F. Wenzl, 鈥淓volution of Privacy Dark Patterns,鈥 Master's thesis VS-2026-03M, B. Erb and L. Pietzschmann (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2026 鈥 Completed.
L. V枚lk, 鈥淎n Evaluation of Deanonymization Attacks on Synthetic Data under Varying Privacy Metrics,鈥 Bachelor's thesis VS-2026-04B, B. Erb and L. Pietzschmann (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2026 鈥 Completed.
鈥淐oncurrent Data Structures for Trust Graphs,鈥 Bachelor's thesis VS-2025-18B, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2025 鈥 Completed.
鈥淎n Interactive Web UI for the Exploration of Evolving Trust Graphs,鈥 Bachelor's thesis VS-2025-24B, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2025 鈥 Completed.
鈥淢枚glichkeiten und Risiken von AI-Tools in der 黑料传送门slehre am Beispiel der Vorlesung Vernetzte Systeme,鈥 Bachelor's thesis VS-2024-07B, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2024 鈥 Completed.
鈥淪tate of Event Sourcing Application Development,鈥 Master's thesis VS-2023-04M, B. Erb and E. Mei脽ner (Supervisor), F. Kargl and F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2023 鈥
Completed.
The event sourcing storage architecture is increasingly used for developing applications. However, previous work shows that developers encounter a couple of challenges when applying the pattern. One such challenge is the lack of mature tools and solutions, which help developers in implementing event-sourced applications. No detailed and methodological comparison of the tools already available on the market existed at the time of writing. This thesis introduces a methodology on how to compare and categorize such tools and applies it to three solutions (EventStoreDB, Axon, and Akka), which are selected according to a set of requirements. To remove subjective opinions from the assessment of the qualitative aspects, quality gates are de铿乶ed, in addition to benchmarks, which are used to evaluate some quantitative aspects. Two example applications which cover a selection of event sourcing features are de铿乶ed and implemented using the three selected tools, providing insight into how they aid in the development process. In the end, a detailed comparison of the capabilities of the evaluated tools is given and recommendations for when to use each tool are provided.
鈥淪ecurity Mechanisms for Multi-Tenancy Event-Sourced Graphs,鈥 Master's thesis VS-2023-13M, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2023 鈥
Completed.
This thesis aims to investigate and address the security challenges that arise when applying multi-tenancy to a graph-based processing platform that is characterized by computational entities that exchange messages and whose behavior depends on user-defined code. Using threat modeling techniques, we enumerate relevant threats and discuss adequate security mechanisms. The more promising ones are then deployed on a prototype platform. We compare the performance costs of access control using an attribute based policy language implementation (XACML, Authzforce) against extending the computational entities with this functionality and find that, in our case, the former is slower but may provide other benefits. We also measure the performance costs introduced by using a strategy against denial-of-service attacks through user-submitted code on the application level and determine that this introduces significant overhead. The general considerations in this thesis and the results obtained from the evaluations may prove useful when implementing a system that is similar to ours. It will aid in detecting threats and help in the selection of an adequate access control method.
鈥淐onfidential Computing via Multiparty Computation and Trusted Computing,鈥 Master's thesis VS-2023-05M, E. Mei脽ner and B. Erb (Supervisor), F. Kargl and F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2023 鈥
Completed.
In the wake of the social sciences鈥 so-called replication crisis, researches increasingly strive to adopt methods preventing questionable research practices in empirical studies, e. g., study preregistration and full publication of survey datasets. However, publication of survey responses poses a serious threat to the privacy of study participants. Previous work has addressed this issue while maintaining protection against questionable research practices, but either relies on Trusted Execution Environments (TEEs), which have been shown to be susceptible to various kinds of attacks, or on Secure Multiparty Computation (SMPC), requiring a honest majority of participating parties. In this work, we combine TEEs with SMPC in a platform for conducting empirical studies that provides strong guarantees for the privacy of participants. Survey responses are split into secret shares, which are distributed among a number of TEE-protected computation parties. Statistical analysis of responses is performed as an SMPC. The platform is secure against a wider range of attackers than related work, i. e., against attackers either able to circumvent the utilised TEE or controlling a majority of the computation parties. We implement a prototype of this platform and evaluate its computational performance against alternative approaches. We show that it is suitable for conducting real-world privacy-preserving empirical studies, placing only minimal computational load on survey participants. Its performance in conducting statistical analysis is inferior to its alternatives, requiring ca. 10 min for performing one two-sample t-test. However, we argue that this is su铿僣ient for real-world settings. Additionally, we list several approaches with which performance can be enhanced.
鈥淧syArXiv Data Analyzer,鈥 individual lab project VS-2022-16P, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2022 鈥
Completed.
This project focuses on practical anonymity in the publication of psychological study material by using software to detect data sets that are likely to contain identifying information. Under HIPAA and GDPR, health-related information is considered highly sensitive and should not be disclosed to the public under normal circumstances. In 2000, Latanya Sweeney pointed out that simple demographics often identify people uniquely, noting that 87% of the U.S. population could be uniquely identified with the combination of age, gender, and zip code alone, and that about half of the U.S. population would be identifiable with the combination of age, gender, and location. A manual ex- amination of study material revealed, that some studies still contain quasi-identifiers, which are sets of attributes that in combination can be used in combination to uniquely identify an individual under certain assumptions (e.g. the attacker must have access to a voter list, health records, or data sets on individuals acquired from a data broker). To address the issue of privacy in the publication of psychological study materials, we have developed a software that helps finding data sets in study materials of psychological studies that are likely to contain identifying information using the keywords or patterns configured by the user, providing per default the most predominant column headers we discovered by manually analyzing the study material. With our software, we are able to automatically prepare and analyze large amounts of data crawled from PsyArXiv prior to this project, and evaluate and score the results, focusing on files in CSV format and formats that can be converted to CSV. We hope that our work will bring more attention on the problem of anonymity in the release of study material, or even be used to identify privacy issues before the material is published.
鈥淚nvestigation of Noisy Neighbour Isolation Capabilities for Virtualization Approaches,鈥 Master's thesis VS-2022-26M, J. Domaschka and B. Erb (Supervisor), S. Wesner and F. Kargl (Examiner), Inst. f. Organisation und Management von Informationssystemen, Ulm Univ., 2022 鈥
Completed.
Virtualization technology isolation capabilities impose a challenge for many researchers and businesses. This isolation among processes, containers, Virtual Machines (VMs) or other containing units, is significant due to a multitude of demands. Businesses want to divide their own infrastructure into individual parts in order to sell them to potential customers. Researchers want to isolate their experiments to not interfere with unintentional noise. Service providers want to consolidate their infrastructure to keep total cost of ownership as low as possible. Poor isolation would negatively impact those use cases. These mentioned demands towards isolation are enabled by isolation technologies. They create the incentive and demand for a methodology, to measure the capabilities of those technologies regarding isolation. This thesis presents such a methodology, enriched with further considerations around this problem.
鈥淚nteraktive Demos f眉r Grundlagen der Rechnernetze,鈥 Bachelor's thesis VS-2022-09B, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 鈥 Completed.
鈥淓xploring Linkability of Psychological Research Data using Socio-Demographic Attributes,鈥 Master's thesis VS-2022-01M, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 鈥 Completed.
鈥淓xploring Linkability of Psychological Research Data Sets using Psychological Scales,鈥 Master's thesis VS-2022-02M, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 鈥 Completed.
鈥淚mpact of HTTP/3 on Microservice Architectures,鈥 Master's thesis VS-2021-16M, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2021 鈥 Completed.
鈥淧erformance Comparison of Chronograph and Actor-Based Platforms,鈥 individual lab project VS-2020-08P, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2020 鈥 Completed.
鈥淐ausality-aware Log Pruning in Distributed event-sourced Systems,鈥 individual lab project VS-P21-2019, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2019 鈥 Completed.
鈥淩evisited: A platform architecture for retroactive programming using event sourcing,鈥 individual lab project VS-R07-2018, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2018 鈥 Completed.
鈥淥nline Text Processing for Chatting Applications,鈥 Bachelor's thesis VS-B19-2018, E. Mei脽ner and B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2018 鈥 Completed.
鈥淓vent-Sourced Graph Processing in Internet of Things Scenarios,鈥 Master's thesis VS-M03-2018, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2018 鈥 Completed.
鈥淏ringing Height to the Chronograph Platform,鈥 individual lab project VS-R08-2018, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2018 鈥 Completed.
鈥淨uerying and Processing Event-sourced Graphs,鈥 Master's thesis VS-M06-2017, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2017 鈥 Completed.
鈥淒esign and Implementation of an Web-based API and Interactive Dashboard,鈥 Bachelor's thesis VS-B07-2017, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2017 鈥 Completed.
鈥淎synchrones latentes Snapshotting von dynamischen event-sourced Systemen,鈥 Bachelor's thesis VS-B05-2017, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2017 鈥 Completed.
鈥淎 platform architecture for retroactive programming using event sourcing,鈥 individual lab project VS-R23-2017, B. Erb and E. Mei脽ner (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2017 鈥 Completed.
E. Mei脽ner, 鈥淎 Methodology for Performance Analysis and Performance Engineering of Distributed Event-sourced Systems,鈥 Master's thesis VS-M22-2017, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2017 鈥
Completed.
Distributed event-sourced systems adopt a fairly new architectural style for data-intensive applications that maintain the complete history of the application state. However, the performance implications of such systems is not yet well explored, let alone how the performance of these systems can be improved. A central issue is the lack of systematic performance engineering approaches that incorporate the specific properties of distributed event-sourced systems, such as messaging and event persistence. To address this problem, we developed a methodology for performance engineering and performance analysis of distributed event-sourced systems as part of a software engineering process. This approach helps developers to identify bottlenecks and resolve performance issues based on specific micro benchmarks and subsequent targeted optimizations. To show the practicality of our methology, we applied it to the \cg platform to improve the overall performance of its current research prototype. Using our structured approach, we improved the performance of the prototype system and made it more than twice as fast for certain workloads.
鈥淰ergleich und Evaluierung von Time Series Databases,鈥 Bachelor's thesis VS-B07-2016, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2016 鈥 Completed.
鈥淧erformance Engineering in verteilten, polyglotten Berechnungsplattformen,鈥 Master's thesis VS-M08-2016, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2016 鈥 Completed.
鈥淓nabling Retroactive Computing Through Event Sourcing,鈥 Master's thesis VS-M01-2016, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2016 鈥
Completed.
Event sourcing is a style of software architecture wherein state altering operations to an application are captured as immutable events. Each event is appended to an event log, with the current state of a system derived from this series of events. This thesis addresses the utilization of retroactive capabilities in event-sourced systems: computing alternate application states, post hoc bug fixes, or the support of algorithms which have access to their own history, for example. The possibility of retroactively accessing and modifying this event log is a potential capability of an event-sourced system, but a detailed exploration how these operations can be facilitated and supported has not yet been conducted. We examine how retroaction can be applied to event-sourced systems and discuss conceptual considerations. Furthermore, we demonstrate how different architectures can be used to provide retroaction and describe the prototypical implementation of an appropriate programming model. These findings are applied in the Chronograph research project, in order to utilize potential temporal aspects of this platform.
鈥淎 Persistence Layer for Distributed Event-Sourced Architectures,鈥 Master's thesis VS-M09-2016, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2016 鈥
Completed.
Due to the increasingly large amount of data which is collected and processed each day, enabling fast, reliable, and scalable distributed computing on very large datasets has become more important than ever. Unfortunately, distributed computation on large inhomogeneous datasets is still time-consuming and it is very difficult to make evaluations and predictions. To address these issues, event sourcing and graph computing are relevant topics. While event sourcing provides techniques to save data in a particular way, which enables evaluations and makes predictions possible, graph computing provides a way to distribute the computation on large datasets. Although there is a conceptual idea which addresses these issues, no practical experience how such a concept can be implemented in case of persistence and communication is available. As a result, a prototype system to measure and evaluate different persistence and communication implementations for distributed event-sourced architectures using event sourcing and graph computing needs to be created. Such a system can be used to find a way how to persist and work on large distributed inhomogeneous datasets efficiently.
鈥淰erwendung von CRDTs in mobilen verteilten Anwendungen,鈥 Bachelor's thesis VS-B07-2015, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
Einen Ansatz f眉r asynchrone Datenhaltung in verteilten Systemen bieten Conflict-free Replicated Data Types (CRDT). Sie stellen Verf眉gbarkeit 眉ber strikte Konsistenz, trotzdem konvergieren die Zust盲nde der Datentypen zu einem sp盲teren Zeitpunkt mit Hilfe einfacher mathematischer Annahmen wie Kommutativit盲t oder den Eigenschaften eines Halbverbandes. Diese Arbeit erkl盲rt die Grunds盲tze, Unterscheidungsm枚glichkeiten, Funktionsweisen, Anwendungsf盲lle und Probleme dieser CRDTs und 眉bertr盲gt deren Konzepte anschlie脽end in den mobilen Kontext. Dabei werden auf theoretischer Basis zun盲chst geeignete Anwendungsszenarien unter verschiedenen Kriterien untersucht und anschlie脽end ein Framework entwickelt, mit dem Entwickler mobiler Anwendungen CRDT-Instanzen verschiedener Datentypen verwenden k枚nnen, die automatisiert 眉ber mehrere Ger盲te repliziert werden.
鈥淰erhalten von TCP-Varianten in Hochgeschwindigkeitsnetzwerken,鈥 Bachelor's thesis VS-B08-2015, B. Erb and T. Lukaseder (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥 Completed.
鈥淓reignisorientierte, diskrete Netzwerksimulation mit Pregel,鈥 Bachelor's thesis VS-B05-2015, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
Diese Arbeit verfolgt das Ziel festzustellen, ob sich die Architektur von Pregel - ein Framework f眉r verteilte Berechnungen auf gro脽en Graphen - eignet, um eine ereignisorientiert-diskrete Netzwerksimulation zu implementieren. Dazu wurde ein Simulator entworfen, der das Verhalten eines Transportprotokolls innerhalb eines Computernetzwerks darstellt. In der Entwurfsphase hat es sich ergeben, dass die Konzepte, die eine ereignisorientiert-diskrete Simulation ausmachen, in Pregel umgesetzt werden k枚nnen. Dieser Entwurf wurde praktisch umgesetzt, um innerhalb einer Evaluierung zu ermitteln, wie sich die Simulation verh盲lt, je gr枚脽er die Eingabe-Netzwerkgraphen werden.
鈥淒istributed Versioning and Snapshot Mechanisms on Event-Sourced Graphs,鈥 Master's thesis VS-M13-2015, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
Two interesting approaches to tackle many of today's problems in large scale data processing and live query resolution on big graph datasets have emerged in recent years. Firstly, after Google's presentation of its graph computing platform Pregel in 2010, an influx of more or less similar platforms could be observed. These platforms all share the goal of providing highly performant data mining and analysis capabilities to users, enabling a wide variety of today's technologies like ranking web pages in the the web graph of the WWW or analysing user interactions in social networks. Secondly, the old concept of message logging for failure recovery was rediscovered and combined with event based computing in the early 2000s and is now known as event sourcing. This approach to system design keeps persistent logs of every single change of all entities in a computation, providing highly interesting options like state restoration by replaying old events, retroactive event modifications, phenomenal debugging capabilities and many more. A recently published paper suggests the merging of those two approaches to create a hybrid event-sourced graph computing platform. This platform would show unique characteristics compared to other known solutions. For example, computations on temporal data can yield information about the evolution of a graph and not only its current state. Furthermore, for backups or to enable offline analysis on large compute clusters, snapshot extraction 鈥 i.e. reproducing any consistent global state the graph has ever been in 鈥 from the event logs produced by event-sourced graph computations is possible. This thesis provides one of the first major works related to this proposed hybrid platform and provides background knowledge related to these aforementioned topics. It presents a thorough overview over the current state-of-the-art in graph computing platforms and causality tracking in distributed systems and finally develops an efficient mechanism for extracting arbitrary, consistent global snapshots from a distributed event log produced by an event-sourced graph computation.
鈥淒esign und Implementierung eines interaktiven Explorers f眉r r盲umlich-zeitliche Trace-Daten,鈥 individual lab project VS-R12-2015, R. van der Heijden and B. Erb (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2015 鈥
Completed.
R盲umlich-zeitliche Trace-Daten speichern Bewegungsmuster von Entit盲ten in einem zeitlichen Verlauf. Die Exploration von solchen r盲umlich-zeitlichen Daten ist f眉r verschiedenste Einsatzzwecke interessant, unter anderem auch f眉r die Visualisierung von Fahrplandaten im 枚ffentlichen Nahverkehr sowie f眉r die Analyse von durchgef眉hrten VANET-Simulationsl盲ufen. Im Rahmen der Arbeit soll eine performante webbasierte Client/Server-Anwendung enstehen. Der Server soll Tracefiles aus verschiedenen Quellen importieren und effizient speicheren, die dann in interaktiven Explorationssessions von Clients abgespielt werden k枚nnen.
鈥淒esigning a Disaster Area Network for First Responders in Disastrous and Emergency Scenarios,鈥 Bachelor's thesis VS-B18-2015, B. Erb and R. van der Heijden (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
Man-made disasters, earthquakes, floods, and other natural disasters come with a great number of casualties, which have to be treated as quickly as possible by emergency services to minimize fatalities. Due to the large number of casualties and aid workers, it is difficult to maintain an accurate overview of the situation. To improve the clarity of the situation, a comprehensive support system can be used for the forces on-site, which supports them in information gathering and distribution to all involved parties. Previous work has failed to implement independency of public infrastructure (e.g. power grid, cellular network) or suffer data loss due to single node failures. To solve this problem, we propose a fault-tolerant design that fully distributes information to all devices in a mobile ad hoc network, while allowing offline work outside of it. We present a proof-of-concept prototype for the proposed design and show that its data distribution component behaves as designed using a series of trials. To the best of our knowledge, there is currently no DAN system that uses multi master replication to fully distribute data, where every node has an individual copy of every piece of information.
鈥淐ommunication Patterns for Concurrent and Distributed Computations,鈥 Bachelor's thesis VS-B04-2015, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
This bachelor thesis presents a catalog of communication patterns for concurrent and distributed computations. We compose this catalog by reviewing the inter-process communication in common concurrency models and surveying existing pattern resources, such as professional books and weblogs. In addition to the selection and composition of patterns, we determine our own pattern template structure and an appropriate visualization, specifically matching the requirements of communication patterns. The catalog itself consists of a variety of patterns, intended for the reader to get a grasp of proven solutions for recurring problems in the field of concurrent programming. We provide simplified examples for every solution by the means of message-passing.
鈥淎n Evaluation of Distributed Approaches to Large-Scale Graph Computing,鈥 Bachelor's thesis VS-B09-2015, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2015 鈥
Completed.
This thesis takes a look at several considerations for developers and users of distributed graph computing platforms. Two popular computing platforms, Apache Giraph on Hadoop and the GraphX library in Apache Spark, are analyzed and tested through a benchmarking process. We examine a basic PageRank and ConnectedComponents algorithm for a variety of input graphs and cluster sizes. We hereby discover how immensely different parameters of distributed graph computations, such as graph sizes and topology properties, impact the execution time. Concluding, we carve out the application fields, for which both platforms are practical and where trade-offs have to be made.
鈥淪icherheitsanalyse von NoSQL-Datenbanken,鈥 Bachelor's thesis VS-B15-2014, R. van der Heijden and B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2014 鈥
Completed.
NoSQL-Datenbanken werden immer h盲ufiger produktiv eingesetzt, um die steigenden Datenmengen bew盲ltigen zu k枚nnen. Derzeit ist allerdings noch nicht klar, ob diese die notwendigen Sicherheitsanforderungen erf眉llen. Zu diesem Zweck stellt die vorliegende Arbeit eine Methodik zur Sicherheitsanalyse von NoSQL-Datenbanken vor. Hierzu werden die wichtigsten Sicherheitsrisiken identifiziert und es wird aufgezeigt, wie eine NoSQL-Datenbank auf diese 眉berpr眉ft werden kann. Die Methodik wird auf die NoSQL-Vertreter Neo4j und CouchDB angewendet. Es zeigt sich hierbei, dass beide Datenbanken schwerwiegende Sicherheitsdefizite aufweisen. Deshalb werden Empfehlungen zur Steigerung der Informationssicherheit gegeben, die bei Beachtung die ermittelten Schwachstellen beheben.
鈥淚ntrusion Detection in Software Defined Networks,鈥 Bachelor's thesis VS-B02-2014, R. van der Heijden and B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2014 鈥
Completed.
Intrusion detection systems are valuable tools to improve security in a network. Due to growing network bandwidths not all packets can be investigated because of resource limitations. Special traffic filters can be used to forward only traffic that is suspected of containing intrusions. Software defined network is an architecture which allows to interact with a network in a programmable way. With OpenFlow a switch can be programmed reactive, were flows are created dynamically and proactive, were flows are created statically. This work evaluates the impact of filtering traffic proactive and reactive. Evaluated was the number of alerts the SNORT IDS generated. An emulated SDN testbed was used for the evaluation. Compared to forwarding without filtering, the traffic can be reduced by more than a half.The results show that supporting an IDS is possible with OpenFlow, either in a reactive or a proactive way.
鈥淓valuation von Distributed Event Processing Frameworks f眉r Zeitreihenanalysen,鈥 Bachelor's thesis VS-B03-2014, B. Erb (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2014 鈥 Completed.
鈥淓ntwurf & Implementierung einer kollaborativen Web-Plattform zur Dokumentation von Design Patterns,鈥 Bachelor's thesis VS-B07-2014, B. Erb (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2014 鈥
Completed.
In dieser Arbeit wurde eine Plattform zur kollaborativen Dokumentation von Patterns entworfen und prototypisch implementiert. Hierf眉r wurden die Anforderungen f眉r eine generische Plattform gesammelt und Konzepte f眉r die kollaborative Nutzung er枚rtert. Die Implementierung verwendet verschiedene Konzepte des Web 2.0 zur Kollaboration und zeigt prototypisch den Funktionsumfang einer Plattform f眉r Patterns verschiedener Anwendungsgebiete.
鈥淒istributed Architecture using Event Sourcing & Command Query Responsibility Segregation,鈥 Bachelor's thesis VS-B04-2014, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2014 鈥
Completed.
In a common software system we occasionally want to know how we got to the current application state without making the system more complicated. Mostly, this question can not be answered because the software just saves the newest application state. Even if the software architects implement their own history support later, it can not tell anything about the previous changes. This is where Event Sourcing and Command Query Responsibility Segregation come into play. Event Sourcing saves every change as an event and Command Query Responsibility Segregation helps to handle the increased complexity. Therefore, we can build a system which provides a history support and which is still maintainable. If we use Event Sourcing and Command Query Responsibility Segregation, we just have to make small changes to a traditional architecture in order to fix that problem. By saving all changes as events we can evaluate everything we want.
鈥淒esign und Implementierung eines skalierenden Database-as-a-Service Systems,鈥 Master's thesis VS-M05-2014, J. Domaschka and B. Erb (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2014 鈥
Completed.
Datenbanksysteme stellen in Anwendungen die zentrale Komponente zur Persistierung von Daten dar. Die Speicherung der Daten kann 眉ber verschieden Datenmodelle, welche die Literatur in die Kategorien relational und NoSQL einteilt, realisiert werden. Die Datenmodelle bieten unterschiedliche Funktionalit盲ten in Bereichen wie Konsistenz, Verteilung und Skalierbarkeit. Skalierbarkeit stellt besonders f眉r Datenbanken innerhalb Webanwendungen eine wichtige Anforderungen dar, da zum einen die Nutzeranzahl von Webanwendungen immer weiter steigt und zum anderen die Webanwendungen starke Lastschwankungen bew盲ltigen m眉ssen. Um diese Lastschwankungen verarbeiten zu k枚nnen, werden flexible Ressourcen ben枚tigt, die das Cloud-Computing verspricht. Diese Arbeit betrachtet die Cloud-Computing-Architektur des DBaaS, welche Datenbanken als abstrakte Ressource bereitstellt. Der Schwerpunkt liegt hierbei auf skalierenden DBaaS-Systemen. Das Ziel dieser Arbeit besteht aus dem Design und der Implementierung eines DBaaS-Dienstes, der eine automatisierte Skalierung bietet und auf frei verf眉gbarer Software basiert. Hierf眉r werden die Anforderungen eines solchen DBaaS-Dienstes anhand eines Anwendungsfalls herausgearbeitet und die Skalierbarkeit existierender Datenbanken auf Basis von Benchmarks untersucht. Aus diesen Ergebnissen wird ein prototypisches DBaaS-System umgesetzt.
鈥淒esign und Implementierung eines zuverl盲ssigen und verf眉gbaren (NoSQL) Datenbanksystems,鈥 Master's thesis OMI-2014-M-02, J. Domaschka and B. Erb (Supervisor), S. Wesner and F. Kargl (Examiner), Inst. f. Organisation und Management von Informationssystemen, Ulm Univ., 2014 鈥
Completed.
Datenbanken bilden das R眉ckgrat vieler Anwendungen. Wegen dieser zentralen Rolle sind Zuverl盲ssigkeit und Ausfallsicherheit f眉r sie essentiell. In dieser Arbeit sollen existierende Ans盲tze zur Fehlertoleranz bestehender relationaler und nicht-relationer Datenbanken zun盲chst untersucht und verglichen werden. Aufbauend darauf soll ein System mit Hilfe des Virtual Nodes Frameworks nachimplementiert werden.
鈥淎 Collection of Privacy Patterns,鈥 Bachelor's thesis VS-B06-2014, B. Erb and H. Kopp (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2014 鈥
Completed.
In dieser Arbeit wurde die Dokumentation von Patterns im Kontext von Privacy untersucht. Es wurden Anforderungen an die Struktur von Privacy Patterns diskutiert sowie die Kategorisierung von Privacy Patterns in einem Katalog betrachtet. Auf Basis einer eigenen Pattern-Struktur wurde dann anhand von exemplarischen Privacy Patterns ein kleiner, beispielhafter Katalog von Privacy Patterns vorgestellt.
鈥淓valuation von existierenden L枚sungen zur Simulation von Netzwerken,鈥 Bachelor's thesis VS-B05-2013, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2013 鈥
Completed.
Gegenstand dieser Arbeit ist die Erstellung eines aktuellen Surveys von bestehenden Netzwerksimulatoren, insbesondere f眉r VANET-Simulationen.
鈥淒esign & Durchf眉hrung einer Benutzerstudie zur Nutzung von Netzwerksimulatoren,鈥 Bachelor's thesis VS-B06-2013, B. Erb (Supervisor), F. Kargl (Examiner), Inst. f. Vert. Sys., Univ. Ulm, 2013 鈥
Completed.
Im Rahmen dieser Arbeit wurde eine Benutzerstudie durchgef眉hrt, die sich mit Fragen der Benutzerbarkeit und Komplexit盲t von Netzwerksimulatoren befasst und offene Problemstellungen f眉r Anwender von Netzwerksimulatoren identifizierte.
F. Engelmann, 鈥淐ontent-Inspection in Hochgeschwindigkeitsnetzen,鈥 Bachelor's thesis VS-B17-2013, R. van der Heijden and B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2013 鈥
Completed.
Computational power for content filtering in high-speed networks reaches a limit, but many applications as intrusion detection systems rely on such processes. Especially signature based methods need extraction of header fields. Hence we created an parallel protocol-stack parser module on the NetFPGA 10G architecture with a framework for simple adaption to custom protocols. Our measurements prove that the appliance operates at 9.5 Gb/s with a delay in order of any active hop. The work provides the foundation to use for application specific projects in the NetFPGA context.
鈥淐omparison of Concurrency Frameworks for the JVM,鈥 Bachelor's thesis VS-B13-2013, B. Erb (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2013 鈥
Completed.
Aufgrund von Multi-Core-CPUs wird Nebenl盲ufigkeit ein zunehmend wichtigerer Teil bei der Programmierung von performanten und skalierbaren Anwendungen. F眉r Java existieren diverse Frameworks, die h枚here Abstraktionen f眉r Nebenl盲ufigkeit anbieten und somit nebenl盲ufige Programmierung vereinfachen. Im Rahmen dieser Bachelor-Arbeit wurden wichtigte Frameworks vorgestellt und miteinander verglichen. Ebenso wurde aufgezeigt, welche Frameworks sich f眉r welche Einsatzzwecke besonders eignen.