You searched for subject:(Ing nierie informatique technologie Sciences informatiques C05 )
.
Showing records 1 – 30 of
257506 total matches.
◁ [1] [2] [3] [4] [5] … [8584] ▶
1.
Arora, Chetan.
AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/28922
► Natural Language (NL) is arguably the most common vehicle for specifying requirements. This dissertation devises automated assistance for some important tasks that requirements engineers need…
(more)
▼ Natural Language (NL) is arguably the most common vehicle for specifying requirements. This dissertation devises automated assistance for some important tasks that requirements engineers need to perform in order to structure, manage, and elaborate NL requirements in a sound and effective manner. The key enabling technology underlying the work in this dissertation is Natural Language Processing (NLP). All the solutions presented herein have been developed and empirically evaluated in close collaboration with industrial partners.
The dissertation addresses four different facets of requirements analysis:
• Checking conformance to templates. Requirements templates are an effective tool for improving the structure and quality of NL requirements statements. When templates are used for specifying the requirements, an important quality assurance task is to ensure that the requirements conform to the intended templates. We develop an automated solution for checking the conformance of requirements to templates.
• Extraction of glossary terms. Requirements glossaries (dictionaries) improve the understandability of requirements, and mitigate vagueness and ambiguity. We develop an auto- mated solution for supporting requirements analysts in the selection of glossary terms and their related terms.
• Extraction of domain models. By providing a precise representation of the main concepts in a software project and the relationships between these concepts, a domain model serves as an important artifact for systematic requirements elaboration. We propose an automated approach for domain model extraction from requirements. The extraction rules in our approach encompass both the rules already described in the literature as well as a number of important extensions developed in this dissertation.
• Identifying the impact of requirements changes. Uncontrolled change in requirements presents a major risk to the success of software projects. We address two different dimen- sions of requirements change analysis in this dissertation: First, we develop an automated approach for predicting how a change to one requirement impacts other requirements. Next, we consider the propagation of change from requirements to design. To this end, we develop an automated approach for predicting how the design of a system is impacted by changes made to the requirements.
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Briand, Lionel [superviser], Sabetzadeh, Mehrdad [superviser], Le Traon, Yves [president of the jury], Gorschek, Tony [member of the jury], Sawyer, Pete [member of the jury], Nejati, Shiva [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Arora, C. (2016). AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28922
Chicago Manual of Style (16th Edition):
Arora, Chetan. “AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/28922.
MLA Handbook (7th Edition):
Arora, Chetan. “AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING.” 2016. Web. 04 Mar 2021.
Vancouver:
Arora C. AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/28922.
Council of Science Editors:
Arora C. AUTOMATED ANALYSIS OF NATURAL-LANGUAGE REQUIREMENTS USING NATURAL LANGUAGE PROCESSING. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28922

Université du Luxembourg
2.
Di Nardo, Daniel.
Model-Based Test Automation Strategies for Data Processing Systems.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/26911
► Data processing software is an essential component of systems that aggregate and analyse real-world data, thereby enabling automated interaction between such systems and the real…
(more)
▼ Data processing software is an essential component of systems that aggregate and analyse real-world data, thereby enabling automated interaction between such systems and the real world. In data processing systems, inputs are often big and complex files that have a well-defined structure, and that often have dependencies between several of their fields. Testing of data processing systems is complex. Software engineers, in charge of testing these systems, have to handcraft complex data files of nontrivial size, while ensuring compliance with the multiple constraints to prevent the generation of trivially invalid inputs. In addition, assessing test results often means analysing complex output and log data. Complex inputs pose a challenge for the adoption of automated test data generation techniques; the adopted techniques should be able to deal with the generation of a nontrivial number of data items having complex nested structures while preserving the constraints between data fields. An additional challenge regards the automated validation of execution results.
To address the challenges of testing data processing systems, this dissertation presents a set of approaches based on data modelling and data mutation to automate testing. We propose a modelling methodology that captures the input and output data and the dependencies between them by using Unified Modeling Language (UML) class diagrams and constraints expressed in the Object Constraint Language (OCL). The UML class diagram captures the structure of the data, while the OCL constraints formally describe the interactions and associations between the data fields within the different subcomponents.
The work of this dissertation was motived by the testing needs of an industrial satellite Data Acquisition (DAQ) system; this system is the
subject of the empirical studies used within this dissertation to demonstrate the application and suitability of the approaches that we propose.
We present four model-driven approaches that address the challenges of automatically testing data processing systems. These approaches are supported by the data models generated according to our modelling methodology. The results of an empirical evaluation show that the application of the modelling methodology is scalable as the size of the model and constraints was manageable for the
subject system.
The first approach is a technique for the automated validation of test inputs and oracles; an empirical evaluation shows that the approach is scalable as the input and oracle validation process executed within reasonable times on real input files. The second approach is a model-based technique that automatically generates faulty test inputs for the purpose of robustness testing, by relying upon generic mutation operators that alter data collected in the field; an empirical evaluation shows that our automated approach achieves slightly better instruction coverage than the manual testing taking place in practice. The third approach is an evolutionary algorithm to automate the…
Advisors/Committee Members: Briand, Lionel [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Di Nardo, D. (2016). Model-Based Test Automation Strategies for Data Processing Systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/26911
Chicago Manual of Style (16th Edition):
Di Nardo, Daniel. “Model-Based Test Automation Strategies for Data Processing Systems.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/26911.
MLA Handbook (7th Edition):
Di Nardo, Daniel. “Model-Based Test Automation Strategies for Data Processing Systems.” 2016. Web. 04 Mar 2021.
Vancouver:
Di Nardo D. Model-Based Test Automation Strategies for Data Processing Systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/26911.
Council of Science Editors:
Di Nardo D. Model-Based Test Automation Strategies for Data Processing Systems. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/26911

Université du Luxembourg
3.
Li, Li.
Boosting Static Security Analysis of Android Apps through Code Instrumentation.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/29387
► Within a few years, Android has been established as a leading platform in the mobile market with over one billion monthly active Android users. To…
(more)
▼ Within a few years, Android has been established as a leading platform in the mobile market with over one billion monthly active Android users. To serve these users, the official market, Google Play, hosts around 2 million apps which have penetrated into a variety of user activities and have played an essential role in their daily life. However, this penetration has also opened doors for malicious apps, presenting big threats that can lead to severe damages.
To alleviate the security threats posed by Android apps, the literature has proposed a large body of works which propose static and dynamic approaches for identifying and managing security issues in the mobile ecosystem. Static analysis in particular, which does not require to actually execute code of Android apps, has been used extensively for market-scale analysis. In order to have a better understanding on how static analysis is applied, we conduct a systematic literature review (SLR) of related researches for Android. We studied influential research papers published in the last five years (from 2011 to 2015). Our in-depth examination on those papers reveals, among other findings, that static analysis is largely performed to uncover security and privacy issues.
The SLR also highlights that no single work has been proposed to tackle all the challenges for static analysis of Android apps. Existing approaches indeed fail to yield sound results in various analysis cases, given the different specificities of Android programming. Our objective is thus to reduce the analysis complexity of Android apps in a way that existing approaches can also succeed on their failed cases. To this end, we propose to instrument the app code for transforming a given hard problem to an easily-resolvable one (e.g., reducing an inter-app analysis problem to an intra-app analysis problem). As a result, our code instrumentation boosts existing static analyzers in a non-invasive manner (i.e., no need to modify those analyzers).
In this dissertation, we apply code instrumentation to solve three well-known challenges of static analysis of Android apps, allowing existing static security analyses to 1) be inter-component communication (ICC) aware; 2) be reflection aware; and 3) cut out common libraries.
ICC is a challenge for static analysis. Indeed, the ICC mechanism is driven at the framework level rather than the app level, leaving it invisible to app-targeted static analyzers. As a consequence, static analyzers can only build an incomplete control-flow graph (CFG) which prevents a sound analysis. To support ICC-aware analysis, we devise an approach called IccTA, which instruments app code by adding glue code that directly connects components using traditional Java class access mechanism (e.g., explicit new instantiation of target components).
Reflection is a challenge for static analysis as well because it also confuses the analysis context. To support reflection-aware analysis, we provide DroidRA, a tool-based approach, which instruments Android apps to explicitly replace reflective calls…
Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [superviser], Briand, Lionel [president of the jury], Bissyande, Tegawendé François D Assise [president of the jury], Zhang, Xiangyu [member of the jury], Backes, Michael [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Li, L. (2016). Boosting Static Security Analysis of Android Apps through Code Instrumentation. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29387
Chicago Manual of Style (16th Edition):
Li, Li. “Boosting Static Security Analysis of Android Apps through Code Instrumentation.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/29387.
MLA Handbook (7th Edition):
Li, Li. “Boosting Static Security Analysis of Android Apps through Code Instrumentation.” 2016. Web. 04 Mar 2021.
Vancouver:
Li L. Boosting Static Security Analysis of Android Apps through Code Instrumentation. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/29387.
Council of Science Editors:
Li L. Boosting Static Security Analysis of Android Apps through Code Instrumentation. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29387

Université du Luxembourg
4.
Huynen, Jean-Louis.
Socio-Technical Aspects of Security Analysis.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/29006
► This thesis seeks to establish a semi-automatic methodology for security analysis when users are considered part of the system. The thesis explores this challenge, which…
(more)
▼ This thesis seeks to establish a semi-automatic methodology for security analysis when users are considered part of the system. The thesis explores this challenge, which we refer to as ‘socio-technical security analysis’. We consider that a socio-technical vulnerability is the conjunction of a human behaviour, the factors that foster the occurrence of this behaviour, and a system. Therefore, the aim of the thesis is to investigate which human-related factors should be considered in system security, and how to incorporate these identified factors into an analysis framework.
Finding a way to systematically detect, in a system, the socio-technical vulnerabilities that can stem from insecure human behaviours, along with the factors that influence users into engaging in these behaviours is a long journey that we can summarise in three research questions:
1. How can we detect a socio-technical vulnerability in a system?
2. How can we identify in the interactions between a system and its users, the human behaviours that can harm this system’s security?
3. How can we identify the factors that foster human behaviours that are harmful to a system’s security?
A review of works that aim at bringing social
sciences findings into security analysis reveals that there is no unified way to do it. Identifying the points where users can harm a system’s security, and clarifying what factors can foster an insecure behaviour is a complex matter. Hypotheses can arise about the usability of the system, aspects pertaining to the user or the organisational context but there is no way to find and test them all. Further, there is currently no way to systematically integrate the results regarding hypotheses we tested in a security analysis. Thus, we identify two objectives related to these methodological challenges that this thesis aims at fulfilling in its contributions:
1. What form should a framework that intends to identify harmful behaviours for security, and to investigate the factors that foster their occurrence take?
2. What form should a semi-automatic, or tool-assisted methodology for the security analysis of socio-technical systems take?
The thesis provides partial answers to the questions. First it defines a methodological framework called STEAL that provides a common ground for an interdisciplinary approach to security analysis. STEAL supports the interaction between computer scientists and social scientists by providing a common reference model to describe a system with its human and non-human components, potential attacks and defences, and the surrounding context. We validate STEAL in a two experimental studies, showing the role of the context and graphical cues in Wi-Fi networks’ security.
Then the thesis complements STEAL with a Root Cause Analysis (RCA) methodology for security inspired from the ones used in safety. This methodology, called S·CREAM aims at being more systematic than the research methods that can be used with STEAL (surveys for instance) and at providing reusable findings for analysing security. To do so,…
Advisors/Committee Members: Ryan, Peter [superviser], Lenzini, Gabriele [superviser], Koenig, Vincent [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Huynen, J. (2016). Socio-Technical Aspects of Security Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29006
Chicago Manual of Style (16th Edition):
Huynen, Jean-Louis. “Socio-Technical Aspects of Security Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/29006.
MLA Handbook (7th Edition):
Huynen, Jean-Louis. “Socio-Technical Aspects of Security Analysis.” 2016. Web. 04 Mar 2021.
Vancouver:
Huynen J. Socio-Technical Aspects of Security Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/29006.
Council of Science Editors:
Huynen J. Socio-Technical Aspects of Security Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29006

Université du Luxembourg
5.
Ayetiran, Eniafe Festus.
A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.
Degree: 2017, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/31289
► Electronic data discovery (EDD), e-discovery or eDiscovery is any process by which electronically stored information (ESI) is sought, identified, collected, preserved, secured, processed, searched for…
(more)
▼ Electronic data discovery (EDD), e-discovery or eDiscovery is any process by which electronically stored information (ESI) is sought, identified, collected, preserved, secured, processed, searched for the ones relevant to civil and/or criminal litigations or regulatory matters with the intention of using them as evidence. Searching electronic document collections for relevant documents is part of eDiscovery which poses serious problems for lawyers and their clients alike. Getting efficient and effective techniques for search in eDiscovery is an interesting and still an open problem in the field of legal information systems. Researchers are shifting away from traditional keyword search to more intelligent approaches such as machine learning (ML) techniques. State-of-the-art algorithms for search in eDiscovery focus mainly on supervised approaches, mainly; supervised learning and interactive approaches. The former uses labelled examples for training systems while the latter uses human assistance in the search process to assist in retrieving relevant documents. Techniques in the latter approach include interactive query expansion among others. Both approaches are supervised form of technology assisted review (TAR). Technology assisted review is the use of technology to assist or completely automate the process of searching and retrieval of relevant documents from electronically stored information (ESI). In text retrieval/classification, supervised systems are known for their superior performance over unsupervised systems. However, two serious issues limit their application in the electronic discovery search and information retrieval (IR) in general. First, they have associated high cost in terms of finance and human effort. This is particularly responsible for the huge amount of money expended on eDiscovery on annual basis. Secondly, their case/project-specific nature does not allow for resuse, thereby contributing more to organizations' expenses when they have two or more cases involving eDiscovery.
Unsupervised systems on the other hand, is cost-effective in terms of finance and human effort. A major challenge in unsupervised ad hoc information retrieval is that of vocabulary problem which causes terms mismatch in queries and documents. While topic modelling techniques try to tackle this from the thematic point of view in the sense that both queries and documents are likely to match if they discuss about the same topic, natural language processing (NLP) approaches view it from the semantic perspective. Scalable topic modelling algorithms, just like the traditional bag of words technique, suffer from polysemy and synonymy problems. Natural language processing techniques on the other hand, while being able to considerably resolve the polysemy and synonymy problems are computationally expensive and not suitable for large collections as is the case in eDiscovery. In this thesis, we exploit the peculiarity of eDiscovery collections being composed mainly of e-mail communications and their attachments, mining topics of…
Advisors/Committee Members: Boella, Guido [superviser], Torre, Leon van der [superviser].
Subjects/Keywords: eDiscovery; unsupervised; classification; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Ayetiran, E. F. (2017). A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/31289
Chicago Manual of Style (16th Edition):
Ayetiran, Eniafe Festus. “A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/31289.
MLA Handbook (7th Edition):
Ayetiran, Eniafe Festus. “A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery.” 2017. Web. 04 Mar 2021.
Vancouver:
Ayetiran EF. A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/31289.
Council of Science Editors:
Ayetiran EF. A Combined Unsupervised Technique for Automatic Classification in Electronic Discovery. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/31289

Université du Luxembourg
6.
Klein, Johannes.
Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.
Degree: 2018, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/34542
► Computer-supported collaborative work is increasingly common in our professional and personal life. However, the expectations and requirements of the users are frequently neglected when addressing…
(more)
▼ Computer-supported collaborative work is increasingly common in our professional and personal life. However, the expectations and requirements of the users are frequently neglected when addressing the technological challenges associated with the development of a distributed collaboration system. The proposed collaboration environment employs an integrative approach to distributed compound document authoring, including both a user- and system-centric perspective on collaborative work. An interruption-free, reliable, and responsive shared work environment with a near real-time representation of the work of others is a core expectation from the users. In order to provide these features, a fine-granular, graph-based data representation has been developed to serve as the basis for this approach. The data representing individual compound document elements is partitioned over sets of three distinct nodes in the graph structure. This separation of metadata and payload data enables the precise attribution of editing operations while maintaining an adaptable and extensible data representation. User-specific preferences allow for the individualization of a user's work environment to account for personal preferences, requirements from the current collaboration scenario, or limitations of the employed computer system. Support for complex, data type-specific editing commands is integrated with a concurrent command application and Layered Consistency Management model. This enables a near real-time representation of the work of others, the preservation of the users' editing intentions, and the maintenance of a globally consistent data state. Intra- and inter-document relations retain semantic connections between distinct data structure elements. Together with an element's supplemental data, this related information enables additional, autonomous conflict resolution approaches and facilitates a comprehensive representation of the conflict in case of a manual resolution process. By integrating these functionalities into one coherent system, the users are provided with an unobtrusive, yet reliable and feature-rich distributed work environment able to actively support collaborative compound document authoring.
Advisors/Committee Members: Rothkugel, Steffen [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Klein, J. (2018). Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/34542
Chicago Manual of Style (16th Edition):
Klein, Johannes. “Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/34542.
MLA Handbook (7th Edition):
Klein, Johannes. “Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring.” 2018. Web. 04 Mar 2021.
Vancouver:
Klein J. Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/34542.
Council of Science Editors:
Klein J. Integrating User- and System-Centric Perspectives into Collaborative Compound Document Authoring. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/34542

Université du Luxembourg
7.
Wang, Chunhui.
Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.
Degree: 2017, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/32054
► The complexity of embedded software in safety-critical domains, such as automotive and avionics, has significantly increased over the years. For most embedded systems, standards require…
(more)
▼ The complexity of embedded software in safety-critical domains, such as automotive and
avionics, has significantly increased over the years. For most embedded systems, standards require
system testing to explicitly demonstrate that the software meets its functional and safety
requirements. In these domains, system test cases are often manually derived from functional requirements
in natural language plus other design artefacts, like UML statecharts. The definition of
system test cases is therefore time-consuming and error-prone, especially given the quickly rising
complexity of embedded systems.
The benefits of automatic test generation are widely acknowledged today but existing approaches
often require behavioural models that tend to be complex and expensive to produce, and
are thus often not part of development practice.
The work proposed in this dissertation focusses on the automated generation of test cases for
testing the compliance between software and its functional and timing requirements. This dissertation
is inspired by contexts where functional and timing requirements are expressed by means of
use case specifications and timing automata, respectively. This is the development context of our
industrial partner, IEE, an automotive company located in Luxembourg, who provided the case
study used to validate the approach and tool described in this dissertation.
This dissertation presents five main contributions: (1) A set of guidelines for the definition of
functional and timing requirements to enable the automated generation of system test cases. (2) A
technique for the automated generation of functional test cases from requirements elicited in the
form of use case specifications following a prescribed template and natural-language restrictions.
(3) A technique that reuses the automatically generated functional test cases to generate timeliness
test cases from minimal models of the timing requirements of the system. (4) A technique
for the automated generation of oracles for non-deterministic systems whose specifications are
expressed by means of timed automata. In the context of this dissertation, automated oracles for
non-deterministic systems are necessary to evaluate the results of the generated timeliness test
cases. (5) The evaluation of the applicability and effectiveness of the proposed guidelines and
techniques on an industrial case study, a representative automotive embedded system developed
by IEE.
Advisors/Committee Members: Briand, Lionel [superviser], Pastore, Fabrizio [superviser], Sabetzadeh, Mehrdad [president of the jury], Nejati, Shiva [president of the jury], Legeard, Bruno [member of the jury], Denaro, Giovanni [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Wang, C. (2017). Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/32054
Chicago Manual of Style (16th Edition):
Wang, Chunhui. “Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/32054.
MLA Handbook (7th Edition):
Wang, Chunhui. “Automated requirements-driven testing of embedded systems based on use case specifications and timed automata.” 2017. Web. 04 Mar 2021.
Vancouver:
Wang C. Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/32054.
Council of Science Editors:
Wang C. Automated requirements-driven testing of embedded systems based on use case specifications and timed automata. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/32054

Université du Luxembourg
8.
Toader, Bogdan.
MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics.
Degree: 2019, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/40724
► Smart mobility proved to be an important but challenging component of the smart cities paradigm. The increased urbanization and the advent of sharing economy require…
(more)
▼ Smart mobility proved to be an important but challenging component of the smart
cities paradigm. The increased urbanization and the advent of sharing economy require
a complete digitalisation of the way travellers interact with the mobility services.
New sharing mobility services and smart transportation models are emerging as partial
solutions for solving some tra c problems, improve the resource e ciency and reduce
the environmental impact. The high connectivity between travellers and the sharing
services generates enormous quantity of data which can reveal valuable knowledge and
help understanding complex travel behaviour. Advances in data science, embedded
computing, sensing systems, and arti cial intelligence technologies make the development
of a new generation of intelligent recommendation systems possible. These
systems have the potential to act as intelligent transportation advisors that can o er
recommendations for an e cient usage of the sharing services and in
uence the travel
behaviour towards a more sustainable mobility. However, their methodological and
technological requirements will far exceed the capabilities of today's smart mobility
systems.
This dissertation presents a new data-driven approach for mobility analysis and travel
behaviour pro ling for smart mobility services. The main objective of this thesis is
to investigate how the latest technologies from data science can contribute to the
development of the next generation of mobility recommendation systems.
Therefore, the main contribution of this thesis is the development of new methodologies
and tools for mobility analysis that aim at combining the domain of transportation
engineering with the domain of data science. The addressed challenges are derived from
speci c open issues and problems in the current state of the art from the smart mobility
domain. First, an intelligent recommendation system for sharing services needs a
general metric which can assess if a group of users are compatible for speci c sharing
solutions. For this problem, this thesis presents a data driven indicator for collaborative
mobility that can give an indication whether it is economically bene cial for a group
of users to share the ride, a vehicle or a parking space. Secondly, the complex sharing
mobility scenarios involve a high number of users and big data that must be handled by
capable modelling frameworks and data analytic platforms. To tackle this problem, a
suitable meta model for the transportation domain is created, using the state of the art
multi-dimensional graph data models, technologies and analytic frameworks. Thirdly,
the sharing mobility paradigm needs an user-centric approach for dynamic extraction
of travel habits and mobility patterns. To address this challenge, this dissertation
proposes a method capable of dynamically pro ling users and the visited locations in
order to extract knowledge (mobility patterns and habits) from raw data that can be
used for the implementation of shared mobility solutions. Fourthly, the entire process of
data…
Advisors/Committee Members: Viti, Francesco [superviser], Koenig, Vincent [president of the jury], Mc Call, Roderick [president of the jury], Le Traon, Yves [member of the jury], Francisco Camara, Pereira [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Toader, B. (2019). MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/40724
Chicago Manual of Style (16th Edition):
Toader, Bogdan. “MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/40724.
MLA Handbook (7th Edition):
Toader, Bogdan. “MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics.” 2019. Web. 04 Mar 2021.
Vancouver:
Toader B. MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/40724.
Council of Science Editors:
Toader B. MOBILITY ANALYSIS AND PROFILING FOR SMART MOBILITY SERVICES: A BIG DATA DRIVEN APPROACH. An Integration of Data Science and Travel Behaviour Analytics. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/40724

Université du Luxembourg
9.
Guo, Siwen.
Deep Neural Networks for Personalized Sentiment Analysis with Information Decay.
Degree: 2019, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/41205
► People have different lexical choices when expressing their opinions. Sentiment analysis, as a way to automatically detect and categorize people’s opinions in text, needs to…
(more)
▼ People have different lexical choices when expressing their opinions. Sentiment analysis, as a way to automatically detect and categorize people’s opinions in text, needs to reflect this diversity. In this research, I look beyond the traditional population-level sentiment modeling and leverage socio-psychological theories to incorporate the concept of personalized modeling. In particular, a hierarchical neural network is constructed, which takes related information from a person’s past expressions to provide a better understanding of the sentiment from the expresser’s perspective. Such personalized models can suffer from the data sparsity issue, therefore they are difficult to develop. In this work, this issue is addressed by introducing the user information at the input such that the individuality from each user can be captured without building a model for each user and the network is trained in one process.
The evolution of a person’s sentiment over time is another aspect to investigate in personalization. It can be suggested that recent incidents or opinions may have more effect on the person’s current sentiment than the older ones, and the relativeness between the targets of the incidents or opinions plays a role on the effect. Moreover, psychological studies have argued that individual variation exists in how frequently people change their sentiments. In order to study these phenomena in sentiment analysis, an attention mechanism which is reshaped with the Hawkes process is applied on top of a recurrent network for a user-specific design. Furthermore, the modified attention mechanism delivers a functionality in addition to the conventional neural networks, which offers flexibility in modeling information decay for temporal sequences with various time intervals.
The developed model targets data from social platforms and Twitter is used as an example. After experimenting with manually and automatically labeled datasets, it can be found that the input formulation for representing the concerned information and the network design are the two major impact factors of the performance. With the proposed model, positive results have been observed which confirm the effectiveness of including user-specific information. The results reciprocally support the psychological theories through the real-world actions observed. The research carried out in this dissertation demonstrates a comprehensive study of the significance of considering individuality in sentiment analysis, which opens up new perspectives for future research in the area and brings opportunities for various applications.
Advisors/Committee Members: Schommer, Christoph [superviser], van der Torre, Leon [president of the jury], Ziafati, Pouyan [member of the jury], Dong, Tiansi [member of the jury], Hui, Kai [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Guo, S. (2019). Deep Neural Networks for Personalized Sentiment Analysis with Information Decay. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/41205
Chicago Manual of Style (16th Edition):
Guo, Siwen. “Deep Neural Networks for Personalized Sentiment Analysis with Information Decay.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/41205.
MLA Handbook (7th Edition):
Guo, Siwen. “Deep Neural Networks for Personalized Sentiment Analysis with Information Decay.” 2019. Web. 04 Mar 2021.
Vancouver:
Guo S. Deep Neural Networks for Personalized Sentiment Analysis with Information Decay. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/41205.
Council of Science Editors:
Guo S. Deep Neural Networks for Personalized Sentiment Analysis with Information Decay. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/41205

Université du Luxembourg
10.
Symeonidis, Iraklis.
Analysis and Design of Privacy-Enhancing Information Sharing Systems.
Degree: 2018, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/37607
► Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can…
(more)
▼ Recent technological advancements have enabled the collection of large amounts of personal data of individuals at an ever-increasing rate. Service providers, organisations and governments can collect or otherwise acquire rich information about individuals’ everyday lives and habits from big data-silos, enabling profiling and micro-targeting such as in political elections. Therefore, it is important to analyse systems that allow the collection and information sharing between users and to design secure and privacy enhancing solutions.
This thesis contains two parts. The aim of the first part is to investigate in detail the effects of the collateral information collection of third-party applications on Facebook. The aim of the second part is to analyse in detail the security and privacy issues of car sharing systems and to design a secure and privacy-preserving solution.
In the first part, we present a detailed multi-faceted study on the collateral information collection privacy issues of Facebook applications; providers of third-party applications on Facebook exploit the interdependency between users and their friends. The goal is to (i) study the existence of the problem, (ii) investigate whether Facebook users are concerned about the issue, quantify its (iii) likelihood and (iv) impact of collateral information collection affecting users, (v) identify whether collateral information collection is an issue for the protection of the personal data of Facebook users under the legal framework, and (vi) we propose solutions that aim to solve the problem of collateral information collection. In order to investigate the views of the users, we designed a questionnaire and collected the responses of participants. Employing real data from the Facebook third-party applications ecosystem, we compute the likelihood of collateral information collection affecting users and quantify its significance evaluating the amount of attributes collected by such applications. To investigate whether collateral information collection is an issue in terms of users’ privacy we analysed the legal framework in light of the General Data Protection Regulation. To provide countermeasures, we propose a privacy dashboard extension that implements privacy scoring computations to enhance transparency towards collateral information collection.
Advisors/Committee Members: imec-COSIC [research center], Preneel, Bart [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Symeonidis, I. (2018). Analysis and Design of Privacy-Enhancing Information Sharing Systems. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/37607
Chicago Manual of Style (16th Edition):
Symeonidis, Iraklis. “Analysis and Design of Privacy-Enhancing Information Sharing Systems.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/37607.
MLA Handbook (7th Edition):
Symeonidis, Iraklis. “Analysis and Design of Privacy-Enhancing Information Sharing Systems.” 2018. Web. 04 Mar 2021.
Vancouver:
Symeonidis I. Analysis and Design of Privacy-Enhancing Information Sharing Systems. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/37607.
Council of Science Editors:
Symeonidis I. Analysis and Design of Privacy-Enhancing Information Sharing Systems. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/37607

Université du Luxembourg
11.
Iannillo, Antonio Ken.
Dependability Assessment of Android OS.
Degree: 2018, Université du Luxembourg
URL: https://akiannillo.github.io/phd_deliverables/Iannillo_phdthesis.pdf
;
http://orbilu.uni.lu/handle/10993/40961
► In this brave new world of smartphone-dependent society, dependability is a strong requirement and needs to be addressed properly. Assessing the dependability of these mobile…
(more)
▼ In this brave new world of smartphone-dependent society, dependability is a strong requirement and needs to be addressed properly. Assessing the dependability of these mobile systems is still an open issue, and companies should have the tools to improve their devices and beat the competition against other vendors. The main objective of this dissertation is to provide the methods to assess the dependability of mobile OS, fundamental for further improvements. Mobile OS are threatened mainly by traditional residual faults (when errors spread across components as failures), aging-related faults (when errors accumulate over time), and misuses by users and applications. This thesis faces these three aspects. First, it presents a qualitative method to define the fault model of a mobile OS, and an exhaustive fault model for Android. I designed and developed AndroFIT, a novel fault injection tool for Android smartphones, and performed an extensive fault injection campaign on three Android devices from different vendors to analyze the impact of component failure on the mobile OS. Second, it presents an experimental methodology to analyze the software aging phenomenon in mobile OS. I performed a software aging analysis campaign on Android devices to identify the impacting factors on performance degradation and resource consumption. Third, it presents the design and implementation of a novel fuzzing tool, namely Chizpurfle, able to automatically test Android vendor customizations by leveraging code coverage information at run-time.
Advisors/Committee Members: Cotroneo, Domenico [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Iannillo, A. K. (2018). Dependability Assessment of Android OS. (Doctoral Dissertation). Université du Luxembourg. Retrieved from https://akiannillo.github.io/phd_deliverables/Iannillo_phdthesis.pdf ; http://orbilu.uni.lu/handle/10993/40961
Chicago Manual of Style (16th Edition):
Iannillo, Antonio Ken. “Dependability Assessment of Android OS.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
https://akiannillo.github.io/phd_deliverables/Iannillo_phdthesis.pdf ; http://orbilu.uni.lu/handle/10993/40961.
MLA Handbook (7th Edition):
Iannillo, Antonio Ken. “Dependability Assessment of Android OS.” 2018. Web. 04 Mar 2021.
Vancouver:
Iannillo AK. Dependability Assessment of Android OS. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2021 Mar 04].
Available from: https://akiannillo.github.io/phd_deliverables/Iannillo_phdthesis.pdf ; http://orbilu.uni.lu/handle/10993/40961.
Council of Science Editors:
Iannillo AK. Dependability Assessment of Android OS. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: https://akiannillo.github.io/phd_deliverables/Iannillo_phdthesis.pdf ; http://orbilu.uni.lu/handle/10993/40961
12.
Martinez, Jabier.
Mining Software Artefact Variants for Product Line Migration and Analysis.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/28675
► Software Product Lines (SPLs) enable the derivation of a family of products based on variability management techniques. Inspired by the manufacturing industry, SPLs use feature…
(more)
▼ Software Product Lines (SPLs) enable the derivation of a family of products based on variability management techniques. Inspired by the manufacturing industry, SPLs use feature configurations to satisfy different customer needs, along with reusable assets associated to the features, to allow systematic and planned reuse. SPLs are reported to have numerous benefits such as time-to-market reduction, productivity increase or product quality improvement. However, the barriers to adopt an SPL are equally numerous requiring a high up-front investment in domain analysis and implementation. In this context, to create variants, companies more commonly rely on ad-hoc reuse techniques such as copy-paste-modify.
Capitalizing on existing variants by extracting the common and varying elements is referred to as extractive approaches for SPL adoption. Extractive SPL adoption allows the migration from single-system development mentality to SPL practices. Several activities are involved to achieve this goal. Due to the complexity of artefact variants, feature identification is needed to analyse the domain variability. Also, to identify the associated implementation elements of the features, their location is needed as well. In addition, feature constraints should be identified to guarantee that customers are not able to select invalid feature combinations (e.g., one feature requires or excludes another). Then, the reusable assets associated to the feature should be constructed. And finally, to facilitate the communication among stakeholders, a comprehensive feature model need to be synthesized. While several approaches have been proposed for the above-mentioned activities, extractive SPL adoption remains challenging. A recurring barrier consists in the limitation of existing techniques to be used beyond the specific types of artefacts that they initially targeted, requiring inputs and providing outputs at different granularity levels and with different representations. Seamlessly address the activities within the same environment is a challenge by itself.
This dissertation presents a unified, generic and extensible framework for mining software artefact variants in the context of extractive SPL adoption. We describe both its principles and its realization in Bottom-Up Technologies for Reuse (BUT4Reuse). Special attention is paid to model-driven development scenarios. A unified process and representation would enable practitioners and researchers to empirically analyse and compare different techniques. Therefore, we also focus on benchmarks and in the analysis of variants, in particular, in benchmarking feature location techniques and in identifying families of variants in the wild for experimenting with feature identification techniques. We also present visualisation paradigms to support domain experts on feature naming during feature identification and to support on feature constraints discovery. Finally, we investigate and discuss the mining of artefact variants for SPL analysis once the SPL is already operational. Concretely, we…
Advisors/Committee Members: Le Traon, Yves [superviser], Ziane, Mikal [superviser], Ziadi, Tewfik [superviser], Klein, Jacques [president of the jury], Poizat, Pascal [member of the jury], Jézéquel, Jean-Marc [member of the jury], Schmid, Klaus [member of the jury].
Subjects/Keywords: software product lines; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Martinez, J. (2016). Mining Software Artefact Variants for Product Line Migration and Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28675
Chicago Manual of Style (16th Edition):
Martinez, Jabier. “Mining Software Artefact Variants for Product Line Migration and Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/28675.
MLA Handbook (7th Edition):
Martinez, Jabier. “Mining Software Artefact Variants for Product Line Migration and Analysis.” 2016. Web. 04 Mar 2021.
Vancouver:
Martinez J. Mining Software Artefact Variants for Product Line Migration and Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/28675.
Council of Science Editors:
Martinez J. Mining Software Artefact Variants for Product Line Migration and Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28675

Université du Luxembourg
13.
Gallais, Jean-Francois.
Microarchitectural Side-Channel Attacks.
Degree: 2013, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/15633
► Cryptanalysis is the science which evaluates the security of a cryptosystem and detects its weaknesses and flaws. Initially confined to the black-box model, where only…
(more)
▼ Cryptanalysis is the science which evaluates the security of a cryptosystem and detects its weaknesses and flaws. Initially confined to the black-box model, where only the input and output data were considered, cryptanalysis is now broadened to the security evaluation of the physical implementation of a cryptosystem. The implementation attacks which compose physical cryptanalysis are divided into fault attacks, exploiting the effect of disruption of the normal functioning of the device, and side-channel attacks, exploiting the dependency between the instructions and data (including key bits) processed by a device and its physical characteristics (e.g. execution time, power consumption, electromagnetic (EM) radiations). In the scope of this thesis, we particularly focus on the latter attacks.
“Every computation leaks information” and lowering the physical leakages of an implementation is indeed a complex task both from cryptographic and engineering viewpoints, especially when performance and cost enter the equation. The development of adequate countermeasures necessitates a thorough knowledge of the various vulnerabilities that the microcontroller induces. Although generic side-channel attacks such as Differential Power Analysis (DPA) can generally retrieve the key with weak assumptions on a cryptographic implementation, we show in this thesis that the focus on specific components and properties from the architecture of the target device may allow an adversary to yield better success in a key recovery and sometimes to thwart DPA countermeasures.
First, we elaborate on attacks which deduce the cache activity of a device from single side-channel traces and algebraically exploit this information to recover the key. We propose different attacks against embedded software implementations of the Advanced Encryption Standard (AES) in the chosen- and known-plaintext scenarios and make them tolerant to environments where high noise or a partially preloaded cache would normally introduce errors in the key recovery. Second, we discuss the failure of standard DPA against the modular addition and propose a practical and generic approach to circumvent it.
Third, we show that microarchitectural leakages and fault inductions can be exploited in a constructive way when induced by hardware Trojans implemented on general-purpose microprocessors. Such Trojans can either provide an adversary with a backdoor access to the trojanized device executing an arbitrary cryptographic software or serve to protect the Intellectual Property (IP) of the chip designer through digital watermarking.
The last part concerns divide and conquer side-channel attacks such as DPA. Testing different combinations of key chunk candidates turns out to be very complex when the individual chunk recoveries are bounded in measurement complexity or performed in noisy environments. We address the so-called key enumeration problem with an efficient sorting method.
La cryptanalyse a pour but d’évaluer la sécurité d’un cryptosystème et de déceler ses failles. D’abord…
Advisors/Committee Members: Müller, Volker [superviser].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Gallais, J. (2013). Microarchitectural Side-Channel Attacks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/15633
Chicago Manual of Style (16th Edition):
Gallais, Jean-Francois. “Microarchitectural Side-Channel Attacks.” 2013. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/15633.
MLA Handbook (7th Edition):
Gallais, Jean-Francois. “Microarchitectural Side-Channel Attacks.” 2013. Web. 04 Mar 2021.
Vancouver:
Gallais J. Microarchitectural Side-Channel Attacks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2013. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/15633.
Council of Science Editors:
Gallais J. Microarchitectural Side-Channel Attacks. [Doctoral Dissertation]. Université du Luxembourg; 2013. Available from: http://orbilu.uni.lu/handle/10993/15633

Université du Luxembourg
14.
Bianculli, Domenico.
Open-world Software: Specification, Verification and Beyond.
Degree: 2012, Université du Luxembourg
URL: http://doc.rero.ch/record/32809
;
http://orbilu.uni.lu/handle/10993/8378
► Open-world software systems are built by composing heterogeneous,third-party components, whose behavior and interactions cannot be fully controlled or predicted; moreover, the environment they interact with…
(more)
▼ Open-world software systems are built by composing heterogeneous,third-party components, whose behavior and interactions cannot be fully controlled or predicted; moreover, the environment they interact with is characterized by frequent, unexpected, and welcome changes. This class of software exhibits new features that often demand for rethinking and extending the traditional methodologies and the accompanying methods and techniques. In this thesis we deal with a particular class of open- world software, represented by service-based applications (SBAs). We focus on three specific aspects related to the development and provisioning of SBAs: specification, verification, and reputation management. With respect to these aspects, we provide methods and techniques that are i) suitable to deal with aspects such as change, evolution, and reliance on third- parties, and ii) able to improve the overall quality of the systems they are applied to. More specifically, concerning specification, we report on the findings of a study that analyzed requirements specifications of SBAs developed in research settings and in industrial settings. These findings have then driven the design of SOLOIST, a language used to specify the interactions of SBAs. Regarding verification, our contribution is twofold; we propose: i) a technique for automatically generating the behavioral interfaces of the partner services of a service composition, by decomposing the requirements specification of the composite service; ii) a framework for the definition of verification procedures (encoded as synthesis of semantic attributes associated with a grammar) that are made incremental using an approach based on incremental parsing and attributes evaluation techniques. Finally, as for reputation management, we present a reputation-aware service execution infrastructure, which manages the reputation of services used by composite SBAs in an automated and transparent manner.
Advisors/Committee Members: Ghezzi, Carlo [superviser], Binder, Walter [member of the jury], Bultan, Tevfik [member of the jury], Dustdar, Schahram [member of the jury], Jazayeri, Mehdi [member of the jury], Uchitel, Sebastian [member of the jury].
Subjects/Keywords: Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Bianculli, D. (2012). Open-world Software: Specification, Verification and Beyond. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://doc.rero.ch/record/32809 ; http://orbilu.uni.lu/handle/10993/8378
Chicago Manual of Style (16th Edition):
Bianculli, Domenico. “Open-world Software: Specification, Verification and Beyond.” 2012. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://doc.rero.ch/record/32809 ; http://orbilu.uni.lu/handle/10993/8378.
MLA Handbook (7th Edition):
Bianculli, Domenico. “Open-world Software: Specification, Verification and Beyond.” 2012. Web. 04 Mar 2021.
Vancouver:
Bianculli D. Open-world Software: Specification, Verification and Beyond. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2012. [cited 2021 Mar 04].
Available from: http://doc.rero.ch/record/32809 ; http://orbilu.uni.lu/handle/10993/8378.
Council of Science Editors:
Bianculli D. Open-world Software: Specification, Verification and Beyond. [Doctoral Dissertation]. Université du Luxembourg; 2012. Available from: http://doc.rero.ch/record/32809 ; http://orbilu.uni.lu/handle/10993/8378

Université du Luxembourg
15.
Lanze, Fabian.
Fingerprinting Techniques for Network Security.
Degree: 2015, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/20444
► Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. The goal of this thesis is to…
(more)
▼ Fingerprinting techniques aim to identify objects such as devices, data, users, or
even attacks, based on distinctive characteristics. The goal of this thesis is to de-
velop and evaluate methods for fingerprinting in different application domains and
to contribute to a better understanding of fingerprinting in general. We concentrate
on approaches that are applicable in practice to improve the security of computer
networks. We first introduce a novel formal model of the central concepts of finger-
printing in order to relate techniques to their particular application scenario. This
model allows the comparison of approaches and the evaluation of their effectiveness
for practical use.
The evil twin attack in 802.11 networks is a severe security problem that nei-
ther the industry nor the research community has found appropriate solutions for.
Motivated by this threat, we develop novel fingerprinting methods. We address this
challenge from two angles. In our first approach we exploit minuscule yet observable
inaccuracies in crystal-oscillator-driven computer clocks. We will show that several
conclusions drawn in the related research about the efficacy of this fingerprinting
feature are false. We then enhance state-of-the-art approaches and for the first time
provide a solution for remote physical device fingerprinting performed by typical
off-the-shelf client devices that is able to mitigate the evil twin threat in practice.
The second approach focuses on fingerprinting the behavioral characteristics of soft-
ware tools that have been developed or can be misused to mount the attack. As we
will show, our fingerprinting methods, which primarily exploit unavoidable low-level
characteristics, allow the reliable detection of such an attack strategy within a few
seconds.
We then switch the perspective to the attacker’s side and investigate a finger-
printing method that has been proposed to attack anonymization networks such as
Tor by using traffic analysis, commonly referred to as website fingerprinting. We
propose a novel approach that outperforms state-of-the-art methods in this area. We
then evaluate for the first time the practical applicability of website fingerprinting
in a realistic scenario, while avoiding simplified assumptions predominantly made in
the related research. Our evaluation indicates that this particular threat, which is
considered to be a serious security problem affecting many users, is not as severe as
presumed. Therefore, concerns that have been raised and strategies for circumvent-
ing this attack that have been proposed need to be reconsidered.
Advisors/Committee Members: Engel, Thomas [superviser], Sorger, Ulrich [president of the jury], Scheuermann, Björn [member of the jury], Panchenko, Andriy [member of the jury], Spaniol, Otto [member of the jury].
Subjects/Keywords: Security; Fingerprinting; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Lanze, F. (2015). Fingerprinting Techniques for Network Security. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/20444
Chicago Manual of Style (16th Edition):
Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/20444.
MLA Handbook (7th Edition):
Lanze, Fabian. “Fingerprinting Techniques for Network Security.” 2015. Web. 04 Mar 2021.
Vancouver:
Lanze F. Fingerprinting Techniques for Network Security. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/20444.
Council of Science Editors:
Lanze F. Fingerprinting Techniques for Network Security. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/20444

Université du Luxembourg
16.
Gao, Jun.
Mining App Lineages: A Security Perspective.
Degree: 2021, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/45462
► Today’s Android ecosystem is a growing universe of a few billion devices, hundreds of millions of users, and millions of applications targeting a wide range…
(more)
▼ Today’s Android ecosystem is a growing universe of a few billion devices, hundreds of millions of users, and millions of applications targeting a wide range of activities where sensitive information is collected and processed. The security of Android apps is thus of utmost importance and needs to be addressed carefully. In the last decade, several studies have investigated Android applications from a security point of view, focusing on the detection of vulnerabilities or the appropriate usage of cryptography APIs. However, with the Android framework’s rapid iteration, new issues are continuously popping up while some old issues may not have been detected. As a result, security studies on Android apps have never been stopped.
Meanwhile, Android applications, just like other software, are developed by following an iterative process. Indeed, applications are updated regularly to fix bugs or introduce new features. In practice, to release a new version of their applications, developers need to provide a brand new installation package, which is known as an apk file. Therefore, each of these apk files stands for one version of a specific application, and the evolution of an application can be obtained by collecting all these apks. Nevertheless, the collection of these apk files are not straightforward because Android markets such as GooglePlay do not preserve the history of apk files. Instead, only the latest version of an app, i.e., the most recent apk, is provided. This fact challenges studies focusing on Android application evolution. However, history and past experiences allow us to learn from past mistakes. That is why evolutionary studies can potentially benefit both developers and users in many ways, such as: discovering trends for security issue predictions or policy evaluations, unveiling fundamental causes of vulnerabilities for prevention.
In this dissertation, by leveraging AndroZoo, a popular Android application dataset made available to
esearchers, the versioned lineages of Android apps are re-constructed. Then several securityrelevant aspects of Android applications are investigated from an evolutionary perspective. Our study begins with a wide-range investigation in which we take a deep insight into the evolution of several vulnerabilities of Android applications. Then we focus on the vulnerabilities related to crypto-API. We present our attempt to learn cryto-APIs usage from the crowd, i.e., by mining crypto-APIs usage rules from app lineages. Finally, we further narrow down the scale to a new security breach spotted by us. We elaborate on the mechanism of the breach and investigate its evolution patterns. The detailed contributions include:
Re-construction of app lineages: Android developers update their apps by providing new apk files which are the installation packages, and these apks have to be published via relevant markets. Nevertheless, mainstream Android application markets including the official market GooglePlay provide applications as a fleeing data stream where only the latest…
Advisors/Committee Members: Klein, Jacques [superviser], Bissyande, Tegawendé François D Assise [president of the jury], li, li [president of the jury], Scandariato, Riccardo [member of the jury], Sabetta, Antonino [member of the jury].
Subjects/Keywords: Android; Lineage; Security; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Gao, J. (2021). Mining App Lineages: A Security Perspective. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/45462
Chicago Manual of Style (16th Edition):
Gao, Jun. “Mining App Lineages: A Security Perspective.” 2021. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/45462.
MLA Handbook (7th Edition):
Gao, Jun. “Mining App Lineages: A Security Perspective.” 2021. Web. 04 Mar 2021.
Vancouver:
Gao J. Mining App Lineages: A Security Perspective. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2021. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/45462.
Council of Science Editors:
Gao J. Mining App Lineages: A Security Perspective. [Doctoral Dissertation]. Université du Luxembourg; 2021. Available from: http://orbilu.uni.lu/handle/10993/45462

Université du Luxembourg
17.
Koyuncu, Anil.
Boosting Automated Program Repair for Adoption By Practitioners.
Degree: 2020, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/45073
► Automated program repair (APR) attracts a huge interest from research and industry as the ultimate target in automation of software maintenance. Towards realizing this automation…
(more)
▼ Automated program repair (APR) attracts a huge interest from research and industry as the ultimate target in automation of software maintenance. Towards realizing this automation promise, the research community has explored various ideas and techniques, which are increasingly demonstrating that APR is no longer fictional. Although literature techniques constantly set new records in fixing a significant fraction of defects within well-established benchmarks, we are not aware of large-scale adoption of APR in practice. Meanwhile, open-source and commercial organizations have started to reflect on the potential of integrating some automated steps in the software development cycle. Actually, the current practice has several development settings that use a number of tools to automate and systematize various tasks such as code style checking, bug detection, and systematic patching.
Our work is motivated by this fact. We advocate that systematic and empirical exploration of the current practice that leverage tools to automate debugging tasks would provide valuable insights for rethinking and boosting the APR agenda towards its acceptability by developer communities. We have identified three investigation axes in this dissertation. First, mining software repositories towards understanding code change properties that could be valuable to guide program repair. Second, analyzing communication channels in software development in order to assess to what extent they could be relevant in a real-world program repair scenario. Third, exploring generic concepts of patching in the literature for establishing a common foundation for program repair pipelines that can be integrated with industrial settings.
This dissertation makes the following contributions to the community:
• An empirical study of tool support in a real development setting providing concrete insights on the acceptance, stability and the nature of bugs being fixed by manually-craft patches vs tool-supported patches and manifests opportunities for improving automated repair techniques.
• A novel information retrieval based bug localization approach that learns how to compute the similarity scores of various types of features.
• An automated mining strategy to infer fix pattern that can be integrated to automated program repair pipelines.
• A practical bug report driven program repair pipeline.
Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Bissyande, Tegawendé François D Assise [member of the jury], Barr, Earl [member of the jury], Pradel, Michael [member of the jury].
Subjects/Keywords: program repair; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Koyuncu, A. (2020). Boosting Automated Program Repair for Adoption By Practitioners. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/45073
Chicago Manual of Style (16th Edition):
Koyuncu, Anil. “Boosting Automated Program Repair for Adoption By Practitioners.” 2020. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/45073.
MLA Handbook (7th Edition):
Koyuncu, Anil. “Boosting Automated Program Repair for Adoption By Practitioners.” 2020. Web. 04 Mar 2021.
Vancouver:
Koyuncu A. Boosting Automated Program Repair for Adoption By Practitioners. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2020. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/45073.
Council of Science Editors:
Koyuncu A. Boosting Automated Program Repair for Adoption By Practitioners. [Doctoral Dissertation]. Université du Luxembourg; 2020. Available from: http://orbilu.uni.lu/handle/10993/45073

Université du Luxembourg
18.
Rivera, Sean.
Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System.
Degree: 2021, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/46429
► Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings, with current applications in…
(more)
▼ Robotic systems are proliferating in our society due to their capacity to carry out physical
tasks on behalf of human beings, with current applications in the military, industrial, agricultural,
and domestic fields. The Robotic Operating System (ROS) is the de-facto standard for
the development of modular robotic systems. Manufacturing and other industries use ROS
for their robots, while larger companies such as Windows and Amazon have shown interest
in supporting it, with ROS systems projected to make up most robotic systems within the
next five years. However, a focus on security is needed as ROS is notorious for the absence
of security mechanisms, placing people in danger both physically and digitally.
This dissertation presents the security shortcomings in ROS and addresses them by
developing a modular, secure framework for ROS. The research focuses on three features:
internal system defense, external system verification, and automated vulnerability detection.
This dissertation provides an integrated approach for the security of ROS-enabled robotic
systems to set a baseline for the continual development of ROS security.
Internal system defense focuses on defending ROS nodes from attacks and ensuring
system safety in compromise. ROS-Defender, a firewall for ROS leveraging Software Defined
Networking (SDN), and ROS-FM, an extension to ROS-Defender that uses the extended
Berkely Packet Filter(eBPF), are discussed. External system verification centers on
when data becomes the enemy, encompassing sensor attacks, network infrastructure attacks,
and inter-system attacks. In this section, the use of machine learning to address
sensor attacks is demonstrated, eBPF is utilized to address network infrastructure attacks,
and consensus algorithms are leveraged to mitigate inter-system attacks. Automated vulnerability
detection is perhaps the most important, focusing on detecting vulnerabilities and providing
immediate mitigating solutions to avoid downtime or system failure. Here, ROSploit,
an automated vulnerability scanner for ROS, and DiscoFuzzer, a fuzzing system designed
for robots, are discussed. ROS-Immunity combines all the components for an integrated tool
that, in conjunction with Secure-ROS, provides a suite of defenses for ROS systems against
malicious attackers.
Advisors/Committee Members: Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Services and Data management research group (SEDAN) [research center], State, Radu [superviser], Lenzini, Gabriele [president of the jury], Nita-Rotaru, Cristina [member of the jury], Becker, Sheila [member of the jury], Gurbani, Vijay [member of the jury].
Subjects/Keywords: Robotics; Security; ROS; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Rivera, S. (2021). Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/46429
Chicago Manual of Style (16th Edition):
Rivera, Sean. “Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System.” 2021. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/46429.
MLA Handbook (7th Edition):
Rivera, Sean. “Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System.” 2021. Web. 04 Mar 2021.
Vancouver:
Rivera S. Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2021. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/46429.
Council of Science Editors:
Rivera S. Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System. [Doctoral Dissertation]. Université du Luxembourg; 2021. Available from: http://orbilu.uni.lu/handle/10993/46429

Université du Luxembourg
19.
Fiz Pontiveros, Beltran.
A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.
Degree: 2019, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/39254
► Interest in the decentralised nature of blockchain-based distributed ledgers has rapidly grown over the past few years. While a portion of this interest is fuelled…
(more)
▼ Interest in the decentralised nature of blockchain-based distributed ledgers has rapidly grown over
the past few years. While a portion of this interest is fuelled by the price surge in Bitcoin towards the
end of 2017, numerous companies across industries such as healthcare and finance have shown a keen interest in this technology and begun investing in diverse research projects.
The work presented in this dissertation proposes a series of enhancements to blockchain-based distributed ledger technologies by focusing on a key element in the system: the transaction. By investigating the life cycle of a transaction in popular blockchain systems like bitcoin and ethereum, several enhancements were identified to tackle some of the challenges under active research today by the blockchain community.
Advisors/Committee Members: State, Radu [superviser].
Subjects/Keywords: blockchain; distributed ledger technology; ethereum; bitcoin; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Fiz Pontiveros, B. (2019). A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/39254
Chicago Manual of Style (16th Edition):
Fiz Pontiveros, Beltran. “A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/39254.
MLA Handbook (7th Edition):
Fiz Pontiveros, Beltran. “A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers.” 2019. Web. 04 Mar 2021.
Vancouver:
Fiz Pontiveros B. A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/39254.
Council of Science Editors:
Fiz Pontiveros B. A Transaction’s Journey: Transactional Enhancements for Public Blockchain-based Distributed Ledgers. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/39254

Université du Luxembourg
20.
Allix, Kevin.
Challenges and Outlook in Machine Learning-based Malware Detection for Android.
Degree: 2015, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/24900
► Just like in traditional desktop computing, one of the major security issues in mobile computing lies in malicious software. Several recent studies have shown that…
(more)
▼ Just like in traditional desktop computing, one of the major security issues in mobile computing
lies in malicious software. Several recent studies have shown that Android, as today’s most
widespread Operating System, is the target of most of the new families of malware.
Manually analysing an Android application to determine whether it is malicious or not is a time-
consuming process. Furthermore, because of the complexity of analysing an application, this
task can only be conducted by highly-skilled—hence hard to come by—professionals.
Researchers naturally sought to transfer this process from humans to computers to lower the
cost of detecting malware. Machine-Learning techniques, looking at patterns amongst known
malware and inferring models of what discriminates malware from goodware, have long been
summoned to build malware detectors.
The vast quantity of data involved in malware detection, added to the fact that we do not know a
priori how to express in technical terms the difference between malware and goodware, indeed
makes the malware detection question a seemingly textbook example of a possible Machine-
Learning application.
Despite the vast amount of literature published on the topic of detecting malware with machine-
learning, malware detection is not a solved problem. In this Thesis, we investigate issues that
affect performance evaluation and that thus may render current machine learning-based mal-
ware detectors for Android hardly usable in practical settings, and we propose an approach to
overcome those issues. While the experiments presented in this thesis all rely on feature-sets
obtained through lightweight static analysis, several of our findings could apply equally to all
Machine Learning-based malware detection approaches.
In the first part of this thesis, background information on machine-learning and on malware
detection is provided, and the related work is described. A snapshot of the malware landscape
in Android application markets is then presented.
The second part discusses three pitfalls hindering the evaluation of malware detectors. We show
with extensive experiments how validation methodology, History-unaware dataset construction
and the choice of a ground truth can heavily interfere with the performance results of malware
detectors.
In a third part, we present an practical approach to detect Android Malware in real-world settings.
We then propose several research paths to get closer to our long term goal of building practical,
dependable and predictable Android Malware detectors.
Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Bissyande, Tegawendé François D Assise [member of the jury], Cavallaro, Lorenzo [member of the jury], Rossow, Christian [member of the jury].
Subjects/Keywords: Machine-Learning; Malware; Android; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Allix, K. (2015). Challenges and Outlook in Machine Learning-based Malware Detection for Android. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/24900
Chicago Manual of Style (16th Edition):
Allix, Kevin. “Challenges and Outlook in Machine Learning-based Malware Detection for Android.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/24900.
MLA Handbook (7th Edition):
Allix, Kevin. “Challenges and Outlook in Machine Learning-based Malware Detection for Android.” 2015. Web. 04 Mar 2021.
Vancouver:
Allix K. Challenges and Outlook in Machine Learning-based Malware Detection for Android. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/24900.
Council of Science Editors:
Allix K. Challenges and Outlook in Machine Learning-based Malware Detection for Android. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/24900

Université du Luxembourg
21.
Nielsen, Sune Steinbjorn.
Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/28226
► Protein structure prediction is an essential step in understanding the molecular mechanisms of living cells with widespread applications in biotechnology and health. Among the open…
(more)
▼ Protein structure prediction is an essential step in understanding the molecular mechanisms of living cells with widespread applications in biotechnology and health.
Among the open problems in the field, the Inverse Folding Problem (IFP) that consists in finding sequences that fold into a defined structure is, in itself, an important research problem at the heart of most rational protein design approaches. In brief, solutions to the IFP are protein sequences that will fold into a given protein structure, contrary to conventional structure prediction where the solution consists of the structure into which a given sequence folds. This inverse approach is viewed as a simplification due to the fact that the near infinite number of structure conformations of a protein can be disregarded, and only sequence to structure compatibility needs to be determined. Additional emphasis has been put on the generation of many sequences dissimilar from the known reference sequence instead of finding only one solution. To solve the IFP computationally, a novel formulation of the problem was proposed in which possible problem solutions are evaluated in terms of their predicted secondary structure match. In addition, two specialised Genetic Algorithms (GAs) were developed specifically for solving the IFP problem and compared with existing algorithms in terms of performance. Experimental results outlined the superior performance of the developed algorithms, both in terms of model score and diversity of the generated sets of problem solutions, i.e. new protein sequences. A number of landscape analysis experiments were conducted on the IFP model, enabling the development of an original benchmark suite of analogous problems. These benchmarks were shown to share many characteristics with their IFP model counterparts, but are executable in a fraction of the time. To validate the IFP model and the algorithm output, a subset of the generated solutions were selected for further inspection through full tertiary structure prediction and comparison to the original protein structure. Congruence was then assessed by super-positioning and secondary structure annotation statistics. The results demonstrated that an optimisation process relying on a fast secondary structure approximation, such as the IFP model, permits to obtain meaningful sequences.
Advisors/Committee Members: AFR [sponsor], University of Luxembourg: High Performance Computing - ULHPC [research center], Bouvry, Pascal [superviser], Schneider, Reinhard [president of the jury], Talbi, El-Ghazali [member of the jury], Danoy, Grégoire [member of the jury], Jurkowski, Wiktor [member of the jury].
Subjects/Keywords: Genetic Algorithms; Inverted Folding Problem; Diversity Preservation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Nielsen, S. S. (2016). Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/28226
Chicago Manual of Style (16th Edition):
Nielsen, Sune Steinbjorn. “Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/28226.
MLA Handbook (7th Edition):
Nielsen, Sune Steinbjorn. “Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks.” 2016. Web. 04 Mar 2021.
Vancouver:
Nielsen SS. Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/28226.
Council of Science Editors:
Nielsen SS. Diversity Preserving Genetic Algorithms - Application to the Inverted Folding Problem and Analogous Formulated Benchmarks. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/28226

Université du Luxembourg
22.
Kampas, Dimitrios.
Topic Identification Considering Word Order by Using Markov Chains.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/27805
► Automated topic identification of text has gained a significant attention since a vast amount of documents in digital forms are widespread and continuously increasing. Probabilistic…
(more)
▼ Automated topic identification of text has gained a significant attention since a vast amount of documents in digital forms are widespread and continuously increasing. Probabilistic topic models are a family of statistical methods that unveil the latent structure of the documents defining the model that generates the text a priori.
They infer about the topic(s) of a document considering the bag-of-words assumption, which is unrealistic considering the sophisticated structure of the language. The result of such a simplification is the extraction of topics that are vague in terms of their interpretability since they disregard any relations among the words that may settle word ambiguity. Topic models miss significant structural information inherent in the word order of a document.
In this thesis we introduce a novel stochastic topic identifier for text data that addresses the above shortcomings. The primary motivation of this work is initiated by the assertion that word order reveals text semantics in a human-like way. Our approach recognizes an on-topic document trained solely on the experience of an on-class corpus. It incorporates the word order in terms of word groups to deal with data sparsity of conventional n-gram language models that usually require a large volume of training data. Markov chains hereby provide a reliable potential to capture short and long range language dependencies for topic identification. Words are deterministically associated with classes to improve the probability estimates of the infrequent ones. We demonstrate our approach and motivate its eligibility on several datasets of different domains and languages. Moreover, we present a pioneering work by introducing a hypothesis testing experiment that strengthens the claim that word order is a significant factor for topic identification. Stochastic topic identifiers are a promising initiative for building more sophisticated topic identification systems in the future.
Advisors/Committee Members: Schommer, Christoph [superviser].
Subjects/Keywords: Topic identification; Stochastic classifier; Finance; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Kampas, D. (2016). Topic Identification Considering Word Order by Using Markov Chains. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/27805
Chicago Manual of Style (16th Edition):
Kampas, Dimitrios. “Topic Identification Considering Word Order by Using Markov Chains.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/27805.
MLA Handbook (7th Edition):
Kampas, Dimitrios. “Topic Identification Considering Word Order by Using Markov Chains.” 2016. Web. 04 Mar 2021.
Vancouver:
Kampas D. Topic Identification Considering Word Order by Using Markov Chains. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/27805.
Council of Science Editors:
Kampas D. Topic Identification Considering Word Order by Using Markov Chains. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/27805

Université du Luxembourg
23.
Titcheu Chekam, Thierry.
Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing.
Degree: 2019, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/40442
► Software testing is the main quality assurance technique used in software engineering. In fact, companies that develop software and open-source communities alike actively integrate testing…
(more)
▼ Software testing is the main quality assurance technique used in software engineering. In fact, companies that develop software and open-source communities alike actively integrate testing into their software development life cycle. In order to guide and give objectives for the software testing process, researchers have designed test adequacy criteria (TAC) which, define the properties of a software that must be covered in order to constitute a thorough test suite. Many TACs have been designed in the literature, among which, the widely used statement and branch TAC, as well as the fault-based TAC named mutation. It has been shown in the literature that mutation is effective at revealing fault in software, nevertheless, mutation adoption in practice is still lagging due to its cost.
Ideally, TACs that are most likely to lead to higher fault revelation are desired for testing and, the fault-revelation of test suites is expected to increase as their coverage of TACs test objectives increase. However, the question of which TAC best guides software testing towards fault revelation remains controversial and open, and, the relationship between TACs test objectives’ coverage and fault-revelation remains unknown. In order to increase knowledge and provide answers about these issues, we conducted, in this dissertation, an empirical study that evaluates the relationship between test objectives’ coverage and fault-revelation for four TACs (statement, branch coverage and, weak and strong mutation). The study showed that fault-revelation increase with coverage only beyond some coverage threshold and, strong mutation TAC has highest fault revelation.
Despite the benefit of higher fault-revelation that strong mutation TAC provide for software testing, software practitioners are still reluctant to integrate strong mutation into their software testing activities. This happens mainly because of the high cost of mutation analysis, which is related to the large number of mutants and the limitation in the automation of test generation for strong mutation.
Several approaches have been proposed, in the literature, to tackle the analysis’ cost issue of strong mutation. Mutant selection (reduction) approaches aim to reduce the number of mutants used for testing by selecting a small subset of mutation operator to apply during mutants generation, thus, reducing the number of analyzed mutants. Nevertheless, those approaches are not more effective, w.r.t. fault-revelation, than random mutant sampling (which leads to a high loss in fault revelation). Moreover, there is not much work in the literature that regards cost-effective automated test generation for strong mutation. This dissertation proposes two techniques, FaRM and SEMu, to reduce the cost of mutation testing. FaRM statically selects and prioritizes mutants that lead to faults (fault-revealing mutants), in order to reduce the number of mutants (fault-revealing mutants represent a very small proportion of the generated mutants). SEMu automatically generates tests that strongly kill…
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Security Design and Validation Research Group (SerVal) [research center], Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Papadakis, Mike [member of the jury], Demeyer, Serge [member of the jury], Tonella, Paolo [member of the jury].
Subjects/Keywords: Software Testing; Test Criteria; Mutation; Machine Learning; Symbolic Execution; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Titcheu Chekam, T. (2019). Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/40442
Chicago Manual of Style (16th Edition):
Titcheu Chekam, Thierry. “Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/40442.
MLA Handbook (7th Edition):
Titcheu Chekam, Thierry. “Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing.” 2019. Web. 04 Mar 2021.
Vancouver:
Titcheu Chekam T. Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/40442.
Council of Science Editors:
Titcheu Chekam T. Assessment and Improvement of the Practical Use of Mutation for Automated Software Testing. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/40442

Université du Luxembourg
24.
Appelt, Dennis.
Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/27947
► Injection vulnerabilities, such as SQL injection (SQLi), are ranked amongst the most dangerous types of vulnerabilities. Despite having received much attention from academia and practitioners,…
(more)
▼ Injection vulnerabilities, such as SQL injection (SQLi), are ranked amongst the most dangerous types of vulnerabilities. Despite having received much attention from academia and practitioners, the prevalence of SQLi is common and the impact of their successful exploitation is severe. In this dissertation, we propose several security testing approaches that evaluate web applications and services for vulnerabilities and common IT infrastructure components such as for their resilience against attacks. Each of the presented approaches covers a different aspect of security testing, e.g. the generation of test cases or the definition of test oracles, and in combination they provide a holistic approach.
The work presented in this dissertation was conducted in collaboration with SIX Payment Services (formerly CETREL S.A.). SIX Payment Services is a leading provider of financial services in the area of payment processing, e.g. issuing of credit and debit cards, settlement of card transactions, online payments, and point-of-sale payment terminals. We analyse the challenges SIX is facing in security testing and base our testing approaches on assumptions inferred from our findings. Specifically, the devised testing approaches are automated, applicable in black box testing scenarios, able to assess and bypass Web Application Firewalls (WAF), and use an accurate test oracle. The devised testing approaches are evaluated with SIX’ IT platform, which consists of various web services that process several thousand financial transactions daily.
The main research contributions in this dissertation are:
- An assessment of the impact of Web Application Firewalls and
Database Intrusion Detection Systems on the accuracy of
SQLi testing.
- An input mutation technique that can generate a diverse set of
test cases. We propose a set of mutation operators that are
specifically designed to increase the likelihood of generating
successful attacks.
- A testing technique that assesses the attack detection capabilities
of a Web Application Firewall (WAF) by systematically generating attacks that try to bypass it.
- An approach that increases the attack detection capabilities of a WAF by
inferring a filter rule from a set of bypassing attacks. The
inferred filter rule can be added to the WAF’s rule set to prevent
attacks from bypassing.
- An automated test oracle that is designed to meet the specific
requirements of testing in an industrial context and that is
independent of any specific test case generation technique.
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Briand, Lionel [superviser], Nguyen, Duy Cu [superviser], Klein, Jacques [president of the jury], Pretschner, Alexander [member of the jury], Vieira, Marco [member of the jury].
Subjects/Keywords: Security Testing; Penetration Testing; SQL Injection; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Appelt, D. (2016). Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/27947
Chicago Manual of Style (16th Edition):
Appelt, Dennis. “Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/27947.
MLA Handbook (7th Edition):
Appelt, Dennis. “Automated Security Testing of Web-Based Systems Against SQL Injection Attacks.” 2016. Web. 04 Mar 2021.
Vancouver:
Appelt D. Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/27947.
Council of Science Editors:
Appelt D. Automated Security Testing of Web-Based Systems Against SQL Injection Attacks. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/27947

Université du Luxembourg
25.
Codeca, Lara.
Dynamic Vehicular Routing in Urban Environments.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/29015
► Traffic congestion is a persistent issue that most of the people living in a city have to face every day. Traffic density is constantly increasing…
(more)
▼ Traffic congestion is a persistent issue that most of the people living in a city have to face every day. Traffic density is constantly increasing and, in many metropolitan areas, the road network has reached its limits and cannot easily be extended to meet the growing traffic demand. Intelligent Transportation System (ITS) is a world wide trend in traffic monitoring that uses technology and infrastructure improvements in advanced communication and sensors to tackle transportation issues such as mobility efficiency, safety, and traffic congestion. The purpose of ITS is to take advantage of all available technologies to improve every aspect of mobility and traffic. Our focus in this thesis is to use these advancements in technology and infrastructure to mitigate traffic congestion. We discuss the state of the art in traffic flow optimization methods, their limitations, and the benefits of a new point of view. The traffic monitoring mechanism that we propose uses vehicular telecommunication to gather the traffic information that is fundamental to the creation of a consistent overview of the traffic situation, to provision real-time information to drivers, and to optimizing their routes.
In order to study the impact of dynamic rerouting on the traffic congestion experienced in the urban environment, we need a reliable representation of the traffic situation. In this thesis, traffic flow theory, together with mobility models and propagation models, are the basis to providing a simulation environment capable of providing a realistic and interactive urban mobility, which is used to test and validate our solution for mitigating traffic congestion. The topology of the urban environment plays a fundamental role in traffic optimization, not only in terms of mobility patterns, but also in the connectivity and infrastructure available. Given the complexity of the problem, we start by defining the main parameters we want to optimize, and the user interaction required, in order to achieve the goal. We aim to optimize the travel time from origin to destination with a selfish approach, focusing on each driver. We then evaluated constraints and added values of the proposed optimization, providing a preliminary study on its impact on a simple scenario. Our evaluation is made in a best-case scenario using complete information, then in a more realistic scenario with partial information on the global traffic situation, where connectivity and coverage play a major role. The lack of a general-purpose, freely-available, realistic and dependable scenario for Vehicular Ad Hoc Networks (VANETs) creates many problems in the research community in providing and comparing realistic results. To address these issues, we implemented a synthetic traffic scenario, based on a real city, to evaluate dynamic routing in a realistic urban environment. The Luxembourg SUMO Traffic (LuST) Scenario is based on the mobility derived from the City of Luxembourg. The scenario is built for the Simulator of Urban MObiltiy (SUMO) and it is compatible with Vehicles in…
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Interdisciplinary Centre for Security, Reliability and Trust [research center], Engel, Thomas [superviser].
Subjects/Keywords: Intelligent Transportation Systems; Vehicular Simulation; Vehicular Mobility Evaluation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Codeca, L. (2016). Dynamic Vehicular Routing in Urban Environments. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29015
Chicago Manual of Style (16th Edition):
Codeca, Lara. “Dynamic Vehicular Routing in Urban Environments.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/29015.
MLA Handbook (7th Edition):
Codeca, Lara. “Dynamic Vehicular Routing in Urban Environments.” 2016. Web. 04 Mar 2021.
Vancouver:
Codeca L. Dynamic Vehicular Routing in Urban Environments. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/29015.
Council of Science Editors:
Codeca L. Dynamic Vehicular Routing in Urban Environments. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29015

Université du Luxembourg
26.
Jimenez, Matthieu.
Evaluating Vulnerability Prediction Models.
Degree: 2018, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/36869
► Today almost every device depends on a piece of software. As a result, our life increasingly depends on some software form such as smartphone apps,…
(more)
▼ Today almost every device depends on a piece of software. As a result, our life increasingly depends on some software form such as smartphone apps, laundry machines, web applications, computers, transportation and many others, all of which rely on software. Inevitably, this dependence raises the issue of software vulnerabilities and their possible impact on our lifestyle. Over the years, researchers and industrialists suggested several approaches to detect such issues and vulnerabilities. A particular popular branch of such approaches, usually called Vulnerability Prediction Modelling (VPM) techniques, leverage prediction modelling techniques that flag suspicious (likely vulnerable) code components. These techniques rely on source code features as indicators of vulnerabilities to build the prediction models. However, the emerging question is how effective such methods are and how they can be used in practice.
The present dissertation studies vulnerability prediction models and evaluates them on real and reliable playground. To this end, it suggests a toolset that automatically collects real vulnerable code instances, from major open source systems, suitable for applying VPM. These code instances are then used to analyze, replicate, compare and develop new VPMs. Specifically, the dissertation has 3 main axes:
The first regards the analysis of vulnerabilities. Indeed, to build VPMs accurately, numerous data are required. However, by their nature, vulnerabilities are scarce and the information about them is spread over different sources (NVD, Git, Bug Trackers). Thus, the suggested toolset (develops an automatic way to build a large dataset) enables the reliable and relevant analysis of VPMs.
The second axis focuses on the empirical comparison and analysis of existing Vulnerability Prediction Models. It thus develops and replicates existing VPMs. To this end, the thesis introduces a framework that builds, analyse and compares existing prediction models (using the already proposed sets of features) using the dataset developed on the first axis.
The third axis explores the use of cross-entropy (metric used by natural language processing) as a potential feature for developing new VPMs. Cross-entropy, usually referred to as the naturalness of code, is a recent approach that measures the repetitiveness of code (relying on statistical models). Using cross-entropy, the thesis investigates different ways of building and using VPMs.
Overall, this thesis provides a fully-fledge study on Vulnerability Prediction Models aiming at assessing and improving their performance.
Advisors/Committee Members: Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Security Design and Validation Research Group (SerVal) [research center], Le Traon, Yves [superviser], Kelsen, Pierre [president of the jury], Papadakis, Mike [member of the jury], Sarro, Federica [member of the jury], Blanc, Xavier [member of the jury].
Subjects/Keywords: Security; Vulnerability; Prediction Modelling; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Jimenez, M. (2018). Evaluating Vulnerability Prediction Models. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/36869
Chicago Manual of Style (16th Edition):
Jimenez, Matthieu. “Evaluating Vulnerability Prediction Models.” 2018. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/36869.
MLA Handbook (7th Edition):
Jimenez, Matthieu. “Evaluating Vulnerability Prediction Models.” 2018. Web. 04 Mar 2021.
Vancouver:
Jimenez M. Evaluating Vulnerability Prediction Models. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2018. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/36869.
Council of Science Editors:
Jimenez M. Evaluating Vulnerability Prediction Models. [Doctoral Dissertation]. Université du Luxembourg; 2018. Available from: http://orbilu.uni.lu/handle/10993/36869

Université du Luxembourg
27.
Bernard, Florian.
Novel Methods for Multi-Shape Analysis.
Degree: 2016, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/29048
► Multi-shape analysis has the objective to recognise, classify, or quantify morphological patterns or regularities within a set of shapes of a particular object class in…
(more)
▼ Multi-shape analysis has the objective to recognise, classify, or quantify morphological patterns or regularities within a set of shapes of a particular object class in order to better understand the object class of interest. One important aspect of multi-shape analysis are Statistical Shape Models (SSMs), where a collection of shapes is analysed and modelled within a statistical framework. SSMs can be used as (statistical) prior that describes which shapes are more likely and which shapes are less likely to be plausible instances of the object class of interest. Assuming that the object class of interest is known, such a prior can for example be used in order to reconstruct a three-dimensional surface from only a few known surface points. One relevant application of this surface reconstruction is 3D image segmentation in medical imaging, where the anatomical structure of interest is known a-priori and the surface points are obtained (either automatically or manually) from images. Frequently, Point Distribution Models (PDMs) are used to represent the distribution of shapes, where each shape is discretised and represented as labelled point set. With that, a shape can be interpreted as an element of a vector space, the so-called shape space, and the shape distribution in shape space can be estimated from a collection of given shape samples. One crucial aspect for the creation of PDMs that is tackled in this thesis is how to establish (bijective) correspondences across the collection of training shapes. Evaluated on brain shapes, the proposed method results in an improved model quality compared to existing approaches whilst at the same time being superior with respect to runtime. The second aspect considered in this work is how to learn a low-dimensional subspace of the shape space that is close to the training shapes, where all factors spanning this subspace have local support. Compared to previous work, the proposed method models the local support regions implicitly, such that no initialisation of the size and location of these regions is necessary, which is advantageous in scenarios where this information is not available. The third topic covered in this thesis is how to use an SSM in order to reconstruct a surface from only few surface points. By using a Gaussian Mixture Model (GMM) with anisotropic covariance matrices, which are oriented according to the surface normals, a more surface-oriented fitting is achieved compared to a purely point-based fitting when using the common Iterative Closest Point (ICP) algorithm. In comparison to ICP we find that the GMM-based approach gives superior accuracy and robustness on sparse data. Furthermore, this work covers the transformation synchronisation method, which is a procedure for removing noise that accounts for transitive inconsistency in the set of pairwise linear transformations. One interesting application of this methodology that is relevant in the context of multi-shape analysis is to solve the multi-alignment problem in an unbiased/reference-free manner. Moreover,…
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Luxembourg Centre for Systems Biomedicine (LCSB): Systems Control (Goncalves Group) [research center].
Subjects/Keywords: shape analysis; transformation synchronisation; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Bernard, F. (2016). Novel Methods for Multi-Shape Analysis. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/29048
Chicago Manual of Style (16th Edition):
Bernard, Florian. “Novel Methods for Multi-Shape Analysis.” 2016. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/29048.
MLA Handbook (7th Edition):
Bernard, Florian. “Novel Methods for Multi-Shape Analysis.” 2016. Web. 04 Mar 2021.
Vancouver:
Bernard F. Novel Methods for Multi-Shape Analysis. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2016. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/29048.
Council of Science Editors:
Bernard F. Novel Methods for Multi-Shape Analysis. [Doctoral Dissertation]. Université du Luxembourg; 2016. Available from: http://orbilu.uni.lu/handle/10993/29048

Université du Luxembourg
28.
Hurier, Médéric.
Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts.
Degree: 2019, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/39903
► Mobile applications are essential for interacting with technology and other people. With more than 2 billion devices deployed all over the world, Android offers a…
(more)
▼ Mobile applications are essential for interacting with technology and other people. With more than 2 billion devices deployed all over the world, Android offers a thriving ecosystem by making accessible the work of thousands of developers on digital marketplaces such as Google Play. Nevertheless, the success of Android also exposes millions of users to malware authors who seek to siphon private information and hijack mobile devices for their benefits.
To fight against the proliferation of Android malware, the security community embraced machine learning, a branch of artificial intelligence that powers a new generation of detection systems. Machine learning algorithms, however, require a substantial number of qualified samples to learn the classification rules enforced by security experts. Unfortunately, malware ground truths are notoriously hard to construct due to the inherent complexity of Android applications and the global lack of public information about malware. In a context where both information and human resources are limited, the security community is in demand for new approaches to aid practitioners to accurately define Android malware, automate classification decisions, and improve the comprehension of Android malware.
This dissertation proposes three solutions to assist with the creation of malware ground truths.
The first contribution is STASE, an analytical framework that qualifies the composition of malware ground truths. STASE reviews the information shared by antivirus products with nine metrics in order to support the reproducibility of research experiments and detect potential biases. This dissertation reports the results of STASE against three typical settings and suggests additional recommendations for designing experiments based on Android malware.
The second contribution is EUPHONY, a heuristic system built to unify family clusters belonging to malware ground truths. EUPHONY exploits the co-occurrence of malware labels obtained from antivirus reports to study the relationship between Android applications and proposes a single family name per sample for the sake of facilitating malware experiments. This dissertation evaluates EUPHONY on well-known malware ground truths to assess the precision of our approach and produce a large dataset of malware tags for the research community.
The third contribution is AP-GRAPH, a knowledge database for dissecting the characteristics of malware ground truths. AP-GRAPH leverages the results of EUPHONY and static analysis to index artifacts that are highly correlated with malware activities and recommend the inspection of the most suspicious components. This dissertation explores the set of artifacts retrieved by AP-GRAPH from popular malware families to track down their correlation and their evolution compared to other malware populations.
Advisors/Committee Members: Le Traon, Yves [superviser], Klein, Jacques [president of the jury], Bissyande, Tegawendé François D Assise [member of the jury], Lalande, Jean-François [member of the jury], Octeau, Damien [member of the jury].
Subjects/Keywords: android; malware; ground-truth; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Hurier, M. (2019). Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/39903
Chicago Manual of Style (16th Edition):
Hurier, Médéric. “Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts.” 2019. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/39903.
MLA Handbook (7th Edition):
Hurier, Médéric. “Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts.” 2019. Web. 04 Mar 2021.
Vancouver:
Hurier M. Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2019. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/39903.
Council of Science Editors:
Hurier M. Creating better ground truth to further understand Android malware: A large scale mining approach based on antivirus labels and malicious artifacts. [Doctoral Dissertation]. Université du Luxembourg; 2019. Available from: http://orbilu.uni.lu/handle/10993/39903

Université du Luxembourg
29.
Pustogarov, Ivan.
Deanonymisation techniques for Tor and Bitcoin.
Degree: 2015, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/21798
► This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which…
(more)
▼ This thesis is devoted to low-resource off-path deanonymisation techniques for two popular systems, Tor and Bitcoin. Tor is a software and an anonymity network which in order to confuse an observer encrypts and re-routes traffic over random pathways through several relays before it reaches the destination. Bitcoin is a distributed payment system in
which payers and payees can hide their identities behind pseudonyms (public keys) of their choice. The estimated number of daily Tor users is 2,000,000 which makes it arguable the most used anonymity network.
Bitcoin is the most popular cryptocurrency with market capitalization about 3.5 billion USD. In the first part of the thesis we study the Tor network. At the beginning we show how to remotely find out which Tor relays are connected. This effectively allows for an attacker to reduce Tor users' anonymity by ruling out impossible paths in the network. Later we analyze the security of Tor Hidden Services. We look at them from
different attack perspectives and provide a systematic picture of what information can be obtained with very inexpensive means. We expose flaws both in the design and implementation of Tor Hidden Services that allow an attacker to measure the popularity of arbitrary hidden services, efficiently collect hidden service descriptors (and thus get a global picture of all hidden services in Tor), take down hidden services and deanonymize hidden services. In the second part we study Bitcoin anonymity. We describe a generic method to deanonymize a significant fraction of Bitcoin users and correlate their pseudonyms with their public IP addresses. We discover that using Bitcoin through Tor not only provides limited level of anonymity but also exposes the user to man-in-the middle attacks in which an attacker controls which Bitcoin blocks and transactions the user is aware of. We show how to fingerprint Bitcoin users by setting an "address cookie" on their computers. This can be used to correlate the
same user across different sessions, even if he uses Tor, hidden-services or multiple proxies.
Finally, we describe a new anonymous decentralized micropayments scheme in which clients do not pay services with electronic cash directly but submit proof of work shares which the services can resubmit to a
crypto-currency mining pool. Services credit users with tickets that can later be used to purchases enhanced services.
Advisors/Committee Members: University of Luxembourg - UL [sponsor], Biryukov, Alex [superviser].
Subjects/Keywords: Tor; Bitcoin; Deanonymisation; Hidden Service; Micropayment; Anonymous; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Pustogarov, I. (2015). Deanonymisation techniques for Tor and Bitcoin. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/21798
Chicago Manual of Style (16th Edition):
Pustogarov, Ivan. “Deanonymisation techniques for Tor and Bitcoin.” 2015. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/21798.
MLA Handbook (7th Edition):
Pustogarov, Ivan. “Deanonymisation techniques for Tor and Bitcoin.” 2015. Web. 04 Mar 2021.
Vancouver:
Pustogarov I. Deanonymisation techniques for Tor and Bitcoin. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2015. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/21798.
Council of Science Editors:
Pustogarov I. Deanonymisation techniques for Tor and Bitcoin. [Doctoral Dissertation]. Université du Luxembourg; 2015. Available from: http://orbilu.uni.lu/handle/10993/21798

Université du Luxembourg
30.
Hammerschmidt, Christian.
Learning Finite Automata via Flexible State-Merging and Applications in Networking.
Degree: 2017, Université du Luxembourg
URL: http://orbilu.uni.lu/handle/10993/33624
► Being able to model behavior described by a linear sequence of observations (such as log files) goes a long way towards better understanding the underlying…
(more)
▼ Being able to model behavior described by a linear sequence of observations (such as log files) goes a long way towards better understanding the underlying processes. This improved understanding can be very helpful in a number of activities, ranging from software (reverse) engineering to network traffic analysis.
The developments in this thesis were driven by specific goals in predicting (human) behaviors captured by a software appliance observing network traffic and user requests to specific resources. Its final contributions have exceeded the original goals of the project in two important ways:
I present (1) a flexible learning algorithm for finite automata accompanied by theoretical underpinning and its implementation, a contribution towards better learning algorithms, and (2) applications of the algorithm to use-cases in computer networking and beyond.
The central algorithm considered in the thesis is a blue-fringe state-merging automaton learning algorithm, conducting a greedy search over feasible solutions. Its key components are a heuristic to search for consistent merges and an evaluation metric to assess the quality of a merge by assigning scores to merges.
I generalize this framework by making the heuristic components explicitly parametric. While state-merging algorithms were originally defined for probabilistic and non-probabilistic finite state machines and later used to derive algorithms for more extended models such as real-time automata, the work presented here extends the scope of the algorithms to a wide range of ad-hoc defined models as well as enables the user to implement modifications to the heuristic search process. These modifications help to account for domain knowledge and richer semantics of models with a regular language core.
I provide an implementation and a Python interface of the flexible state-merging framework, including stream/online and interactive variants of the algorithm based on a C++ implementation of the blue-fringe greedy search algorithm called DFASAT. The algorithm and the framework encompass and improve upon state-of-the-art approaches.
The application problems considered in this thesis can be seen as classical classification and anomaly detection tasks in machine learning. The application domain is network traffic analysis with a focus on network security.
I discuss the problematic properties of data from computer networks and address how using automaton models can help mitigate them. I then use the flexible state-merging approach for host profiling. I show how to efficiently learn finite state automata as behavioral profiles. These profiles can serve as digital fingerprints and help to identify malicious traffic such as botnet traffic.
Moreover, I show how communication profiles can be used for sequence clustering on NetFlow data to distinguish different behaviors over time.
Advisors/Committee Members: Fonds National de la Recherche - FnR [sponsor], Interdisciplinary Centre for Security, Reliability and Trust (SnT) >, Services and Data management research group (SEDAN) [research center], State, Radu [superviser], Verwer, Sicco [superviser], Sorger, Ulrich [president of the jury], Engel, Thomas [member of the jury], Francois, Jérome [member of the jury].
Subjects/Keywords: machine learning; grammatical inference; data science; computer networks; netflow; Engineering, computing & technology :: Computer science [C05]; Ingénierie, informatique & technologie :: Sciences informatiques [C05]
Record Details
Similar Records
Cite
Share »
Record Details
Similar Records
Cite
« Share





❌
APA ·
Chicago ·
MLA ·
Vancouver ·
CSE |
Export
to Zotero / EndNote / Reference
Manager
APA (6th Edition):
Hammerschmidt, C. (2017). Learning Finite Automata via Flexible State-Merging and Applications in Networking. (Doctoral Dissertation). Université du Luxembourg. Retrieved from http://orbilu.uni.lu/handle/10993/33624
Chicago Manual of Style (16th Edition):
Hammerschmidt, Christian. “Learning Finite Automata via Flexible State-Merging and Applications in Networking.” 2017. Doctoral Dissertation, Université du Luxembourg. Accessed March 04, 2021.
http://orbilu.uni.lu/handle/10993/33624.
MLA Handbook (7th Edition):
Hammerschmidt, Christian. “Learning Finite Automata via Flexible State-Merging and Applications in Networking.” 2017. Web. 04 Mar 2021.
Vancouver:
Hammerschmidt C. Learning Finite Automata via Flexible State-Merging and Applications in Networking. [Internet] [Doctoral dissertation]. Université du Luxembourg; 2017. [cited 2021 Mar 04].
Available from: http://orbilu.uni.lu/handle/10993/33624.
Council of Science Editors:
Hammerschmidt C. Learning Finite Automata via Flexible State-Merging and Applications in Networking. [Doctoral Dissertation]. Université du Luxembourg; 2017. Available from: http://orbilu.uni.lu/handle/10993/33624
◁ [1] [2] [3] [4] [5] … [8584] ▶
.