Universität Stuttgart
Permanent URI for this communityhttps://elib.uni-stuttgart.de/handle/11682/1
Browse
419 results
Search Results
Item Open Access Comparison and analysis of web vulnerability scanners(2019) Lis, AlexanderWithin the last years the commercial relevance of web applications increased steadily. They developed from simple information sharing platforms to serious business applications like online-banking, e-commerce and social media platforms. Unlike most other technologies, web-based applications are accessible from around the world continuously. Additionally, they are very susceptible for vulnerabilities as there are various technologies interacting. These factors render web applications to very attractive targets for criminals because they are often easy to attack, globally accessible and yield valuable exploits. As a consequence, much effort was put into research to prevent, detect and eliminate web application vulnerabilities. However manual security audits are time-consuming, costly and demand expertknowledge. Web vulnerability scanners tackle this problem. They are programs that test web applications for the existence of vulnerabilities. Additionally they categorize and report them. Because these tools work automatically, faster as humans and reduce the necessary knowledge in network security, they became an interesting supplementation to traditional security audits. On the other side web vulnerability scanners also have their limits. They can not test for the absence of vulnerabilities and thus produce false positives or miss weaknesses. Furthermore previous research has shown that there are also vulnerability classes that are especially intricate to detect like stored SQL injections or stored cross-site scripting vulnerabilities. Nonetheless web vulnerability scanners show very much potential and there is a growing interest into automatic web application testing. This is reflected in the increasing diversity of commercial web vulnerability scanners that can be found online. Thus this thesis compares and examines three web vulnerability scanners, namely Acunetix, Arachni and w3af. Focus is set on delineating the current capabilities and limits of state-of-the-art vulnerability scanners.Item Open Access Interacting with large high-resolution display workplaces(2018) Lischke, Lars; Schmidt, Albrecht (Prof.)Large visual spaces provide a unique opportunity to communicate large and complex pieces of information; hence, they have been used for hundreds of years for varied content including maps, public notifications and artwork. Understanding and evaluating complex information will become a fundamental part of any office work. Large high-resolution displays (LHRDs) have the potential to further enhance the traditional advantages of large visual spaces and combine them with modern computing technology, thus becoming an essential tool for understanding and communicating data in future office environments. For successful deployment of LHRDs in office environments, well-suited interaction concepts are required. In this thesis, we build an understanding of how concepts for interaction with LHRDs in office environments could be designed. From the human-computer interaction (HCI) perspective three aspects are fundamental: (1) The way humans perceive and react to large visual spaces is essential for interaction with content displayed on LHRDs. (2) LHRDs require adequate input techniques. (3) The actual content requires well-designed graphical user interfaces (GUIs) and suitable input techniques. Perceptions influence how users can perform input on LHRD setups, which sets boundaries for the design of GUIs for LHRDs. Furthermore, the input technique has to be reflected in the design of the GUI. To understand how humans perceive and react to large visual information on LHRDs, we have focused on the influence of visual resolution and physical space. We show that increased visual resolution has an effect on the perceived media quality and the perceived effort and that humans can overview large visual spaces without being overwhelmed. When the display is wider than 2 m users perceive higher physical effort. When multiple users share an LHRD, they change their movement behavior depending whether a task is collaborative or competitive. For building LHRDs consideration must be given to the increased complexity of higher resolutions and physically large displays. Lower screen resolutions provide enough display quality to work efficiently, while larger physical spaces enable users to overview more content without being overwhelmed. To enhance user input on LHRDs in order to interact with large information pieces, we built working prototypes and analyzed their performance in controlled lab studies. We showed that eye-tracking based manual and gaze input cascaded (MAGIC) pointing can enhance target pointing to distant targets. MAGIC pointing is particularly beneficial when the interaction involves visual searches between pointing to targets. We contributed two gesture sets for mid-air interaction with window managers on LHRDs and found that gesture elicitation for an LHRD was not affected by legacy bias. We compared shared user input on an LHRD with personal tablets, which also functioned as a private working space, to collaborative data exploration using one input device together for interacting with an LHRD. The results showed that input with personal tablets lowered the perceived workload. Finally, we showed that variable movement resistance feedback enhanced one-dimensional data input when no visual input feedback was provided. We concluded that context-aware input techniques enhance the interaction with content displayed on an LHRD so it is essential to provide focus for the visual content and guidance for the user while performing input. To understand user expectations of working with LHRDs we prototyped with potential users how an LHRD work environment could be designed focusing on the physical screen alignment and the placement of content on the display. Based on previous work, we implemented novel alignment techniques for window management on LHRDs and compared them in a user study. The results show that users prefer techniques, that enhance the interaction without breaking well-known desktop GUI concepts. Finally, we provided the example of how an application for browsing scientific publications can benefit from extended display space. Overall, we show that GUIs for LHRDs should support the user more strongly than GUIs for smaller displays to arrange content meaningful or manage and understand large data sets, without breaking well-known GUI-metaphors. In conclusion, this thesis adopts a holistic approach to interaction with LHRDs in office environments. Based on enhanced knowledge about user perception of large visual spaces, we discuss novel input techniques for advanced user input on LHRDs. Furthermore, we present guidelines for designing future GUIs for LHRDs. Our work creates the design space of LHRD workplaces and identifies challenges and opportunities for the development of future office environments.Item Open Access Modeling recommendations for pattern-based mashup plans(2018) Das, SomeshData mashups are modeled as pipelines. The pipelines are basically a chain of data processing steps in order to integrate data from different data sources into a single one. These processing steps include data operations, such as join, filter, extraction, integration or alteration. To create and execute data mashups, modelers need to have technical knowledge in order to understand these data operations. In order to solve this issue, an extended data mashup approach was created - FlexMash developed at the University of Stuttgart - which allows users to define data mashups without technical knowledge about any execution details. Consquently, modelers with no or limited technical knowledge can design their own domain-specific mashup based on their use case scenarios. However, designing data mashups graphically is still difficult for non-IT users. When users design a model graphically, it is hard to understand which patterns or nodes should be modeled and connected in the data flow graph. In order to cope with this issue, this master thesis aims to provide users modeling recommendations during modeling time. At each modeling step, user can query for recommendations. The recommendations are generated by analyzing the existing models. To generate the recommendations from existing models, association rule mining algorithms are used in this thesis. If users accept a recommendation, the recommended node is automatically added to the partial model and connected with the node for which recommendations were given.Item Open Access Das Ordnungsproblem für Automatengruppen und verwandte Fragestellungen(2019) Bühler, AndreasIn dieser Arbeit werden Problemstellungen in der Klasse der Automatenhalbgruppen untersucht. Ein besonderer Augenmerk gilt dabei dem Ordnungsproblem welches im Allgemeinen sowohl für Automatenhalbgruppen als auch für Automatengruppen unentscheidbar ist. Es wird dann für die Klasse der Automatenhalbgruppen mit beschränkter Aktivität ein Algorithmus mit überraschend geringem Platzbedarf vorgestellt. Danach wird ein Entscheidungsalgorithmus für das Mitgliedschaftsproblem in ultimativ periodischen Teilmengen von Automatenhalbgruppen beschränkter Aktivität erarbeitet. Dieses Problem beinhaltet insbesondere das Mitgliedschaftsproblem in monogenen Unterhalbgruppen, welches dadurch ebenfalls in Automatenhalbgruppen beschränkter Aktivität entscheidbar ist.Item Open Access Spatio-temporal and immersive visual analytics for advanced manufacturing(2019) Herr, Dominik; Ertl, Thomas (Prof. Dr.)The increasing amount of digitally available information in the manufacturing domain is accompanied by a demand to use these data to increase the efficiency of a product’s overall design, production, and maintenance steps. This idea, often understood as a part of Industry 4.0, requires the integration of information technologies into traditional manufacturing craftsmanship. Despite an increasing amount of automation in the production domain, human creativity is still essential when designing new products. Further, the cognitive ability of skilled workers to comprehend complex situations and solve issues by adapting solutions of similar problems makes them indispensable. Nowadays, customers demand highly customizable products. Therefore, modern factories need to be highly flexible regarding the lot size and adaptable regarding the produced goods, resulting in increasingly complex processes. One of the major challenges in the manufacturing domain is to optimize the interplay of human expert knowledge and experience with data analysis algorithms. Human experts can quickly comprehend previously unknown patterns and transfer their knowledge and gained experience to solve new issues. Contrarily, data analysis algorithms can process tasks very efficiently at the cost of limited adaptability to handle new situations. Further, they usually lack a sense of semantics, which leads to a need to combine them with human world knowledge to assess the meaningfulness of such algorithms’ results. The concept of Visual Analytics combines the advantages of the human’s cognitive abilities and the processing power of computers. The data are visualized, allowing the users to understand and manipulate them interactively, while algorithms process the data according to the users’ interaction. In the manufacturing domain, a common way to describe the different states of a product from the idea throughout the realization until the product is disposed is the product lifecycle. This thesis presents approaches along the first three phases of the lifecycle: design, planning, and production. A challenge that all of the phases face is that it is necessary to be able to find, understand, and assess relations, for example between concepts, production line layouts, or events reported in a production line. As all phases of the product lifecycle cover broad topics, this thesis focuses on supporting experts in understanding and comparing relations between important aspects of the respective phases, such as concept relationships in the patent domain, as well as production line layouts, or relations of events reported in a production line. During the design phase, it is important to understand the relations of concepts, such as key concepts in patents. Hence, this thesis presents approaches that help domain experts to explore the relationship of such concepts visually. It first focuses on the support of analyzing patent relationships and then extends the presented approach to convey relations about arbitrary concepts, such as authors in scientific literature or keywords on websites. During the planning phase, it is important to discover and compare different possibilities to arrange production line components and additional stashes. In this field, the digitally available data is often insufficient to propose optimal layouts. Therefore, this thesis proposes approaches that help planning experts to design new layouts and optimize positions of machine tools and other components in existing production lines. In the production phase, supporting domain experts in understanding recurring issues and their relation is important to improve the overall efficiency of a production line. This thesis presents visual analytics approaches to help domain experts to understand the relation between events reported by machine tools and comprehend recurring error patterns that may indicate systematic issues during production. Then, this thesis combines the insights and lessons learned from the previous approaches to propose a system that combines augmented reality with visual analysis to allow the monitoring and a situated analysis of machine events directly at the production line. The presented approach primarily focuses on the support of operators on the shop floor. At last, this thesis discusses a possible combination of the product lifecycle with knowledge generating models to communicate insights between the phases, e.g., to prevent issues that are caused from problematic design decisions in earlier phases. In summary, this thesis makes several fundamental contributions to advancing visual analytics techniques in the manufacturing domain by devising new interactive analysis techniques for concept and event relations and by combining them with augmented reality approaches enabling an immersive analysis to improve event handling during production.Item Open Access Evaluating mobile monitoring strategies for native iOS applications(2018) Sassano, MatteoThe success of a company is often influenced by the service and by a product they offer. If the supplied service or the offered product is a software system, a good performance will be essential to achieve desired goals such as high product sales. Slow applications and server responses due to performance issues, may cause a negative chain reaction. The amount of actual and potential users will probably decrease, and so does the users’ satisfaction and the number of product sales. Application Performance Management (APM) is necessary to avoid these cases. The usage of APM could help detecting eventual software problems and to remediate performance issues afterwards. Meanwhile, the usage of mobile devices, e.g., smartphones and tablets, for accessing enterprise systems is increasing in every application category. This expands the space where a potential software problem might be located in. Performance of mobile applications is more influenced by external circumstances, e.g., user location and access from bandwidth limited networks. APM tools not supporting mobile monitoring, are not able to recognize the mentioned performance issues. There are different implementation strategies for application monitoring agents such as call stack sampling and full source code instrumentation. The goal of this thesis is to research agent strategies for mobile devices, to develop an own version of each agent type, to analyze and evaluate the different agent approaches in combination of various mobile application types. The evaluation will be done with a series of experiments, by measuring the outcoming overhead of the developed agents, integrated into previously selected representative iOS open-source applications.Item Open Access Benutzerinteraktion in Virtual Reality mittels Eye Tracking(2018) Groß, AnjaIn den vergangenen Jahren nahmen VR und AR eine immer bedeutendere Rolle sowohl im wirtschaftlichen, als auch forschungsorientierten Bereich ein. Die verfügbare Hardware wurde zunehmend erschwinglicher und leistungsfähiger. Im Hinblick auf den Bereich der Immersive Analytics und der auftretenden Ermüdungserscheinungen bei herkömmlichen VR Systemen, beschäftigt sich diese Arbeit mit Eye Tracking als Eingabemechanismus für VR Anwendungen. Es werden zuerst allgemeine Probleme bei System, welche Eye Tracking als Eingabemedium verwenden, dargestellt, sowie bereits entwickelte Formen der Interaktion mithilfe von Eye Tracking vorgestellt. Mithilfe des FOVE VR HMD, welches über integriertes Eye Tracking verfügt, wird ein im Rahmen dieser Arbeit entwickelte Prototyp zur Manipulation von Objekten im virtuellen Raum vorgestellt. Die Interaktionen bestehen dabei aus einer Kombination aus Eye Tracking Input und einfachen Eingaben in Form eines Knopfdruckes eines Controllers statt. Mithilfe einer Benutzerstudie werden die entwickelten Konzepte evaluiert und anschließend die Ergebnisse präsentiert und diskutiert. Auf dieser Basis werden mögliche Verbesserungen der Konzepte und Erweiterungen der Anwendung vorgestellt. Die aus dieser Arbeit gewonnenen Erkenntnisse können ebenfalls für AR Anwendungen verwendet werden.Item Open Access Vision assisted biasing for robot manipulation planning(2018) Puang, En YenSampling efficiency has been one of the major bottlenecks of sampling-based motion planner. Although being more reliable in complex environments, Rapidly-exploring Random Tree for example often requires longer planning time than its optimisation-based counterpart. Recent developments have introduced numerous methods to bias sampling in configuration-space. Gaussian mixture model, in particular, was proposed to estimate feasible regions in configuration-space for low-variance task. Unfortunately this method does not adapt its biases according to individual planning scene during inference. Therefore, this work proposes vision assisted biasing to adapt biases by changing the weights of Gaussian components upon query. It uses autoencoder to extract features directly from depth image, and the resulted latent code is then used for either nearest neighbours search or direct weights prediction. With a modified pipeline, these extensions show improvements on not only the sampling efficiency but also path optimality of simple motion planner.Item Open Access Comprehensive Support of the Lifecycle of Machine Learning Models in Model Management Systems(2019) Popp, MatthiasToday, Machine Learning (ML) is entering many economic and scientific fields. The lifecycle of ML models includes data pre-processing to transform raw data into features, training a model with the features, and providing the model to answer predictive queries. The challenge is to ensure accurate predictions by continuously updating the model with automatic or manual retraining. To be aware of all changes, e.g. datasets and parameters, it is required to store metadata over the entire ML lifecycle. In this thesis we present a concept and system for comprehensive support of the ML lifecycle. The concept includes a metadata schema, as well as a solution to collect and enrich the metadata. The metadata schema contains information about the experiment, runs, executions, executables and common artifacts in ML such as datasets, models, and metrics. The stored information can be used for comparisons, re-iterations, and backtracking of ML experiments. We achieve this by tracking the lineage of ML pipeline steps and collecting metadata such as hyperparameters. Furthermore, a prototype is implemented to demonstrate and evaluate the concept. A case study, based on a selected scenario, serves as the basis for a qualitative assessment. The case study shows that the concept meets all the requirements and is therefore a suitable approach to comprehensively support ML model lifecycle.Item Open Access Orthogonale Dünngitter-Teilraumzerlegungen(2018) Schreiber, ConstantinIn der Simulation treten Häufg hochdimensionale partielle Differentialgleichungen auf. Das Lösen dieser wird für volle Gitter sehr schnell zu teuer. In dieser Arbeit wird ein Verfahren für das Lösen partieller Differentialgleichungen mit Hilfe von Dünnen Gittern, welche für mehrdimensionale Probleme besser skalieren, sowie dessen Implementierung in das Programmpaket SG++ vorgestellt. Durch Funktionsdarstellung in einem Erzeugendensystem wird die Verwendung einer L2-orthogonalen Teilraumzerlegung ermöglicht. Projektionsoperatoren ersetzen hierbei die explizite Transformation in eine Prewavelet-Basis. Diese Zerlegung erlaubt das Lumping der Steifgkeitsmatrix, also das Weglassen von großen Blöcken der Matrix. Hiermit wird ein Algorithmus zur Matrixmultiplikation, welcher dem von Schwab und Todor ähnelt implementiert. Dieser wird in einem konjugierten Gradienten-Verfahren verwendet und auch auf krummberandete Gebieten angewendet. Des Weiteren wird die Teilraumzerlegung durch L2-Projektion mit anderen Zerlegungen in Bezug auf Laufzeit und Fehlerentwicklung verglichen.