Benedek Forrai, Takahiro Miki, Daniel Gehrig, Marco Hutter, Davide Scaramuzza, Event-based Agile Object Catching with a Quadrupedal Robot, In: 2023 IEEE International Conference on Robotics and Automation, ICRA 2023, Institute of Electrical and Electronics Engineers, 2023-05-29. (Conference or Workshop Paper published in Proceedings)
Quadrupedal robots are conquering various applications in indoor and outdoor environments due to their capability to navigate challenging uneven terrains. Exteroceptive information greatly enhances this capability since perceiving their surroundings allows them to adapt their controller and thus achieve higher levels of robustness. However, sensors such as LiDARs and RGB cameras do not provide sufficient information to quickly and precisely react in a highly dynamic environment since they suffer from a bandwidth-latency trade-off. They require significant bandwidth at high frame rates while featuring significant perceptual latency at lower frame rates, thereby limiting their versatility on resource constrained platforms. In this work, we tackle this problem by equipping our quadruped with an event camera, which does not suffer from this tradeoff due to its asynchronous and sparse operation. In leveraging the low latency of the events, we push the limits of quadruped agility and demonstrate high-speed ball catching for the first time. We show that our quadruped equipped with an event-camera can catch objects with speeds up to 15 m/s from 4 meters, with a success rate of 83%. Using a VGA event camera, our method runs at 100 Hz on an NVIDIA Jetson Orin. |
|
Leonard Bauersfeld, Elia Kaufmann, Davide Scaramuzza, User-Conditioned Neural Control Policies for Mobile Robotics, In: 2023 IEEE International Conference on Robotics and Automation, ICRA 2023, Institute of Electrical and Electronics Engineers, 2023-05-29. (Conference or Workshop Paper published in Proceedings)
Recently, learning-based controllers have been shown to push mobile robotic systems to their limits and provide the robustness needed for many real-world applications. However, only classical optimization-based control frameworks offer the inherent flexibility to be dynamically adjusted during execution by, for example, setting target speeds or actuator limits. We present a framework to overcome this shortcoming of neural controllers by conditioning them on an auxiliary input. This advance is enabled by including a feature-wise linear modulation layer (FiLM). We use model-free reinforcement-learning to train quadrotor control policies for the task of navigating through a sequence of waypoints in minimum time. By conditioning the policy on the maximum available thrust or the viewing direction relative to the next waypoint, a user can regulate the aggressiveness of the quadrotor's flight during deployment. We demonstrate in simulation and in real-world experiments that a single control policy can achieve close to time-optimal flight performance across the entire performance envelope of the robot, reaching up to 60 km/h and 4.5 g in acceleration. The ability to guide a learned controller during task execution has implications beyond agile quadrotor flight, as conditioning the control policy on human intent helps safely bringing learning based systems out of the well-defined laboratory environment into the wild. |
|
Jan Von der Assen, Alberto Huertas Celdran, Pedro Miguel Sánchez Sánchez, Jordan Cedeño, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, A Lightweight Moving Target Defense Framework for Multi-purpose Malware Affecting IoT Devices, In: ICC 2023 - IEEE International Conference on Communications, Institute of Electrical and Electronics Engineers, 2023-05-28. (Conference or Workshop Paper published in Proceedings)
Malware affecting Internet of Things (IoT) devices is rapidly growing due to the relevance of this paradigm in real-world scenarios. Specialized literature has also detected a trend towards multi-purpose malware able to execute different malicious actions such as remote control, data leakage, encryption, or code hiding, among others. Protecting IoT devices against this kind of malware is challenging due to their well-known vulnerabilities and limitation in terms of CPU, memory, and storage. To improve it, the moving target defense (MTD) paradigm was proposed a decade ago and has shown promising results, but there is a lack of IoT MTD solutions dealing with multi-purpose malware. Thus, this work proposes four MTD mechanisms changing IoT devices' network, data, and runtime environment to mitigate multi-purpose malware. Furthermore, it presents a lightweight and IoT-oriented MTD framework to decide what, when, and how the MTD mechanisms are deployed. Finally, the efficiency and effectiveness of the framework and MTD mechanisms are evaluated in a real-world scenario with one IoT spectrum sensor affected by multi-purpose malware. |
|
Alberto Huertas Celdran, Pedro Miguel Sánchez Sánchez, Chao Feng, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, Privacy-preserving and Syscall-based Intrusion Detection System for IoT Spectrum Sensors Affected by Data Falsification Attacks, IEEE Internet of Things Journal, Vol. 10 (10), 2023. (Journal Article)
Crowdsensing platforms collect, process, transmit, and analyze spectrum data worldwide to optimize radio frequency spectrum usage. However, Internet-of-Things (IoT) spectrum sensors, performing some of the previous tasks, are exposed to software manipulation aiming to execute spectrum sensing data falsification (SSDF) attacks to compromise data integrity and spectrum optimization. Novel intrusion detection systems (IDSs) combining device fingerprinting with Machine and Deep Learning (ML/DL) improve the limitation of traditional solutions and remove the necessity of redundant sensors and reputation mechanisms. However, they fail when detecting SSDF attacks accurately while protecting sensors privacy. This work proposes a novel host-based and federated learning-oriented IDS for IoT spectrum sensors that considers unsupervised ML/DL and fingerprints based on system calls. The framework detection performance and consumption of resources are analyzed in local and federated scenarios with six spectrum sensors deployed on Raspberry Pis. The obtained results significantly improve related work when detecting SSDF attacks while protecting sensors privacy, and consuming CPU, memory, and storage of sensors in a reduced manner. |
|
Roy Adrian Rutishauser, André Meyer, Reid Holmes, Thomas Fritz, Semi-Automatic, Inline and Collaborative Web Page Code Curations, In: International Conference on Software Engineering (ICSE'23), 2023-05-14. (Conference or Workshop Paper published in Proceedings)
Software developers spend about a quarter of their workday using the web to fulfill various information needs. Searching for relevant information online can be time-consuming, yet acquired information is rarely systematically persisted for later reference. In this work, we introduce SALI, an approach for semi-automated linking web pages to source code locations inline with the source code. SALI helps developers naturally capture high-quality, explicit links between web pages and specific source code locations by suggesting links for curation within the IDE. Through two laboratory studies, we examined the developer’s ability to both curate and consume links between web pages and specific source code locations while performing software development tasks. The studies were performed with 20 subjects working on realistic software change tasks from widely-used open-source projects. Results showed that developers continuously and concisely curate web pages at meaningful locations in the code with little effort. Additionally, we showed that other developers could use these curations while performing new and different change tasks to speed up relevant information gathering within unfamiliar codebases by a factor of 2.4. |
|
Alberto Huertas Celdran, Jan Von der Assen, Konstantin Moser, Pedro M Sánchez Sánchez, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, Early Detection of Cryptojacker Malicious Behaviors on IoT Crowdsensing Devices, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
Traditionally, IoT crowdsensing devices have been outside the cryptomining domain due to their limitations in terms of computational power. In 2014, Monero (XNR) changed this situation forever. Monero is an open-source digital payment token that can be mined in resource-constrained devices like IoT and single-board computers. Despite the Monero advantages, it opened the door for cryptojackers illicitly mining cryptocurrencies by exploiting well-known vulnerabilities of IoT devices. Existing detection solutions provide good performance while detecting the mining phase of cryptojackers, but early detection is desired to avoid malware spreading and resource misuse. Thus, this work proposes a framework that combines device behavioral fingerprinting and machine learning to detect and classify preparatory phases of cryptojackers. The framework has been deployed in a crowdsensing IoT spectrum sensor, Raspberry Pi, infected by a recent cryptojacker called Linux.MulDrop.14. Promising detection results demonstrate the framework’s suitability while detecting early phases of cryptojackers. |
|
Muriel Figueredo Franco, Lisandro Zambenedetti Granville, Burkhard Stiller, CyberTEA: a Technical and Economic Approach for Cybersecurity Planning and Investment, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
It is essential to look at cybersecurity not only as a technical problem but also from economic, societal, and legal perspectives. Companies need to pay more attention to planning and investments in cybersecurity due to different factors, such as budget constraints and complexities involved in the planning and decision-making processes. Also, companies wrongly do not see themselves as the target of a potential cyberattack. Therefore, there is still a need for approaches that support companies, especially Small and Medium-sized Enterprises (SME), during the cybersecurity planning and investment decisions. This PhD thesis addressed cybersecurity planning and investment gaps by proposing the CyberTEA approach. This approach is composed of a five-phase methodology, a framework, and a set of solutions for cybersecurity planning and investment, considering the technical requirements of cybersecurity and its economic dimensions, such as the potential economic impacts of cyberattacks and the cost-benefit of protections available on the market to protect against specific threats. The evaluations and scientific advances of CyberTEA approach was proven valid to support SMEs while also showing the benefits and opportunities for cybersecurity economic approaches. |
|
Jan Von der Assen, Alberto Huertas Celdran, Adrian Zermin, Raffael Mogicato, Gérôme Bovet, Burkhard Stiller, SecBox: A Lightweight Container-based Sandbox for Dynamic Malware Analysis, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
Cybersecurity solutions based on machine learning (ML) and behavioral fingerprinting have demonstrated their suitability when detecting heterogeneous malware. However, most solutions are black boxes missing explainable and visual capabilities needed to analyze relevant metrics and malicious behaviors to be collected. In this demonstration, SecBox, a dynamic malware analysis platform with integrated data collection and visualization for malware execution, is presented. To provide a lightweight sandboxing approach, the architecture relies on Linux containers for isolation. The sandboxing and data analysis components of the SecBox architecture are deployed in a test bed to show the analysis of two malware families. In the presented scenario, the Monti ransomware and CoinMiner, a Monero-based cryptojacker are analyzed after obtaining them from a public database. |
|
Wissem Soussi, Maria Christopoulou, George Xilouris, Edgardo Montes de Oca, Vincent Lefebvre, Gürkan Gür, Burkhard Stiller, Demo: Closed-Loop Security Orchestration in the Telco Cloud for Moving Target Defense, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
This work presents a Moving Target Defense (MTD) framework for the protection of network slices and virtual resources in a telco cloud environment. The preliminary implementation provides a closed-loop security management of services with proactive MTD operations to reduce the success probability of attacks, and reactive MTD operations, empowered by a tampering detection and a traffic-based anomaly detection system. MTD strategies are adaptive and optimized with deep reinforcement learning (deep-RL) for balancing costs, security, and availability goals defined in a Multi-Objective Markov Decision Process (MOMDP). |
|
Wissem Soussi, Maria Christopoulou, Themis Anagnostopoulos, Gürkan Gür, Burkhard Stiller, TopoFuzzer - A Network Topology Fuzzer for Moving Target Defense in the Telco Cloud, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
Telecommunication networks are shifting to multi-cloud environments. This trend is expected to shape the standardization and implementation of future networks. Thus, the protection of virtualized services has become more critical. One of the promising methods to secure virtual resources in that setting is Moving Target Defense (MTD). This paper presents the Network Topology Fuzzer (TopoFuzzer) module, enabling different MTD operations that change the topology of a 5G network. An emphasis is given to live re-instantiations and live migrations of running services and, consequently, security gains against Advanced Persistent Threats (APTs). This work utilizes a 5G testbed to evaluate the TopoFuzzer module and MTD operations on Virtual Network Functions (VNFs). |
|
Bruno Rodrigues, Eder J Scheid, Julius willems, Burkhard Stiller, Real-time Medical Devices Inventory Tracking – a Hands-on Experience, In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Institute of Electrical and Electronics Engineers, 2023-05-08. (Conference or Workshop Paper published in Proceedings)
The recent pandemic posed a challenge to several healthcare systems, exposing limited resources and inefficiency in managing PMDs (Portable Medical Devices). This paper reports the experience of an approach enabling hospitals to efficiently find their resources and maximize the usage of PMDs in emergency situations, such as pandemics or natural disasters, when a sudden increase in demand may be anticipated. The key novelty relies on the use of smartphones provided to hospital employees replacing typical stationary gateways spread across a hospital, functioning as mobile gateways with a front-end that assists staff in locating PMDs. As employees approach tagged PMDs, they update their locations in a real-time inventory tracker, delivering accurate data. Experiments were evaluated by contrasting two techniques (fingerprinting and multilateration) based on two different locations (an office and an apartment complex) in Zürich. |
|
Dylan Massey, Neural Approaches to Sentiment Inference, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
In recent years, increased attention in research has been devoted to the Sentiment Analysis (SA) of texts that express positive and negative attitudes more subtly, such as news articles related to politics. The field of research dedicated to inferring such subtle attitudes from text is known as Sentiment Inference (SI). The precise goal of SI is to find out who is opposed to / in favour of whom or what in a given text or who / what is good for / bad for what / whom in a given text. Until now, only a rule-based system has been available for performing SI in the German language. The aim of the present thesis is to investigate and assess the viability of two different neural approaches for German SI, and to compare the two. One approach relies on a text-to-graph Semantic Parser, while the other relies on two separately trained models for entity recognition and relation classification. Since the neural approaches in this thesis rely on training data, and because such data is not readily available for German, the rule-based system is used to generate a silver standard dataset on which the neural approaches are trained and assessed. This thesis provides a first baseline for neural German SI and aims to point out potential directions for further research in this field. |
|
Minh Phuong Vu, Is It Worth Fighting Against Dark Patterns? A Study on Cookie Banner UI Alternatives and Their Efficacy, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
Dark Patterns are deceptive design techniques that trick users into actions they did not mean to do. They can be found on many websites and applications. As Dark Patterns are categorised and thoroughly analysed, researchers developed methods to detect Dark Patterns on web pages. They also designed and developed plugins for web browsers to counteract deceptive design by highlighting or informing users about Dark Patterns. Although it has been shown that these plugins can detect many Dark Patterns automatically, there is little evaluation conducted on whether the implemented methods against deceptive design are effective at counteracting the effects caused by Dark Patterns. This study aims to evaluate these methods by testing them on a cookie banner in a controlled experiment. Cookie banners are known to have many Dark Patterns that nudge website visitors towards privacy-unfriendly options. The results from our study indicate that the methods against deceptive design do not significantly nudge users towards privacy-friendly choices. This study demonstrates that highlighting elements, raising awareness and recommending actions are insufficient to counteract the deceptive design of cookie banners. Furthermore, it shows that the efficacy of methods against Dark Patterns needs to be evaluated before they are implemented. |
|
Lucas Amherd, Hedera Hashgraph: Another Brick in the Centralised Wall?, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
An integral virtue of distributed ledger technologies is their acclaimed higher level of decentralisation compared to traditional financial systems. Empirical literature, however, suggests that many systems tend towards centralisation as well, creating a gap between the common narrative and the actual state of these networks. This study expands the current literature by offering a first-time, basic analysis of the degree of decentralisation of the platform Hedera Hashgraph, a public permissioned distributed ledger technology, employing data directly fetched from a network node. The results show a considerably higher amount of released supply compared to the release schedule and a growing number of daily active accounts. Also, Hedera Hashgraph exhibits a high centralisation of wealth and a small core that acts as an intermediary in transactions for the rest of the network. However, the Nakamoto index and Theil index point to recent progress towards a more decentralised network in terms of network usage and wealth distribution. |
|
Mengqi Wang, Neural Implicit Surface Reconstruction for Reflective Surfaces, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
3D reconstruction from calibrated multi-view images without 3D supervision is a long-standing problem in computer vision. Classical approaches, such as multi-view stereo (MVS), struggle to generate complete meshes for textureless or non-Lambertian surfaces due to poor correspondence matchings between different views. Following the seminal work of NeRF, multi-view 3D reconstruction combining neural implicit representations with volume rendering has emerged as a promising alternative, enabling flexible shape and appearance modeling. However, these methods face challenges in handling specularities and reflections on glossy surfaces.
In this work, we introduce Ref-SDF, a volume rendering-based neural implicit surface reconstruction method capable of recovering challenging reflective surfaces. Ref-SDF extends the view-dependent appearance structure introduced in Ref-NeRF by incorporating SDF surface representation, resulting in both more photo-realistic rendering and accurate geometry. Our pipeline showcases superior performance in terms of geometry reconstruction quality and rendering quality when compared to state-of-the-art methods. Notably, our approach achieves these results without requiring additional geometric supervision, while remaining competitive with methods that rely on geometric cues. Thus, our method allows for broader applications in scenarios where geometric cues are not available and is not constrained by the quality of depth or normal maps computed by pretrained monocular estimators. |
|
Clara-Maria Barth, 'Well, it depends…': Investigating the Needs and Expectations for Blood Glucose Predictions in People with Type 1 Diabetes , University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
Type 1 diabetes (T1D) is a chronic autoimmune disease that results in the body’s inability to produce the insulin required to maintain healthy blood glucose levels. As T1D commonly develops during childhood, people with T1D require lifelong and intensive self-management to avoid life-threatening health complications. Self-management of T1D is a complex process that involves multiple interdependent factors, frequent anticipation of future blood glucose changes and complex decision-making processes. Recent advances in technology, such as continuous blood glucose monitors or hybrid closed-loop systems have facilitated this process. Nonetheless, self-management remains time-intensive and poses a high burden. Recent approaches use machine-learning-based algorithms to generate blood glucose predictions to facilitate the complex decision-making processes involved in self-management. However, there is a lack of research addressing the individualized and human-centered needs and expectations of people with T1D regarding blood glucose predictions. In the following thesis, we set out to capture and analyze the lived experience of people with T1D including their needs and expectations of apps supporting blood glucose predictions. To this end we designed and developed a prototype MOON-T1D supporting blood glucose predictions, on the basis of a systematic literature review. Subsequently, we conducted an Experience Sampling Method study coupled with semi-structured interviews with three individuals with T1D who used MOON-T1D over the course of five days. Finally, we used three case-studies and conducted a reflexive thematic analysis, which resulted in four distinct themes, to report on design opportunities and challenges of blood glucose predictions to effectively and individually support people with T1D. |
|
Dhivyabharathi Ramasamy, Cristina Sarasua, Alberto Bacchelli, Abraham Bernstein, Visualising data science workflows to support third-party notebook comprehension: an empirical study, Empirical Software Engineering, Vol. 28 (3), 2023. (Journal Article)
Data science is an exploratory and iterative process that often leads to complex and unstructured code. This code is usually poorly documented and, consequently, hard to understand by a third party. In this paper, we first collect empirical evidence for the non-linearity of data science code from real-world Jupyter notebooks, confirming the need for new approaches that aid in data science code interaction and comprehension. Second, we propose a visualisation method that elucidates implicit workflow information in data science code and assists data scientists in navigating the so-called garden of forking paths in non-linear code. The visualisation also provides information such as the rationale and the identification of the data science pipeline step based on cell annotations. We conducted a user experiment with data scientists to evaluate the proposed method, assessing the influence of (i) different workflow visualisations and (ii) cell annotations on code comprehension. Our results show that visualising the exploration helps the users obtain an overview of the notebook, significantly improving code comprehension. Furthermore, our qualitative analysis provides more insights into the difficulties faced during data science code comprehension. |
|
Timothy-Till Näscher, Poisoning Attack Behavior Detection in Federated Learning, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
Federated Learning has emerged as a viable alternative to traditional Machine Learning in scenarios, where client data is highly sensitive and the client devices are capable of local computation of model updates. Much of the recent work in the area of Federated Learning was targeted towards the centralized setting, where locally computed model updates are aggregated by a centralized server to create a global model. Recently, a new approach has emerged: a fully decentralized network where clients themselves are responsible for aggregating updates of neighboring nodes. Recent interest in this setting has spurred interest in the creation of a unified framework, that is capable of simulating both centralized, as well as decentralized Federated Learning. Ideally, this framework is also capable of simulation under a byzantine setting, where client devices may be malicious and attempt to harm the shared model by providing false data or poisoned model updates. This would allow for direct comparison of the centralized and decentralized approach under various scenarios, such as different attacks or aggregation rules. Such a comparison could deliver valuable insights on their behavioral differences and benefits/disadvantages of either setting.
The FedStellar framework fills these requirements by providing capabilities to simulate either scenario with benign clients, yet so far it offers no support for the byzantine setting. In this thesis, the FedStellar framework is expanded with additional functionality, implementing more data- as well as model-based poisoning attacks and Aggregation Rules. Additionally, the new functionality is used to simulate and analyze different scenarios. |
|
Tobias Boner, Deferral - High-Volume Decentralized Blockchain-Based Referral Systems, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
The rise of digital marketing has holistically reshaped and influenced many aspects of the marketing field and is characterized by modern technologies. During the process, existing disciplines, such as referral marketing, have been transformed to employ large automated systems dealing with high volumes of users and data representing the marketing interests of companies across diverse industries. However, most of these systems rely on centralized architectures and thus miss out on potential advantages a decentralized approach could bring. Decentralized referral systems could provide trust and transparency and tackle known issues such as complex and expensive payout processes of referral rewards.
This thesis aims to investigate and evaluate the feasibility of a high-volume decentralized referral system. The main requirements of such a system are defined in the current context, and its solution architecture is outlined. Thereby, multiple blockchain-based solution designs are developed to compare and showcase decentralized referral systems with varying complexities. The different solution prototypes are implemented as smart contracts. The smart contracts are tested and analyzed concerning their costs and performance in exemplary evaluations involving high volumes of participating users. In the best-case scenario, the final Deferral solution, including several tested and evaluated smart contracts, can serve as a framework for designing and implementing blockchain-based decentralized referral systems.
Conclusively, the examination of the generated results confirms the feasibility of a high-volume decentralized and blockchain-based referral system from a technical point of view. Furthermore, the challenges of implementing and operating such a system in a real-world environment, including the interdependence of the technical and conceptual or economical design, are discussed. Finally, the implications of varying degrees of decentralization among the different components of the Deferral solution are reviewed. |
|
Robert Oles, Detection and Classification of Malware using File System Dimensions for MTD on IoT, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
The aim of this thesis is the design and implementation of a system that dynamically detects Ransomware based on file system activity. Implementation of custom overlay file system has made possible to log the file system activity of all processes in a form of comma-separated values (CSV) file. Features such as entropy of write operations, number of reads and number of write operations are used to train the classification models. Further, the overlay file system also serves the purpose of mitigating the attack. As soon as the model detects malicious activity, the overlay file system initiates a moving target defense strategy (MTD), which changes the name of a file after the file has been read by any process. This renders making any changes to the file impossible, which prevents the Ransomware from encrypting further user data. Additionally, the collected raw features are analyzed with respect to entropy of write operations as well as the number of reads and writes of different workloads. The file system operations for both malicious and benign workloads are put into perspective. The detection system has been deployed to a Raspberry Pi machine and has shown high performance in terms of speed of detection and accuracy of detection. Finally, the performance overhead of the detection system has been analyzed. With the detection system running, the speed of write operations has decreased two-fold in comparison to the machine running without the detection system. |
|