation management, we present a reputation-aware service execution infrastructure, which manages the reputation of services used by composite SBAs in an automated and transparent manner. Advisors/Committee Members: Ghezzi, Carlo [superviser], Binder, Walter [member of the jury], Bultan, Tevfik [member of the jury], Dustdar, Schahram [member of the jury], Jazayeri, Mehdi [member of the jury], Uchitel, Sebastian [member of the jury].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Bianculli, D. (2012). Open-world Software: Specification, Verification and Beyond. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/8378 ; http://doc.rero.ch/record/32809

Chicago Manual of Style (16^th Edition):

Bianculli, Domenico. “Open-world Software: Specification, Verification and Beyond.” 2012. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/8378 ; http://doc.rero.ch/record/32809.

MLA Handbook (7^th Edition):

Bianculli, Domenico. “Open-world Software: Specification, Verification and Beyond.” 2012. Web. 18 Oct 2019.

Vancouver:

Bianculli D. Open-world Software: Specification, Verification and Beyond. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2012. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/8378 ; http://doc.rero.ch/record/32809.

Council of Science Editors:

Bianculli D. Open-world Software: Specification, Verification and Beyond. [Doctoral Dissertation]. Université du Luxembourg; 2012. Available from: http://orbilu.uni.lu/handle/10993/8378 ; http://doc.rero.ch/record/32809

Université du Luxembourg

13. Lanze, Fabian. Fingerprinting Techniques for Network Security.

Degree: 2015, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/20444

► Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. The goal of this thesis is to… (more)

▼ Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. The goal of this thesis is to de- velop and evaluate methods for fingerprinting in different application domains and to contribute to a better understanding of fingerprinting in general. We concentrate on approaches that are applicable in practice to improve the security of computer networks. We first introduce a novel formal model of the central concepts of finger- printing in order to relate techniques to their particular application scenario. This model allows the comparison of approaches and the evaluation of their effectiveness for practical use. The evil twin attack in 802.11 networks is a severe security problem that nei- ther the industry nor the research community has found appropriate solutions for. Motivated by this threat, we develop novel fingerprinting methods. We address this challenge from two angles. In our first approach we exploit minuscule yet observable inaccuracies in crystal-oscillator-driven computer clocks. We will show that several conclusions drawn in the related research about the efficacy of this fingerprinting feature are false. We then enhance state-of-the-art approaches and for the first time provide a solution for remote physical device fingerprinting performed by typical off-the-shelf client devices that is able to mitigate the evil twin threat in practice. The second approach focuses on fingerprinting the behavioral characteristics of soft- ware tools that have been developed or can be misused to mount the attack. As we will show, our fingerprinting methods, which primarily exploit unavoidable low-level characteristics, allow the reliable detection of such an attack strategy within a few seconds. We then switch the perspective to the attacker’s side and investigate a finger- printing method that has been proposed to attack anonymization networks such as Tor by using traffic analysis, commonly referred to as website fingerprinting. We propose a novel approach that outperforms state-of-the-art methods in this area. We then evaluate for the first time the practical applicability of website fingerprinting in a realistic scenario, while avoiding simplified assumptions predominantly made in the related research. Our evaluation indicates that this particular threat, which is considered to be a serious security problem affecting many users, is not as severe as presumed. Therefore, concerns that have been raised and strategies for circumvent- ing this attack that have been proposed need to be reconsidered. Advisors/Committee Members: Engel, Thomas [superviser], Sorger, Ulrich [president of the jury], Scheuermann, Björn [member of the jury], Panchenko, Andriy [member of the jury], Spaniol, Otto [member of the jury].

Subjects/Keywords: Security; Fingerprinting; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Lanze, F. (2015). Fingerprinting Techniques for Network Security. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/20444

Chicago Manual of Style (16^th Edition):

Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/20444.

MLA Handbook (7^th Edition):

Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Web. 18 Oct 2019.

Vancouver:

Lanze F. Fingerprinting Techniques for Network Security. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/20444.

Council of Science Editors:

Lanze F. Fingerprinting Techniques for Network Security. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/20444

Université du Luxembourg

14. Symeonidis, Iraklis. Analysis and Design of Privacy-Enhancing Information Sharing Systems.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/37607

► Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can… (more)

▼ Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can collect or otherwise acquire rich information about individuals’ everyday lives and habits from big data-silos, enabling profiling and micro-targeting such as in political elections. Therefore, it is important to analyse systems that allow the collection and information sharing between users and to design secure and privacy enhancing solutions. This thesis contains two parts. The aim of the first part is to investigate in detail the effects of the collateral information collection of third-party applications on Facebook. The aim of the second part is to analyse in detail the security and privacy issues of car sharing systems and to design a secure and privacy-preserving solution. In the first part, we present a detailed multi-faceted study on the collateral information collection privacy issues of Facebook applications; providers of third-party applications on Facebook exploit the interdependency between users and their friends. The goal is to (i) study the existence of the problem, (ii) investigate whether Facebook users are concerned about the issue, quantify its (iii) likelihood and (iv) impact of collateral information collection affecting users, (v) identify whether collateral information collection is an issue for the protection of the personal data of Facebook users under the legal framework, and (vi) we propose solutions that aim to solve the problem of collateral information collection. In order to investigate the views of the users, we designed a questionnaire and collected the responses of participants. Employing real data from the Facebook third-party applications ecosystem, we compute the likelihood of collateral information collection affecting users and quantify its significance evaluating the amount of attributes collected by such applications. To investigate whether collateral information collection is an issue in terms of users’ privacy we analysed the legal framework in light of the General Data Protection Regulation. To provide countermeasures, we propose a privacy dashboard extension that implements privacy scoring computations to enhance transparency towards collateral information collection. Advisors/Committee Members: Preneel, Bart [superviser], imec-COSIC [research center].

Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Symeonidis, I. (2018). Analysis and Design of Privacy-Enhancing Information Sharing Systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/37607

Chicago Manual of Style (16^th Edition):

Symeonidis, Iraklis. “Analysis and Design of Privacy-Enhancing Information Sharing Systems.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/37607.

MLA Handbook (7^th Edition):

Symeonidis, Iraklis. “Analysis and Design of Privacy-Enhancing Information Sharing Systems.” 2018. Web. 18 Oct 2019.

Vancouver:

Symeonidis I. Analysis and Design of Privacy-Enhancing Information Sharing Systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/37607.

Council of Science Editors:

Symeonidis I. Analysis and Design of Privacy-Enhancing Information Sharing Systems. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/37607

Université du Luxembourg

15. Fiz Pontiveros, Beltran. A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.

Degree: 2019, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/39254

► Interest in the decentralised nature of blockchain-based distributed ledgers has rapidly grown over the past few years. While a portion of this interest is fuelled… (more)

Subjects/Keywords: blockchain; distributed ledger technology; ethereum; bitcoin; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Fiz Pontiveros, B. (2019). A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/39254

Chicago Manual of Style (16^th Edition):

Fiz Pontiveros, Beltran. “A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/39254.

MLA Handbook (7^th Edition):

Fiz Pontiveros, Beltran. “A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.” 2019. Web. 18 Oct 2019.

Vancouver:

Fiz Pontiveros B. A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/39254.

Council of Science Editors:

Fiz Pontiveros B. A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/39254

Université du Luxembourg

16. Grzybek, Agata. Community-based vehicular networks for traffic information systems.

Degree: 2015, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/21796

► Traffic information systems (TIS) monitor road traffic conditions with the goal of improving the efficiency of road networks. Given the ever increasing number of cars,… (more)

▼ Traffic information systems (TIS) monitor road traffic conditions with the goal of improving the efficiency of road networks. Given the ever increasing number of cars, TIS are becoming more critical, as they help reduce traffic congestion which have large negative social, economical, and environmental impact. Current TIS have several drawbacks. First, there are insufficient sources of traffic data, that often require either expensive sensing infrastructure or a contract with a network provider owning GPS data. Secondly, they are often limited by a centralised architecture introducing both delays in delivery of real-time data and a single-point of failure. Finally, even after collecting traffic information, they provide no easy way to effectively relay information to drivers or apply traffic management strategies. New vehicle-to-vehicle (V2V) communication technologies can potentially aid in overcoming these limitations. Using V2V, vehicles can communicate with each other and exchange traffic information within an ad hoc vehicular network (VANET). VANETs could drastically change the nature of traffic systems, moving from a centrally-controlled to a self-organised complex system covering every road segment.This thesis studies the potential of VANETs in the context of traffic data collection and traffic management using a multidisciplinary approach. We combine knowledge of networking protocols, distributed systems, and traffic theory to propose novel solutions for TIS. First, we propose a TrafficEQ system – a VANET-based TIS, that uses pure V2V communication to collect and disseminate traffic information among vehicles. Moreover, TrafficEQ provides intelligent route guidance based on a probabilistic route choice strategy. The system is evaluated using a simulation platform developed with realistic real-world scenarios. We demonstrate that TrafficEQ deals with challenging non-predictable traffic congestion better than traditional route guidance systems can. Secondly, we propose grouping vehicles into communities by similarity of their mobility patterns to improve traffic congestion detection and analysis. To facilitate this, we present the Crowdz algorithm – a community detection algorithm for VANETs. Extensive analysis on large-scale vehicular networks show that detected communities are more stable than those in a competitive algorithm. Lastly, we introduce an application which uses communities to detect and analyse traffic congestion. Simulation experiments show that identification of congested communities can help in applying appropriate control strategies. Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Bouvry, Pascal [superviser], Zampunieris, Denis [president of the jury], Szczypiorski, Krzystof [member of the jury], Danoy, Grégoire [member of the jury], Seredynski, Marcin [member of the jury].

Subjects/Keywords: Vehicular Networks; Traffic Information Systems; Community Detection; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Grzybek, A. (2015). Community-based vehicular networks for traffic information systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/21796

Chicago Manual of Style (16^th Edition):

Grzybek, Agata. “Community-based vehicular networks for traffic information systems.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/21796.

MLA Handbook (7^th Edition):

Grzybek, Agata. “Community-based vehicular networks for traffic information systems.” 2015. Web. 18 Oct 2019.

Vancouver:

Grzybek A. Community-based vehicular networks for traffic information systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/21796.

Council of Science Editors:

Grzybek A. Community-based vehicular networks for traffic information systems. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/21796

Université du Luxembourg

17. Allix, Kevin. Challenges and Outlook in Machine Learning-based Malware Detection for Android.

Degree: 2015, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/24900

► Just like in traditional desktop computing, one of the major security issues in mobile computing lies in malicious software. Several recent studies have shown that… (more)

▼ Just like in traditional desktop computing, one of the major security issues in mobile computing lies in malicious software. Several recent studies have shown that Android, as today’s most widespread Operating System, is the target of most of the new families of malware. Manually analysing an Android application to determine whether it is malicious or not is a time- consuming process. Furthermore, because of the complexity of analysing an application, this task can only be conducted by highly-skilled—hence hard to come by—professionals. Researchers naturally sought to transfer this process from humans to computers to lower the cost of detecting malware. Machine-Learning techniques, looking at patterns amongst known malware and inferring models of what discriminates malware from goodware, have long been summoned to build malware detectors. The vast quantity of data involved in malware detection, added to the fact that we do not know a priori how to express in technical terms the difference between malware and goodware, indeed makes the malware detection question a seemingly textbook example of a possible Machine- Learning application. Despite the vast amount of literature published on the topic of detecting malware with machine- learning, malware detection is not a solved problem. In this Thesis, we investigate issues that affect performance evaluation and that thus may render current machine learning-based mal- ware detectors for Android hardly usable in practical settings, and we propose an approach to overcome those issues. While the experiments presented in this thesis all rely on feature-sets obtained through lightweight static analysis, several of our findings could apply equally to all Machine Learning-based malware detection approaches. In the first part of this thesis, background information on machine-learning and on malware detection is provided, and the related work is described. A snapshot of the malware landscape in Android application markets is then presented. The second part discusses three pitfalls hindering the evaluation of malware detectors. We show with extensive experiments how validation methodology, History-unaware dataset construction and the choice of a ground truth can heavily interfere with the performance results of malware detectors. In a third part, we present an practical approach to detect Android Malware in real-world settings. We then propose several research paths to get closer to our long term goal of building practical, dependable and predictable Android Malware detectors. Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Bissyande, Tegawendé François D Assise [member of the jury], Cavallaro, Lorenzo [member of the jury], Rossow, Christian [member of the jury].

Subjects/Keywords: Machine-Learning; Malware; Android; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Allix, K. (2015). Challenges and Outlook in Machine Learning-based Malware Detection for Android. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/24900

Chicago Manual of Style (16^th Edition):

Allix, Kevin. “Challenges and Outlook in Machine Learning-based Malware Detection for Android.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/24900.

MLA Handbook (7^th Edition):

Allix, Kevin. “Challenges and Outlook in Machine Learning-based Malware Detection for Android.” 2015. Web. 18 Oct 2019.

Vancouver:

Allix K. Challenges and Outlook in Machine Learning-based Malware Detection for Android. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/24900.

Council of Science Editors:

Allix K. Challenges and Outlook in Machine Learning-based Malware Detection for Android. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/24900

Université du Luxembourg

18. Wasim, Muhammad Umer. Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/36660

► Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, it is becoming increasingly difficult to prove trade secret… (more)

▼ Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, it is becoming increasingly difficult to prove trade secret violations in cloud context. Embedding legal protection as a preemptive measure could effectively reduce such burden of proof in a court of law, which can be implemented by an online broker in the cloud. The primary aim of this research was to propose a model for an online broker that embeds le-gal protection as preemptive measure to reduce burden of proof during litigation. This is a novel area of inter-disciplinary research whose body of knowledge is not yet well established. The underlying concept in the proposed model was built upon the notion of factor analysis from the discipline of unsupervised machine learning. For evaluation, two-stage procedure was implemented that showed ap-plication of legal protection as preemptive measure and subsequently, reduced burden of proof in a court of law. A real time quality of service based dataset for cloud storage providers (Carbonite, Dropbox, iBackup, JustCloud, SOS Online Backup, SugarSync, and Zip Cloud) was used for the technical evaluation. The simulation results showed better results of proposed model as compared to its counterparts in the field, which in court of law can be used as a part of evidence to reduce burden of proof. For legal validation of such conclusion, questionnaires were sent to law and ICT experts. There were total of six respondents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (5 out of 6 respondents) agreed that results of our model could be used in the court (or judiciary) as a part of evidence to reduce burden of proof. Theoretically, this part of research (focused on primary aim) is a pioneer effort on providing legal protection to trade secrets in the cloud. Practically, it will benefit an enterprise to negotiate contract with service providers to minimize trade secret misappropriation in the cloud. However, for enterprise that is using decentralized architecture in the cloud e.g. blockchains, contracts could emerge towards smart contracts (an autono-mous software program running over blockchains). In this context, a well negoti-ated contract will not be a solution to minimize trade secret misappropriation. In fact, for this case it is particularly relevant to instantiate role of judiciary over a blockchain. The secondary aim of this research was to develop a model that can be implemented over the blockchain to automatically issue preliminary injunc-tion (or temporary restraining order by court of law) for the breach of contract that can potentially lead to trade secret misappropriation. This part of the re-search extended the previously proposed model by using stochastic modeling from the discipline of data science. High performance computing (HPC) cluster at University of Luxembourg (HPC @ Uni.lu) and docker (a software container platform) were used to emulate contractual environment of three service… Advisors/Committee Members: Bouvry, Pascal [superviser].

Subjects/Keywords: Blockchain; Trade Secret; Machine Learning; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Wasim, M. U. (2018). Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/36660

Chicago Manual of Style (16^th Edition):

Wasim, Muhammad Umer. “Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/36660.

MLA Handbook (7^th Edition):

Wasim, Muhammad Umer. “Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains.” 2018. Web. 18 Oct 2019.

Vancouver:

Wasim MU. Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/36660.

Council of Science Editors:

Wasim MU. Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/36660

Université du Luxembourg

19. Nielsen, Sune Steinbjorn. Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/28226

► Protein structure prediction is an essential step in understanding the molecular mechanisms of living cells with widespread applications in biotechnology and health. Among the open… (more)

▼ Protein structure prediction is an essential step in understanding the molecular mechanisms of living cells with widespread applications in biotechnology and health. Among the open problems in the field, the Inverse Folding Problem (IFP) that consists in finding sequences that fold into a defined structure is, in itself, an important research problem at the heart of most rational protein design approaches. In brief, solutions to the IFP are protein sequences that will fold into a given protein structure, contrary to conventional structure prediction where the solution consists of the structure into which a given sequence folds. This inverse approach is viewed as a simplification due to the fact that the near infinite number of structure conformations of a protein can be disregarded, and only sequence to structure compatibility needs to be determined. Additional emphasis has been put on the generation of many sequences dissimilar from the known reference sequence instead of finding only one solution. To solve the IFP computationally, a novel formulation of the problem was proposed in which possible problem solutions are evaluated in terms of their predicted secondary structure match. In addition, two specialised Genetic Algorithms (GAs) were developed specifically for solving the IFP problem and compared with existing algorithms in terms of performance. Experimental results outlined the superior performance of the developed algorithms, both in terms of model score and diversity of the generated sets of problem solutions, i.e. new protein sequences. A number of landscape analysis experiments were conducted on the IFP model, enabling the development of an original benchmark suite of analogous problems. These benchmarks were shown to share many characteristics with their IFP model counterparts, but are executable in a fraction of the time. To validate the IFP model and the algorithm output, a subset of the generated solutions were selected for further inspection through full tertiary structure prediction and comparison to the original protein structure. Congruence was then assessed by super-positioning and secondary structure annotation statistics. The results demonstrated that an optimisation process relying on a fast secondary structure approximation, such as the IFP model, permits to obtain meaningful sequences. Advisors/Committee Members: AFR [sponsor], Bouvry, Pascal [superviser], Schneider, Reinhard [president of the jury], Talbi, El-Ghazali [member of the jury], Danoy, Grégoire [member of the jury], Jurkowski, Wiktor [member of the jury], University of Luxembourg: High Performance Computing - ULHPC [research center].

Subjects/Keywords: Genetic Algorithms; Inverted Folding Problem; Diversity Preservation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Nielsen, S. S. (2016). Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28226

Chicago Manual of Style (16^th Edition):

Nielsen, Sune Steinbjorn. “Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/28226.

MLA Handbook (7^th Edition):

Nielsen, Sune Steinbjorn. “Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.” 2016. Web. 18 Oct 2019.

Vancouver:

Nielsen SS. Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/28226.

Council of Science Editors:

Nielsen SS. Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28226

Université du Luxembourg

20. Kampas, Dimitrios. Topic Identification Considering Word Order by Using Markov Chains.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/27805

► Automated topic identification of text has gained a significant attention since a vast amount of documents in digital forms are widespread and continuously increasing. Probabilistic… (more)

▼ Automated topic identification of text has gained a significant attention since a vast amount of documents in digital forms are widespread and continuously increasing. Probabilistic topic models are a family of statistical methods that unveil the latent structure of the documents defining the model that generates the text a priori. They infer about the topic(s) of a document considering the bag-of-words assumption, which is unrealistic considering the sophisticated structure of the language. The result of such a simplification is the extraction of topics that are vague in terms of their interpretability since they disregard any relations among the words that may settle word ambiguity. Topic models miss significant structural information inherent in the word order of a document. In this thesis we introduce a novel stochastic topic identifier for text data that addresses the above shortcomings. The primary motivation of this work is initiated by the assertion that word order reveals text semantics in a human-like way. Our approach recognizes an on-topic document trained solely on the experience of an on-class corpus. It incorporates the word order in terms of word groups to deal with data sparsity of conventional n-gram language models that usually require a large volume of training data. Markov chains hereby provide a reliable potential to capture short and long range language dependencies for topic identification. Words are deterministically associated with classes to improve the probability estimates of the infrequent ones. We demonstrate our approach and motivate its eligibility on several datasets of different domains and languages. Moreover, we present a pioneering work by introducing a hypothesis testing experiment that strengthens the claim that word order is a significant factor for topic identification. Stochastic topic identifiers are a promising initiative for building more sophisticated topic identification systems in the future. Advisors/Committee Members: Schommer, Christoph [superviser].

Subjects/Keywords: Topic identification; Stochastic classifier; Finance; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Kampas, D. (2016). Topic Identification Considering Word Order by Using Markov Chains. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/27805

Chicago Manual of Style (16^th Edition):

Kampas, Dimitrios. “Topic Identification Considering Word Order by Using Markov Chains.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/27805.

MLA Handbook (7^th Edition):

Kampas, Dimitrios. “Topic Identification Considering Word Order by Using Markov Chains.” 2016. Web. 18 Oct 2019.

Vancouver:

Kampas D. Topic Identification Considering Word Order by Using Markov Chains. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/27805.

Council of Science Editors:

Kampas D. Topic Identification Considering Word Order by Using Markov Chains. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/27805

Université du Luxembourg

21. Appelt, Dennis. Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/27947

► Injection vulnerabilities, such as SQL injection (SQLi), are ranked amongst the most dangerous types of vulnerabilities. Despite having received much attention from academia and practitioners,… (more)

▼ Injection vulnerabilities, such as SQL injection (SQLi), are ranked amongst the most dangerous types of vulnerabilities. Despite having received much attention from academia and practitioners, the prevalence of SQLi is common and the impact of their successful exploitation is severe. In this dissertation, we propose several security testing approaches that evaluate web applications and services for vulnerabilities and common IT infrastructure components such as for their resilience against attacks. Each of the presented approaches covers a different aspect of security testing, e.g. the generation of test cases or the definition of test oracles, and in combination they provide a holistic approach. The work presented in this dissertation was conducted in collaboration with SIX Payment Services (formerly CETREL S.A.). SIX Payment Services is a leading provider of financial services in the area of payment processing, e.g. issuing of credit and debit cards, settlement of card transactions, online payments, and point-of-sale payment terminals. We analyse the challenges SIX is facing in security testing and base our testing approaches on assumptions inferred from our findings. Specifically, the devised testing approaches are automated, applicable in black box testing scenarios, able to assess and bypass Web Application Firewalls (WAF), and use an accurate test oracle. The devised testing approaches are evaluated with SIX’ IT platform, which consists of various web services that process several thousand financial transactions daily. The main research contributions in this dissertation are: - An assessment of the impact of Web Application Firewalls and Database Intrusion Detection Systems on the accuracy of SQLi testing. - An input mutation technique that can generate a diverse set of test cases. We propose a set of mutation operators that are specifically designed to increase the likelihood of generating successful attacks. - A testing technique that assesses the attack detection capabilities of a Web Application Firewall (WAF) by systematically generating attacks that try to bypass it. - An approach that increases the attack detection capabilities of a WAF by inferring a filter rule from a set of bypassing attacks. The inferred filter rule can be added to the WAF’s rule set to prevent attacks from bypassing. - An automated test oracle that is designed to meet the specific requirements of testing in an industrial context and that is independent of any specific test case generation technique. Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Briand, Lionel [superviser], Nguyen, Duy Cu [superviser], Klein, Jacques [president of the jury], Pretschner, Alexander [member of the jury], Vieira, Marco [member of the jury].

Subjects/Keywords: Security Testing; Penetration Testing; SQL Injection; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Appelt, D. (2016). Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/27947

Chicago Manual of Style (16^th Edition):

Appelt, Dennis. “Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/27947.

MLA Handbook (7^th Edition):

Appelt, Dennis. “Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.” 2016. Web. 18 Oct 2019.

Vancouver:

Appelt D. Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/27947.

Council of Science Editors:

Appelt D. Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/27947

Université du Luxembourg

22. Codeca, Lara. Dynamic Vehicular Routing in Urban Environments.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/29015

► Traffic congestion is a persistent issue that most of the people living in a city have to face every day. Traffic density is constantly increasing… (more)

▼ Traffic congestion is a persistent issue that most of the people living in a city have to face every day. Traffic density is constantly increasing and, in many metropolitan areas, the road network has reached its limits and cannot easily be extended to meet the growing traffic demand. Intelligent Transportation System (ITS) is a world wide trend in traffic monitoring that uses technology and infrastructure improvements in advanced communication and sensors to tackle transportation issues such as mobility efficiency, safety, and traffic congestion. The purpose of ITS is to take advantage of all available technologies to improve every aspect of mobility and traffic. Our focus in this thesis is to use these advancements in technology and infrastructure to mitigate traffic congestion. We discuss the state of the art in traffic flow optimization methods, their limitations, and the benefits of a new point of view. The traffic monitoring mechanism that we propose uses vehicular telecommunication to gather the traffic information that is fundamental to the creation of a consistent overview of the traffic situation, to provision real-time information to drivers, and to optimizing their routes. In order to study the impact of dynamic rerouting on the traffic congestion experienced in the urban environment, we need a reliable representation of the traffic situation. In this thesis, traffic flow theory, together with mobility models and propagation models, are the basis to providing a simulation environment capable of providing a realistic and interactive urban mobility, which is used to test and validate our solution for mitigating traffic congestion. The topology of the urban environment plays a fundamental role in traffic optimization, not only in terms of mobility patterns, but also in the connectivity and infrastructure available. Given the complexity of the problem, we start by defining the main parameters we want to optimize, and the user interaction required, in order to achieve the goal. We aim to optimize the travel time from origin to destination with a selfish approach, focusing on each driver. We then evaluated constraints and added values of the proposed optimization, providing a preliminary study on its impact on a simple scenario. Our evaluation is made in a best-case scenario using complete information, then in a more realistic scenario with partial information on the global traffic situation, where connectivity and coverage play a major role. The lack of a general-purpose, freely-available, realistic and dependable scenario for Vehicular Ad Hoc Networks (VANETs) creates many problems in the research community in providing and comparing realistic results. To address these issues, we implemented a synthetic traffic scenario, based on a real city, to evaluate dynamic routing in a realistic urban environment. The Luxembourg SUMO Traffic (LuST) Scenario is based on the mobility derived from the City of Luxembourg. The scenario is built for the Simulator of Urban MObiltiy (SUMO) and it is compatible with Vehicles in… Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Engel, Thomas [superviser], Interdisciplinary Centre for Security, Reliability and Trust [research center].

Subjects/Keywords: Intelligent Transportation Systems; Vehicular Simulation; Vehicular Mobility Evaluation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Codeca, L. (2016). Dynamic Vehicular Routing in Urban Environments. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29015

Chicago Manual of Style (16^th Edition):

Codeca, Lara. “Dynamic Vehicular Routing in Urban Environments.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/29015.

MLA Handbook (7^th Edition):

Codeca, Lara. “Dynamic Vehicular Routing in Urban Environments.” 2016. Web. 18 Oct 2019.

Vancouver:

Codeca L. Dynamic Vehicular Routing in Urban Environments. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/29015.

Council of Science Editors:

Codeca L. Dynamic Vehicular Routing in Urban Environments. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29015

Université du Luxembourg

23. Jimenez, Matthieu. Evaluating Vulnerability Prediction Models.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/36869

► Today almost every device depends on a piece of software. As a result, our life increasingly depends on some software form such as smartphone apps,… (more)

▼ Today almost every device depends on a piece of software. As a result, our life increasingly depends on some software form such as smartphone apps, laundry machines, web applications, computers, transportation and many others, all of which rely on software. Inevitably, this dependence raises the issue of software vulnerabilities and their possible impact on our lifestyle. Over the years, researchers and industrialists suggested several approaches to detect such issues and vulnerabilities. A particular popular branch of such approaches, usually called Vulnerability Prediction Modelling (VPM) techniques, leverage prediction modelling techniques that flag suspicious (likely vulnerable) code components. These techniques rely on source code features as indicators of vulnerabilities to build the prediction models. However, the emerging question is how effective such methods are and how they can be used in practice. The present dissertation studies vulnerability prediction models and evaluates them on real and reliable playground. To this end, it suggests a toolset that automatically collects real vulnerable code instances, from major open source systems, suitable for applying VPM. These code instances are then used to analyze, replicate, compare and develop new VPMs. Specifically, the dissertation has 3 main axes: The first regards the analysis of vulnerabilities. Indeed, to build VPMs accurately, numerous data are required. However, by their nature, vulnerabilities are scarce and the information about them is spread over different sources (NVD, Git, Bug Trackers). Thus, the suggested toolset (develops an automatic way to build a large dataset) enables the reliable and relevant analysis of VPMs. The second axis focuses on the empirical comparison and analysis of existing Vulnerability Prediction Models. It thus develops and replicates existing VPMs. To this end, the thesis introduces a framework that builds, analyse and compares existing prediction models (using the already proposed sets of features) using the dataset developed on the first axis. The third axis explores the use of cross-entropy (metric used by natural language processing) as a potential feature for developing new VPMs. Cross-entropy, usually referred to as the naturalness of code, is a recent approach that measures the repetitiveness of code (relying on statistical models). Using cross-entropy, the thesis investigates different ways of building and using VPMs. Overall, this thesis provides a fully-fledge study on Vulnerability Prediction Models aiming at assessing and improving their performance. Advisors/Committee Members: Le Traon, Yves [superviser], Kelsen, Pierre [president of the jury], Papadakis, Mike [member of the jury], Sarro, Federica [member of the jury], Blanc, Xavier [member of the jury], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Security Design and Validation Research Group (SerVal) [research center].

Subjects/Keywords: Security; Vulnerability; Prediction Modelling; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Jimenez, M. (2018). Evaluating Vulnerability Prediction Models. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/36869

Chicago Manual of Style (16^th Edition):

Jimenez, Matthieu. “Evaluating Vulnerability Prediction Models.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/36869.

MLA Handbook (7^th Edition):

Jimenez, Matthieu. “Evaluating Vulnerability Prediction Models.” 2018. Web. 18 Oct 2019.

Vancouver:

Jimenez M. Evaluating Vulnerability Prediction Models. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/36869.

Council of Science Editors:

Jimenez M. Evaluating Vulnerability Prediction Models. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/36869

Université du Luxembourg

24. Bernard, Florian. Novel Methods for Multi-Shape Analysis.

Degree: 2016, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/29048

► Multi-shape analysis has the objective to recognise, classify, or quantify morphological patterns or regularities within a set of shapes of a particular object class in… (more)

▼ Multi-shape analysis has the objective to recognise, classify, or quantify morphological patterns or regularities within a set of shapes of a particular object class in order to better understand the object class of interest. One important aspect of multi-shape analysis are Statistical Shape Models (SSMs), where a collection of shapes is analysed and modelled within a statistical framework. SSMs can be used as (statistical) prior that describes which shapes are more likely and which shapes are less likely to be plausible instances of the object class of interest. Assuming that the object class of interest is known, such a prior can for example be used in order to reconstruct a three-dimensional surface from only a few known surface points. One relevant application of this surface reconstruction is 3D image segmentation in medical imaging, where the anatomical structure of interest is known a-priori and the surface points are obtained (either automatically or manually) from images. Frequently, Point Distribution Models (PDMs) are used to represent the distribution of shapes, where each shape is discretised and represented as labelled point set. With that, a shape can be interpreted as an element of a vector space, the so-called shape space, and the shape distribution in shape space can be estimated from a collection of given shape samples. One crucial aspect for the creation of PDMs that is tackled in this thesis is how to establish (bijective) correspondences across the collection of training shapes. Evaluated on brain shapes, the proposed method results in an improved model quality compared to existing approaches whilst at the same time being superior with respect to runtime. The second aspect considered in this work is how to learn a low-dimensional subspace of the shape space that is close to the training shapes, where all factors spanning this subspace have local support. Compared to previous work, the proposed method models the local support regions implicitly, such that no initialisation of the size and location of these regions is necessary, which is advantageous in scenarios where this information is not available. The third topic covered in this thesis is how to use an SSM in order to reconstruct a surface from only few surface points. By using a Gaussian Mixture Model (GMM) with anisotropic covariance matrices, which are oriented according to the surface normals, a more surface-oriented fitting is achieved compared to a purely point-based fitting when using the common Iterative Closest Point (ICP) algorithm. In comparison to ICP we find that the GMM-based approach gives superior accuracy and robustness on sparse data. Furthermore, this work covers the transformation synchronisation method, which is a procedure for removing noise that accounts for transitive inconsistency in the set of pairwise linear transformations. One interesting application of this methodology that is relevant in the context of multi-shape analysis is to solve the multi-alignment problem in an unbiased/reference-free manner. Moreover,… Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Luxembourg Centre for Systems Biomedicine (LCSB): Systems Control (Goncalves Group) [research center].

Subjects/Keywords: shape analysis; transformation synchronisation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Bernard, F. (2016). Novel Methods for Multi-Shape Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29048

Chicago Manual of Style (16^th Edition):

Bernard, Florian. “Novel Methods for Multi-Shape Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/29048.

MLA Handbook (7^th Edition):

Bernard, Florian. “Novel Methods for Multi-Shape Analysis.” 2016. Web. 18 Oct 2019.

Vancouver:

Bernard F. Novel Methods for Multi-Shape Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/29048.

Council of Science Editors:

Bernard F. Novel Methods for Multi-Shape Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29048

Université du Luxembourg

25. Pustogarov, Ivan. Deanonymisation techniques for Tor and Bitcoin.

Degree: 2015, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/21798

► This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which… (more)

▼ This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which in order to confuse an observer encrypts and re-routes traffic over random pathways through several relays before it reaches the destination. Bitcoin is a distributed payment system in which payers and payees can hide their identities behind pseudonyms (public keys) of their choice. The estimated number of daily Tor users is 2,000,000 which makes it arguable the most used anonymity network. Bitcoin is the most popular cryptocurrency with market capitalization about 3.5 billion USD. In the first part of the thesis we study the Tor network. At the beginning we show how to remotely find out which Tor relays are connected. This effectively allows for an attacker to reduce Tor users' anonymity by ruling out impossible paths in the network. Later we analyze the security of Tor Hidden Services. We look at them from different attack perspectives and provide a systematic picture of what information can be obtained with very inexpensive means. We expose flaws both in the design and implementation of Tor Hidden Services that allow an attacker to measure the popularity of arbitrary hidden services, efficiently collect hidden service descriptors (and thus get a global picture of all hidden services in Tor), take down hidden services and deanonymize hidden services. In the second part we study Bitcoin anonymity. We describe a generic method to deanonymize a significant fraction of Bitcoin users and correlate their pseudonyms with their public IP addresses. We discover that using Bitcoin through Tor not only provides limited level of anonymity but also exposes the user to man-in-the middle attacks in which an attacker controls which Bitcoin blocks and transactions the user is aware of. We show how to fingerprint Bitcoin users by setting an "address cookie" on their computers. This can be used to correlate the same user across different sessions, even if he uses Tor, hidden-services or multiple proxies. Finally, we describe a new anonymous decentralized micropayments scheme in which clients do not pay services with electronic cash directly but submit proof of work shares which the services can resubmit to a crypto-currency mining pool. Services credit users with tickets that can later be used to purchases enhanced services. Advisors/Committee Members: University of Luxembourg - UL [sponsor], Biryukov, Alex [superviser].

Subjects/Keywords: Tor; Bitcoin; Deanonymisation; Hidden Service; Micropayment; Anonymous; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Pustogarov, I. (2015). Deanonymisation techniques for Tor and Bitcoin. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/21798

Chicago Manual of Style (16^th Edition):

Pustogarov, Ivan. “Deanonymisation techniques for Tor and Bitcoin.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/21798.

MLA Handbook (7^th Edition):

Pustogarov, Ivan. “Deanonymisation techniques for Tor and Bitcoin.” 2015. Web. 18 Oct 2019.

Vancouver:

Pustogarov I. Deanonymisation techniques for Tor and Bitcoin. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/21798.

Council of Science Editors:

Pustogarov I. Deanonymisation techniques for Tor and Bitcoin. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/21798

Université du Luxembourg

26. Hammerschmidt, Christian. Learning Finite Automata via Flexible State-Merging and Applications in Networking.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/33624

► Being able to model behavior described by a linear sequence of observations (such as log files) goes a long way towards better understanding the underlying… (more)

▼ Being able to model behavior described by a linear sequence of observations (such as log files) goes a long way towards better understanding the underlying processes. This improved understanding can be very helpful in a number of activities, ranging from software (reverse) engineering to network traffic analysis. The developments in this thesis were driven by specific goals in predicting (human) behaviors captured by a software appliance observing network traffic and user requests to specific resources. Its final contributions have exceeded the original goals of the project in two important ways: I present (1) a flexible learning algorithm for finite automata accompanied by theoretical underpinning and its implementation, a contribution towards better learning algorithms, and (2) applications of the algorithm to use-cases in computer networking and beyond. The central algorithm considered in the thesis is a blue-fringe state-merging automaton learning algorithm, conducting a greedy search over feasible solutions. Its key components are a heuristic to search for consistent merges and an evaluation metric to assess the quality of a merge by assigning scores to merges. I generalize this framework by making the heuristic components explicitly parametric. While state-merging algorithms were originally defined for probabilistic and non-probabilistic finite state machines and later used to derive algorithms for more extended models such as real-time automata, the work presented here extends the scope of the algorithms to a wide range of ad-hoc defined models as well as enables the user to implement modifications to the heuristic search process. These modifications help to account for domain knowledge and richer semantics of models with a regular language core. I provide an implementation and a Python interface of the flexible state-merging framework, including stream/online and interactive variants of the algorithm based on a C++ implementation of the blue-fringe greedy search algorithm called DFASAT. The algorithm and the framework encompass and improve upon state-of-the-art approaches. The application problems considered in this thesis can be seen as classical classification and anomaly detection tasks in machine learning. The application domain is network traffic analysis with a focus on network security. I discuss the problematic properties of data from computer networks and address how using automaton models can help mitigate them. I then use the flexible state-merging approach for host profiling. I show how to efficiently learn finite state automata as behavioral profiles. These profiles can serve as digital fingerprints and help to identify malicious traffic such as botnet traffic. Moreover, I show how communication profiles can be used for sequence clustering on NetFlow data to distinguish different behaviors over time. Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], State, Radu [superviser], Verwer, Sicco [superviser], Sorger, Ulrich [president of the jury], Engel, Thomas [member of the jury], Francois, Jérome [member of the jury], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Services and Data management research group (SEDAN) [research center].

Subjects/Keywords: machine learning; grammatical inference; data science; computer networks; netflow; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Hammerschmidt, C. (2017). Learning Finite Automata via Flexible State-Merging and Applications in Networking. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/33624

Chicago Manual of Style (16^th Edition):

Hammerschmidt, Christian. “Learning Finite Automata via Flexible State-Merging and Applications in Networking.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/33624.

MLA Handbook (7^th Edition):

Hammerschmidt, Christian. “Learning Finite Automata via Flexible State-Merging and Applications in Networking.” 2017. Web. 18 Oct 2019.

Vancouver:

Hammerschmidt C. Learning Finite Automata via Flexible State-Merging and Applications in Networking. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/33624.

Council of Science Editors:

Hammerschmidt C. Learning Finite Automata via Flexible State-Merging and Applications in Networking. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/33624

Université du Luxembourg

27. Chenal, Massimo. Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/31450

► In 1978, Rivest, Adleman and Dertouzos introduced the concept of privacy homomorphism and asked whether it is possible to perform arbitrary operations on encrypted ciphertexts.… (more)

▼ In 1978, Rivest, Adleman and Dertouzos introduced the concept of privacy homomorphism and asked whether it is possible to perform arbitrary operations on encrypted ciphertexts. Thirty years later, Gentry gave a positive answer in his seminal paper at STOC 2009, by proposing an ingenious approach to construct fully homomorphic encryption (FHE) schemes. With this approach, one starts with a somewhat homomorphic encryption (SHE) scheme that can perform only limited number of operations on ciphertexts (i.e. it can evaluate only low-degree polynomials). Then, through the so-called bootstrapping step, it is possible to turn this SHE scheme into an FHE scheme. After Gentry's work, many SHE and FHE schemes have been proposed; in total, they can be divided into four categories, according to the hardness assumptions underlying each SHE (and hence, FHE) scheme: hard problems on lattices, the approximate common divisor problem, the (ring) learning with errors problem, and the NTRU encryption scheme. Even though SHE schemes are less powerful than FHE schemes, they can already be used in many useful real-world applications, such as medical and financial applications. It is therefore of primary concern to understand what level of security these SHE schemes provide. By default, all the SHE schemes developed so far offer IND-CPA security - i.e. resistant against a chosen-plaintext attack - but nothing is said about their IND-CCA1 security - i.e. secure against an adversary who is able to perform a non-adaptive chosen-ciphertext attack. Considering such an adversary is in fact a more realistic scenario. Gentry emphasized it as a future work to investigate SHE schemes with IND-CCA1 security, and the task to make some clarity about it was initiated by Loftus, May, Smart and Vercauteren: at SAC 2011 they showed how one family of SHE schemes is not IND-CCA1 secure, opening the doors to an interesting investigation on the IND-CCA1 security of the existing schemes in the other three families of schemes. In this work we therefore continue this line of research and show that most existing somewhat homomorphic encryption schemes are not IND-CCA1 secure. In fact, we show that these schemes suffer from key recovery attacks (stronger than a typical IND-CCA1 attack), which allow an adversary to completely recover the private keys through a number of decryption oracle queries. As a result, this dissertation shows that all known SHE schemes fail to provide IND-CCA1 security. While it is true that IND-CPA security may be enough to construct cryptographic protocols in presence of semi-honest attackers, key recovery attacks will pose serious threats for practical usage of SHE and FHE schemes: if a malicious attacker (or a compromised honest party) submits manipulated ciphertexts and observes the behavior (side channel leakage) of the decryptor, then it may be able to recover all plaintexts in the system. Therefore, it is very desirable to design SHE and FHE with IND-CCA1 security, or at least design them to prevent key recovery attacks. This raises… Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Ryan, Peter [superviser], Tang, Qiang [superviser], Coron, Jean-Sébastien [president of the jury], Ding, Jintai [member of the jury], Buchmann, Johannes [member of the jury], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Applied Security and Information Assurance Group (APSIA) [research center].

Subjects/Keywords: Homomorphic Encyption; Key Recovery Attacks; Somewhat Homomorphic Encryption; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Chenal, M. (2017). Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/31450

Chicago Manual of Style (16^th Edition):

Chenal, Massimo. “Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/31450.

MLA Handbook (7^th Edition):

Chenal, Massimo. “Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes.” 2017. Web. 18 Oct 2019.

Vancouver:

Chenal M. Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/31450.

Council of Science Editors:

Chenal M. Key-Recovery Attacks Against Somewhat Homomorphic Encryption Schemes. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/31450

28. Dinu, Dumitru Daniel. Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives.

Degree: 2017, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/33803

► This thesis is devoted to efficient and secure implementations of lightweight symmetric cryptographic primitives for resource-constrained devices such as wireless sensors and actuators that are… (more)

▼ This thesis is devoted to efficient and secure implementations of lightweight symmetric cryptographic primitives for resource-constrained devices such as wireless sensors and actuators that are typically deployed in remote locations. In this setting, cryptographic algorithms must consume few computational resources and withstand a large variety of attacks, including side-channel attacks. The first part of this thesis is concerned with efficient software implementations of lightweight symmetric algorithms on 8, 16, and 32-bit microcontrollers. A first contribution of this part is the development of FELICS, an open-source benchmarking framework that facilitates the extraction of comparative performance figures from implementations of lightweight ciphers. Using FELICS, we conducted a fair evaluation of the implementation properties of 19 lightweight block ciphers in the context of two different usage scenarios, which are representatives for common security services in the Internet of Things (IoT). This study gives new insights into the link between the structure of a cryptographic algorithm and the performance it can achieve on embedded microcontrollers. Then, we present the SPARX family of lightweight ciphers and describe the impact of software efficiency in the process of shaping three instances of the family. Finally, we evaluate the cost of the main building blocks of symmetric algorithms to determine which are the most efficient ones. The contributions of this part are particularly valuable for designers of lightweight ciphers, software and security engineers, as well as standardization organizations. In the second part of this work, we focus on side-channel attacks that exploit the power consumption or the electromagnetic emanations of embedded devices executing unprotected implementations of lightweight algorithms. First, we evaluate different selection functions in the context of Correlation Power Analysis (CPA) to infer which operations are easy to attack. Second, we show that most implementations of the AES present in popular open-source cryptographic libraries are vulnerable to side-channel attacks such as CPA, even in a network protocol scenario where the attacker has limited control of the input. Moreover, we describe an optimal algorithm for recovery of the master key using CPA attacks. Third, we perform the first electromagnetic vulnerability analysis of Thread, a networking stack designed to facilitate secure communication between IoT devices. The third part of this thesis lies in the area of side-channel countermeasures against power and electromagnetic analysis attacks. We study efficient and secure expressions that compute simple bitwise functions on Boolean shares. To this end, we describe an algorithm for efficient search of expressions that have an optimal cost in number of elementary operations. Then, we introduce optimal expressions for first-order Boolean masking of bitwise AND and OR operations. Finally, we analyze the performance of three lightweight block ciphers protected using the… Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Biryukov, Alex [superviser], Müller, Volker [president of the jury], Gierlichs, Benedikt [member of the jury], Page, Daniel [member of the jury], Ryan, Peter [member of the jury].

Subjects/Keywords: lightweight cryptography; efficient implementations; secure implementations; side-channel attacks; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

6 more images…

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Dinu, D. D. (2017). Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/33803

Chicago Manual of Style (16^th Edition):

Dinu, Dumitru Daniel. “Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/33803.

MLA Handbook (7^th Edition):

Dinu, Dumitru Daniel. “Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives.” 2017. Web. 18 Oct 2019.

Vancouver:

Dinu DD. Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/33803.

Council of Science Editors:

Dinu DD. Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/33803

Université du Luxembourg

29. Sanchez Guinea, Alejandro. Engineering Smart Software Services for Intelligent Pervasive Systems.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/36613

► Pervasive computing systems, envisioned as systems that blend with the physical environment to enhance the quality of life of its users, are rapidly becoming a… (more)

▼ Pervasive computing systems, envisioned as systems that blend with the physical environment to enhance the quality of life of its users, are rapidly becoming a not so distant reality. However, many challenges must be addressed before realizing the goal of having such computing systems as part of our everyday life. One such challenge is related to the problem of how to develop in a systematic way the software that lies behind pervasive systems, operating them and allowing them to intelligently adapt both to users' changing needs and to variations in the environment. In spite of the important strides done in recent years concerning the engineering of software that places the actual, immediate needs and preferences of users in the center of attention, to the best of our knowledge no work has been devoted to the study of the engineering process for building software for pervasive systems. In this dissertation we focus on the engineering process to build smart software services for pervasive systems. Specifically, we first introduce as our first major contribution a model for the systematic construction of software for pervasive systems, which has been derived using analytical, evidence-based, and empirical methodologies. Then, on the basis of the proposed model, we investigate two essential mechanisms that provide support for the engineering of value-added software services for smart environments, namely the learning of users' daily routines and the continuous identification of users. For the case of learning users' daily routines, we propose what is our second main contribution: a novel approach that discovers periodic-frequent routines in event data from sensors and smart devices deployed at home. For the continuous identification of users we propose what is our third major contribution: a novel approach based on behavioral biometrics which is able to recognize identities without requiring any specific gesture, action, or activity from the users. The two approaches proposed have been extensively evaluated through studies in the lab, based on synthetic data, and in the wild, showing that they can be effectively applied to different scenarios and environments. In sum, the engineering model proposed in this dissertation is expected to serve as a basis to further the research and development efforts in key aspects that are necessary to build value-added smart software services that bring pervasive systems closer to the way they have been envisioned. Furthermore, the approaches proposed for learning users' daily routines and recognizing users' identities in smart environments are aimed at contributing to the investigation and development of the data analytics technology necessary for the smart adaptation and evolution of the software in pervasive systems to users' needs. Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Nain, Gregory [member of the jury], Kubler, Sylvain [member of the jury], Främling, Kary [member of the jury], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Security Design and Validation Research Group (SerVal) [research center].

Subjects/Keywords: Smart software services; Pervasive systems; Smart Spaces; Engineering process; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Sanchez Guinea, A. (2018). Engineering Smart Software Services for Intelligent Pervasive Systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/36613

Chicago Manual of Style (16^th Edition):

Sanchez Guinea, Alejandro. “Engineering Smart Software Services for Intelligent Pervasive Systems.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/36613.

MLA Handbook (7^th Edition):

Sanchez Guinea, Alejandro. “Engineering Smart Software Services for Intelligent Pervasive Systems.” 2018. Web. 18 Oct 2019.

Vancouver:

Sanchez Guinea A. Engineering Smart Software Services for Intelligent Pervasive Systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/36613.

Council of Science Editors:

Sanchez Guinea A. Engineering Smart Software Services for Intelligent Pervasive Systems. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/36613

Université du Luxembourg

30. Li, Daoyuan. Transforming Time Series for Efficient and Accurate Classification.

Degree: 2018, Université du Luxembourg

URL: http://orbilu.uni.lu/handle/10993/34046

► Time series data refer to sequences of data that are ordered either temporally, spatially or in another defined order. They can be frequently found in… (more)

▼ Time series data refer to sequences of data that are ordered either temporally, spatially or in another defined order. They can be frequently found in a variety of domains, including financial data analysis, medical and health monitoring and industrial automation applications. Due to their abundance and wide application scenarios, there has been an increasing need for efficient machine learning algorithms to extract information and build knowledge from these data. One of the major tasks in time series mining is time series classification (TSC), which consists of applying a learning algorithm on labeled data to train a model that will then be used to predict the classes of samples from an unlabeled data set. Due to the sequential characteristic of time series data, state-of-the-art classification algorithms (such as SVM and Random Forest) that performs well for generic data are usually not suitable for TSC. In order to improve the performance of TSC tasks, this dissertation proposes different methods to transform time series data for a better feature extraction process as well as novel algorithms to achieve better classification performance in terms of computation efficiency and classification accuracy. In the first part of this dissertation, we conduct a large scale empirical study that takes advantage of discrete wavelet transform (DWT) for time series dimensionality reduction. We first transform real-valued time series data using different families of DWT. Then we apply dynamic time warping (DTW)-based 1NN classification on 39 datasets and find out that existing DWT-based lossy compression approaches can help to overcome the challenges of storage and computation time. Furthermore, we provide assurances to practitioners by empirically showing, with various datasets and with several DWT approaches, that TSC algorithms yield similar accuracy on both compressed (i.e., approximated) and raw time series data. We also show that, in some datasets, wavelets may actually help in reducing noisy variations which deteriorate the performance of TSC tasks. In a few cases, we note that the residual details/noises from compression are more useful for recognizing data patterns. In the second part, we propose a language model-based approach for TSC named Domain Series Corpus (DSCo), in order to take advantage of mature techniques from both time series mining and Natural Language Processing (NLP) communities. After transforming real-valued time series into texts using Symbolic Aggregate approXimation (SAX), we build per-class language models (unigrams and bigrams) from these symbolized text corpora. To classify unlabeled samples, we compute the fitness of each symbolized sample against all per-class models and choose the class represented by the model with the best fitness score. Through extensive experiments on an open dataset archive, we demonstrate that DSCo performs similarly to approaches working with original uncompressed numeric data. We further propose DSCo-NG to improve the computation efficiency and classification… Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Bissyande, Tegawendé François D Assise [president of the jury], Lin, Jessica [member of the jury], Geist, Matthieu [member of the jury].

Subjects/Keywords: Time series classification; Time series transformatioin; Multiscale Visibility Graph; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]

Record Details Similar Records Cite « Share

❌

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6^th Edition):

Li, D. (2018). Transforming Time Series for Efficient and Accurate Classification. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/34046

Chicago Manual of Style (16^th Edition):

Li, Daoyuan. “Transforming Time Series for Efficient and Accurate Classification.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed October 18, 2019. http://orbilu.uni.lu/handle/10993/34046.

MLA Handbook (7^th Edition):

Li, Daoyuan. “Transforming Time Series for Efficient and Accurate Classification.” 2018. Web. 18 Oct 2019.

Vancouver:

Li D. Transforming Time Series for Efficient and Accurate Classification. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2019 Oct 18]. Available from: http://orbilu.uni.lu/handle/10993/34046.

Council of Science Editors:

Li D. Transforming Time Series for Efficient and Accurate Classification. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/34046

Open Access Theses and Dissertations