Calvin Falter, Emulator for Distributed DDoS Datasets (EDDD), University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
With the rapid escalation in prevalence and severity of Distributed Denial of Service (DDoS) attacks, the need for robust and effective countermeasures has become paramount. This thesis presents a unique approach to tackling this issue through the development of an emulator tool that generates distributed DDoS datasets. Addressing the limitations of existing, predominantly centralized DDoS datasets, this tool provides a distributed perspective, offering critical insights into the dynamics of these attacks.
Built upon the open-source flexibility of Network Simulator 3 (NS3), the emulator is capable of modeling SYN flood traffic, ICMP flood traffic, and legitimate traffic, each one based on pre-existing datasets, thereby increasing the richness and realism of simulated DDoS scenarios. The tool's architectural design allows for comprehensive configuration of network structures that can realistically span multiple countries, significantly enhancing the range of attack scenarios that can be explored. Providing outputs in the widely used PCAP format and featuring a straightforward command-line interface, the tool is designed to be highly accessible for both research and deployed applications.
In essence, this tool constitutes a significant step forward in DDoS research, laying a solid foundation for future enhancements. It stands as a testament to the potential for improving our understanding and mitigation strategies in the face of increasingly complex and destructive DDoS attacks. The insights it offers into attack dynamics mark a valuable addition to the ongoing efforts in network security. |
|
Jonas Brunner, Reassembler - Towards a Global DDoS Attack Analysis Using Attack Fingerprints, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
In recent years, the frequency and scale of Distributed Denial-of-Service (DDoS) attacks have increased significantly, yet they remain an unsolved problem. Many intrusion detection systems employ shared attack fingerprints and signatures as a standard practice to detect cyber attacks. For DDoS attacks, a single attack fingerprint typically is not enough to detect other attacks of the same kind. However, attack fingerprints can still be useful, especially when the same attack is observed from multiple locations.
Thus, this work proposes Reassembler, a tool that enables global analysis of DDoS attacks based on attack fingerprints recorded at different locations. For this, multiple attack scenarios are specified using a custom-built simulated network. Based on the attack scenarios, the Reassembler solution is implemented, analyzing and aggregating attack fingerprints into a global view.
Reassembler is evaluated based on four simulated and one real use case (based on real DDoS network traces), demonstrating that the Reassembler can derive interesting properties such as the number of intermediate nodes or the estimated percentage of spoofed IPs. Based on different experiments, it is shown under which circumstances the Reassembler performs best and where improvements are needed. |
|
Alberto Huertas Celdran, Pedro Miguel Sánchez Sánchez, Miguel Azorín, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, Intelligent and behavioral-based detection of malware in IoT spectrum sensors, International Journal of Information Security, Vol. 22 (3), 2023. (Journal Article)
The number of Cyber-Physical Systems (CPS) available in industrial environments is growing mainly due to the evolution of the Internet-of-Things (IoT) paradigm. In such a context, radio frequency spectrum sensing in industrial scenarios is one of the most interesting applications of CPS due to the scarcity of the spectrum. Despite the benefits of operational platforms, IoT spectrum sensors are vulnerable to heterogeneous malware. The usage of behavioral fingerprinting and machine learning has shown merit in detecting cyberattacks. Still, there exist challenges in terms of (i) designing, deploying, and evaluating ML-based fingerprinting solutions able to detect malware attacks affecting real IoT spectrum sensors, (ii) analyzing the suitability of kernel events to create stable and precise fingerprints of spectrum sensors, and (iii) detecting recent malware samples affecting real IoT spectrum sensors of crowdsensing platforms. Thus, this work presents a detection framework that applies device behavioral fingerprinting and machine learning to detect anomalies and classify different botnets, rootkits, backdoors, ransomware and cryptojackers affecting real IoT spectrum sensors. Kernel events from CPU, memory, network,file system, scheduler, drivers, and random number generation have been analyzed, selected, and monitored to create device behavioral fingerprints. During testing, an IoT spectrum sensor of the ElectroSense platform has been infected with ten recent malware samples (two botnets, three rootkits, three backdoors, one ransomware, and one cryptojacker) to measure the detection performance of the framework in two different network configurations. Both supervised and semi-supervised approaches provided promising results when detecting and classifying malicious behaviors from the eight previous malware and seven normal behaviors. In particular, the framework obtained 0.88–0.90 true positive rate when detecting the previous malicious behaviors as unseen or zero-day attacks and 0.94–0.96 F1-score when classifying them |
|
Alberto Huertas Celdran, Pedro Miguel Sánchez Sánchez, Chao Feng, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, Privacy-preserving and Syscall-based Intrusion Detection System for IoT Spectrum Sensors Affected by Data Falsification Attacks, IEEE Internet of Things Journal, Vol. 10 (10), 2023. (Journal Article)
Crowdsensing platforms collect, process, transmit, and analyze spectrum data worldwide to optimize radio frequency spectrum usage. However, Internet-of-Things (IoT) spectrum sensors, performing some of the previous tasks, are exposed to software manipulation aiming to execute spectrum sensing data falsification (SSDF) attacks to compromise data integrity and spectrum optimization. Novel intrusion detection systems (IDSs) combining device fingerprinting with Machine and Deep Learning (ML/DL) improve the limitation of traditional solutions and remove the necessity of redundant sensors and reputation mechanisms. However, they fail when detecting SSDF attacks accurately while protecting sensors privacy. This work proposes a novel host-based and federated learning-oriented IDS for IoT spectrum sensors that considers unsupervised ML/DL and fingerprints based on system calls. The framework detection performance and consumption of resources are analyzed in local and federated scenarios with six spectrum sensors deployed on Raspberry Pis. The obtained results significantly improve related work when detecting SSDF attacks while protecting sensors privacy, and consuming CPU, memory, and storage of sensors in a reduced manner. |
|
Timothy-Till Näscher, Poisoning Attack Behavior Detection in Federated Learning, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
Federated Learning has emerged as a viable alternative to traditional Machine Learning in scenarios, where client data is highly sensitive and the client devices are capable of local computation of model updates. Much of the recent work in the area of Federated Learning was targeted towards the centralized setting, where locally computed model updates are aggregated by a centralized server to create a global model. Recently, a new approach has emerged: a fully decentralized network where clients themselves are responsible for aggregating updates of neighboring nodes. Recent interest in this setting has spurred interest in the creation of a unified framework, that is capable of simulating both centralized, as well as decentralized Federated Learning. Ideally, this framework is also capable of simulation under a byzantine setting, where client devices may be malicious and attempt to harm the shared model by providing false data or poisoned model updates. This would allow for direct comparison of the centralized and decentralized approach under various scenarios, such as different attacks or aggregation rules. Such a comparison could deliver valuable insights on their behavioral differences and benefits/disadvantages of either setting.
The FedStellar framework fills these requirements by providing capabilities to simulate either scenario with benign clients, yet so far it offers no support for the byzantine setting. In this thesis, the FedStellar framework is expanded with additional functionality, implementing more data- as well as model-based poisoning attacks and Aggregation Rules. Additionally, the new functionality is used to simulate and analyze different scenarios. |
|
Tobias Boner, Deferral - High-Volume Decentralized Blockchain-Based Referral Systems, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
The rise of digital marketing has holistically reshaped and influenced many aspects of the marketing field and is characterized by modern technologies. During the process, existing disciplines, such as referral marketing, have been transformed to employ large automated systems dealing with high volumes of users and data representing the marketing interests of companies across diverse industries. However, most of these systems rely on centralized architectures and thus miss out on potential advantages a decentralized approach could bring. Decentralized referral systems could provide trust and transparency and tackle known issues such as complex and expensive payout processes of referral rewards.
This thesis aims to investigate and evaluate the feasibility of a high-volume decentralized referral system. The main requirements of such a system are defined in the current context, and its solution architecture is outlined. Thereby, multiple blockchain-based solution designs are developed to compare and showcase decentralized referral systems with varying complexities. The different solution prototypes are implemented as smart contracts. The smart contracts are tested and analyzed concerning their costs and performance in exemplary evaluations involving high volumes of participating users. In the best-case scenario, the final Deferral solution, including several tested and evaluated smart contracts, can serve as a framework for designing and implementing blockchain-based decentralized referral systems.
Conclusively, the examination of the generated results confirms the feasibility of a high-volume decentralized and blockchain-based referral system from a technical point of view. Furthermore, the challenges of implementing and operating such a system in a real-world environment, including the interdependence of the technical and conceptual or economical design, are discussed. Finally, the implications of varying degrees of decentralization among the different components of the Deferral solution are reviewed. |
|
Robert Oles, Detection and Classification of Malware using File System Dimensions for MTD on IoT, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
The aim of this thesis is the design and implementation of a system that dynamically detects Ransomware based on file system activity. Implementation of custom overlay file system has made possible to log the file system activity of all processes in a form of comma-separated values (CSV) file. Features such as entropy of write operations, number of reads and number of write operations are used to train the classification models. Further, the overlay file system also serves the purpose of mitigating the attack. As soon as the model detects malicious activity, the overlay file system initiates a moving target defense strategy (MTD), which changes the name of a file after the file has been read by any process. This renders making any changes to the file impossible, which prevents the Ransomware from encrypting further user data. Additionally, the collected raw features are analyzed with respect to entropy of write operations as well as the number of reads and writes of different workloads. The file system operations for both malicious and benign workloads are put into perspective. The detection system has been deployed to a Raspberry Pi machine and has shown high performance in terms of speed of detection and accuracy of detection. Finally, the performance overhead of the detection system has been analyzed. With the detection system running, the speed of write operations has decreased two-fold in comparison to the machine running without the detection system. |
|
Pedro Miguel Sánchez Sánchez, Alberto Huertas Celdran, Gerome Bovet, Gregorio Martínez Pérez, Burkhard Stiller, SpecForce: A Framework to Secure IoT Spectrum Sensors in the Internet of Battlefield Things, IEEE Communications Magazine, Vol. 61 (5), 2023. (Journal Article)
The battlefield has evolved into a mobile and dynamic scenario where soldiers and heterogeneous military equipment exchange information in real-time and wirelessly. This fact brings to reality the Internet of Battlefield Things (IoBT). Wireless communications are key enablers for the IoBT, and their management is critical due to the spectrum scarcity and the increasing number of IoBT devices. In this sense, IoBT spectrum sensors are deployed on the battlefield to monitor the frequency spectrum, transmit over unoccupied bands, intercept enemy transmissions, or decode valuable information. However, IoBT spectrum sensors are vulnerable to heterogeneous cyber-attacks, and their accurate detection is an open challenge in the literature. Thus, this paper presents SpecForce, a security framework for IoBT spectrum sensors based on device behavioral fingerprinting and ML/DL techniques. SpecForce considers heterogeneous data sources to detect the most dangerous and recent cyber-attacks affecting IoBT spectrum sensors, such as impersonation, malware, and spectrum sensing data falsification attacks. To evaluate the SpecForce detection performance, it has been deployed on 25 real spectrum sensors, and results show almost perfect detection for the three cyber-attack families previously mentioned. |
|
Filip Trendafilov, Implementation of Membership Inference Attack Affecting Federated Learning-based Anomaly Detection System, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
This thesis investigates the data privacy preservation capabilities of Federated Learning (FL), specifically focusing on Centralized Federated Learning (CFL) and Decentralized Federated Learning (DFL) settings. Despite their existing data privacy advantages, both CFL and DFL have been shown to be vulnerable to adversarial attacks, including Membership Inference Attacks (MIA). This thesis compares the data privacy-preserving capabilities of CFL and DFL, trained on MNIST, FashionMNIST, and CIFAR-10, against White-Box and Black-Box MIA across various performance metrics. Furthermore, the most commonly used defense techniques used against MIA are discussed, such as Differential Privacy (DP), Regularization, and Knowledge Distillation.
The findings suggest that FL models generally provide better data privacy than ML models, with CFL being the best data privacy preserving federation against shadow models using binary classifier-based MIA and DFL models with a fully connected network topology, showing strong resistance against MIA using a prediction-based classifier. This work offers valuable insights into the data privacy-preserving abilities of CFL and DFL in different scenarios and underlines the importance of further research in the domain of data privacy in collaborative ML. |
|
Philip Giryes, Traffic Counting in Mesh Networks, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
The rapid development of technology requires architectures that can adapt to this high demand. Using mesh networks can provide a dynamic and cost-efficient way for horizontal scalability. Although mesh networks have many advantages, these networks lose the ability to monitor traffic reliably. Traffic monitoring on mesh networks would be beneficial for network operators. It would reduce the opportunity cost of adapting mesh networks compared to traditional network topologies. In this thesis, a new protocol will try to provide a new approach to traffic accounting. The Cascade Encryption Protocol (CEC) will couple monitoring- and data traffic utilizing encryption to encapsulate routing information in the packets.
The CEC protocol was evaluated using simulations on a larger scale on the Abilene topology for a real-life-like environment and line topology on a smaller scale to determine created overhead. The analysis showed a correlation between the overhead and the number of flows on the small-scale tests. Furthermore, the protocol’s performance stays steady on a fully utilized network and degrades slowly as the number of flows increases. |
|
Said Haji Abukar, Creation of a Platform to Compute the Trustworthiness Level of Unsupervised and Supervised ML/DL Models, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
AI has the potential to revolutionize industries and improve daily life through the development of advanced machine learning (ML) and deep learning (DL) models. These models, such as chatbots and language models, use algorithms or artificial neural networks to recognize patterns and make decisions. ML involves training algorithms on large datasets to identify patterns and make decisions, while DL uses artificial neural networks composed of interconnected nodes called artificial neurons to process and transmit information. Neural networks can learn and make decisions by adjusting the connections between neurons based on input data. There are two types of ML and DL: unsupervised and supervised. Unsupervised learning involves using algorithms or neural networks to learn from data without labeled outcomes, while supervised learning involves training algorithms or neural networks on labeled data to make predictions or decisions.
As AI becomes more advanced and widespread, it is important to have confidence in the decisions and actions of these systems. Trusted AI refers to the reliability and ethical behavior of AI systems. It is crucial to have a framework for evaluating the trustworthiness of different AI models to ensure their safe and responsible deployment. A taxonomy of pillars and metrics can be used to quantify the trustworthiness of AI models, allowing for a structured and comprehensive evaluation of their strengths and limitations. The following bachelor thesis aims to survey existing platforms, define requirements and develop a web app that allows the computation of the trustscore, pillarscores, metricscores of supervised and unsupervised and DL platform is extended to allow for user management, and the return of the trustworthiness levels via API endpoints. |
|
Janik Lüchinger, AI-powered Ransomware to Optimize its Impact on IoT Spectrum Sensors, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
This work aims to investigate the feasibility of exploiting reinforcement learning (RL) to improve the impact of ransomware on a target device while evading dynamic detection methods such as behavioral fingerprinting-based anomaly detection (AD). Given the constantly growing number of connected resource-constrained devices, such as Internet of Things (IoT) devices, and the significant rise in ransomware attacks over the past years, the importance of investigating ransomware attacks and corresponding defense approaches is evident. So far, most related research has been confined to exploring unethical artificial intelligence (AI) systems instead of analyzing the possibilities of using AI for launching optimized malware attacks.
This work covers the mentioned limitations and introduces Ransomware Optimized with AI for Resource-constrained devices (ROAR), an RL framework to hide ransomware from dynamic detection mechanisms and optimize its impact on the target device. ROAR has been deployed in a real-world IoT crowdsensing scenario, including a Raspberry Pi 4 as a spectrum sensor. The Raspberry Pi was infected with ROAR, and behavioral data were collected from the target device to facilitate environment simulation. The results obtained by executing prototypes of the RL agent have been aggregated, and the corresponding plots are discussed and compared. These findings suggest that no relation exists between individual actions within an episode and that discounting future rewards does not improve performance in this particular RL problem. Overall, this work demonstrates the feasibility of optimizing ransomware attacks with RL and the effectiveness of the resulting evasion capabilities. The findings derived from the collected results hold in a simulated environment and when the agent is deployed in a real scenario. To our knowledge, this work is the first to investigate the possibilities of supporting malware attacks with RL during the attack phase. Further studies are needed to investigate additional optimizations of the RL model, efficiency improvements to the underlying ransomware implementation, and the feasibility of attacking more powerful devices. |
|
Maximilian Huwyler, Design and Implementation of a Comparison Tool for Selecting an Information Security Risk Assessment Method, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
With the increasing relevance of the risk concept in the field of information security, numerous new risk assessment methods have emerged. The selection of a suitable risk assessment method can prove itself to be a first obstacle for organizations that do not have the financial resources to employ consulting firms that assist with the risk assessment process. To address this challenge, comparison methods and tools have been developed in academia and the private sector. This thesis provides a comprehensive review of these methods and tools. An improved comparison method is designed based on this review and an in-depth analysis of several common information risk assessment methods. This method is then used to evaluate nine information security risk assessment methods. A navigable prototype for an information security risk assessment knowledge base has been designed and implemented, with the aim of facilitating comparison between methods and helping users select the most suitable assessment method. The improved comparison method is shown to be superior to predecessors by demonstrating that crucial criteria are adopted and novel criteria improve the selection process. Finally, a use case illustrates the efficiency of the prototype. |
|
Aljoscha Schnider, Detection, Identification and Categorisation of IoT devices on iOS, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
The Internet of Things (IoT) has experienced significant growth in recent years, particularly in the area of wireless communication technologies. This thesis focuses on Bluetooth Low Energy (BLE) communication, which has become increasingly important in the IoT ecosystem. Specifically, this research analyses the process of detecting BLE advertisements using an iPhone, and saving the data to an external database. In order to achieve this, a BLE scanner application was developed, capable of storing information found in its vicinity for later analysis.
Due to limiting hardware and the constraints of iOS, it is difficult to gather general information about advertising data of BLE peripherals. By scanning thousands of devices, it was discovered that a significant number of peripherals either do not share any advertising data or the data cannot be accessed on iOS.
The data that is received can be analyzed and utilized to extract device information. The manufacturer can be identified under certain criteria by examining the payload of the advertising data, and it is suggested that device categorisation might also be obtainable. |
|
Josip Harambasic, Design and Implementation of Moving Target Defense Techniques to Break the Cyber Kill Chain in IoT Devices, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
With rising popularity of Internet of Things (IoT) devices for smart homes and industry 4.0, the cyber attacks affecting those devices also increases. Due to their static nature, low security and resource limitation, they are easy targets for Cybercriminals. To make
it more difficult for attackers to attack IoT devices, Moving Target Defense (MTD) as paradigm seems promising. The goal of MTD is to dynamically change the static nature of the device by changing system parameters to disturb or mitigate the ongoing attack.
This thesis proposes a design and an implementation of a lightweight MTD framework, which is able to deploy security solutions against two specific cyber attacks on an IoT device which is based on a Linux operating system. The device fulfils the purpose of a radio spectrum sensor. Depending on the attack report from an external monitoring application, the MTD framework deploys the corresponding MTD solution to deal with Reconnaissance attacks and Cryptojackers. To measure the effectiveness and performance of the provided MTD solution, the solutions are run against real malware. The results seem promising and are able to mitigate the ongoing attack in a lightweight manner without consuming too much resources of the IoT device. The result for dealing with Reconnaissance attacks includes a firewall setup and a dynamic change of the MAC address to confuse the attacker. This leads to 3933.3% more waiting time for the attacker to receive an unusable result which contains only the wrong MAC address that indicates another device instead of the Raspberry Pi used in this thesis.
For the Cryptojacker a dynamic solution is proposed which uses the knowledge about the consensus of Proof of Work, to monitor the network traffic to mitigate the ongoing Cryptojacker. By using a whitelist of allowed tasks using network, every deviation from the whitelist indicates malicious behaviour. By changing the moving parameter, which is the nice value of the task scheduler, it does not provide better results by mitigating the Cryptojacker and can therefore be omitted. In combination with the firewall from the Reconnaissance attack after the Cryptojacker was detected and killed, there is no chance for the Cryptojacker to restart again, since the firewall only allows certain ports and already established connections to send and receive data from the internet. This thesis shows that a combination of a static firewall with a dynamic MTD solution achieves great results defending against Cryberattacks which target IoT devices. Also some information gathered about resource consumption is discussed to illustrate the impact of the attacks on resource constrained IoT devices. |
|
Steven Näf, Design and Implementation of a Cooperative MTD Framework for IoT Devices, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
The Internet of Things (IoT) offers many advantages to our society, including benefits regarding the economy and human convenience. While these are not empty promises, IoT devices have the major drawback of being inherently vulnerable to malware due to various characteristics. As the number of IoT devices is expected to triple by 2030, possible defense mechanisms against such malware (e.g. Bashlite or Mirai) are essential. This thesis proposed and implemented a prototype of a cooperative and reactive Moving Target Defense (MTD) framework that exploits the weaknesses of Bashlite, a well-known IoT malware. The first weakness is the ability to disrupt the connection of a Bashlite client from the Bashlite server by changing the client's IP address. The second vulnerability is that Bashlite scans and distributes itself via the Telnet port 23. Hence, the infected device is instructed to change its local IP address to disconnect itself from the Bashlite server, and the other devices in the network are instructed to temporarily move their Telnet service port to hide until Bashlite is rendered harmless.
Three different evaluation scenarios were created, all consisting of two virtual machines, one of which is infected with Bashlite that attempts to infect the second machine. The scenarios differed in the inclusion of the cooperative component and the trigger of the execution of the MTD techniques. The two possibilities for the trigger were proactive (every minute) and reactive (after the detection of Bashlite). The evaluation scenarios have shown that the proposed cooperative and reactive framework and techniques have significant advantages over a non-cooperative and reactive approach and a cooperative but proactive approach. In addition to halving the overall infection time in the system, the overall availability of the machines, defined by outgoing packet losses and outgoing and incoming Telnet connections, was also significantly improved. In addition, the CPU and RAM usage of the framework and techniques executed were minimal. Although the cooperative and reactive approach provided by far the best results, each MTD approach has its advantages and further research is required to make use of this promising defense mechanism. |
|
Fabian Künzler, Real Cyber Value at Risk: An Approach to Estimate Economic Impacts of Cyberattacks on Businesses, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
To compete in today’s digitized economy, companies rely on computer programs to manage processes efficiently and bring their services directly to customers. However, these tools increase not only business opportunities but also the risk of falling victim to cyber attacks. Consulting firms and academic literature provide several approaches to manage this risk exposure. Nonetheless, most solutions fail to provide individualized, quantitative attack cost estimates based on real-world empirical data. Especially Small and Middle-Sized Enterprises (SME) struggle to quantify their attack exposure due to limited resources and a lack of IT knowledge.
This thesis addresses this gap in the current literature by proposing the novel Real Cyber Value at Risk (RCVaR) framework. Consisting of three components, the RCVaR provides a monetary, annualized cost and risk prediction for an individual firm. Thus, addressing the issue of individual risk perception and allowing cross-domain risk comparisons. Evaluating the cost predictions on previously “unseen” data from real-world incidents shows that the RCVaR achieves an Absolute Percentage Error (APE) of 2%. The evaluation further proves that the model reflects quantitative real-world attack cost behavior. To portray the risk component of the RCVaR, the newly proposed Cyber Value at Risk (CVaR) is integrated into the model.
In contrast to previous research, the CVaR is not computed with Monte Carlo simulations but on the basis of actual historical quantitative data. Both, cost and risk predictions, are tailored towards SMEs and are easily accessible over a web application. The last contribution of this thesis is a Federated Learning (FL) methodology to address the prevalent lack of real-world cost incident data in cyber security economics. Comparing the performance of different FL models against traditional centralized networks suggests that the process can successfully learn cost prediction functions. Consequently, Federated Learning presents a viable solution to the data scarcity issue. In conclusion, the Real Cyber Value at Risk provides a novel and cost-effective approach to obtain quantitative cost and risk measures that integrate seamlessly into the company’s overall budget planning process. |
|
Areg Arakelyan, Fully Automated Charging of Electric Vehicles, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Bachelor's Thesis)
In relation to serious environmental issues and geopolitical challenges, electric mobility has increased in relevance in the past years up to an extent of worldwide acceptance and adaptation.
The future is electric, and our work is aiming to confront the infrastructural challenges focusing especially on older Swiss rental apartments that provide underground parking options for their residents.
User-friendly approaches for the sharing of charging stations between residents, a fully automated charging procedure, and solutions regarding connectivity issues in underground garages are the main focus of our research.
Unique to our solution is the usage of a low-power primitive portable EV home charging device as an alternative to commercial (high-power) devices that come with pre-built communication protocols with a central management system.
We did not only digitize the primitive device enabling its remote usage and communication to a central management system but we also implemented a tailored environment that enhances a fully automated and hands-free EV charging approach based on vehicle plate number recognition mechanisms.
Our solution can be plugged into any domestic socket and implies no infrastructural upgrades in older buildings. At the same time, users can still take advantage of a central management system and an intuitive web frontend for the purpose of shared usage focusing especially on user-friendliness and proper feedback before, during, and after the charging process.
When it comes to the installation costs, our solution represents a fraction of the costs of commercial charging stations since low-power charging devices are much more affordable and foremost because no installations done by certified electricians are longer required.
Regarding future plans: Our work will be further developed to adapt the form of a black box that can be easily integrated into any Swiss residential building that provides an available home socket. |
|
Louis Bienz, HomeScout: A Modular Bluetooth Low Energy Sensing Android App, University of Zurich, Faculty of Business, Economics and Informatics, 2023. (Master's Thesis)
Bluetooth Low Energy (BLE) trackers are affordable devices that are misused for stalking attacks. Apple, for example, offers AirTags as BLE trackers. These are used by users of their ecosystem to retrieve lost items. Unfortunately, cases have come to light in which owners of an AirTag have tracked other people with the help of such a tracker. Apple reacted to this to protect their users. Android users, on the other hand, were not offered a satisfactory solution. An Android app called AirGuard from the Technical University of Darmstadt in Germany addressed this issue. The app scans in the background and informs users about trackers that are following them. Apple and AirGuard use a tracking algorithm defined by them that decides whether a tracker is following the user. In this work, an Android app is developed that allows users to customize such a tracking algorithm. This also enabled this work to evaluate through experiments how such a tracking algorithm should be configured to notify users as quickly as possible of malicious trackers.
Furthermore, this app applies the tracking algorithm not only to BLE trackers but to BLE devices in general, since in principle not only BLE trackers can be used for stalking attacks. Moreover, this work investigated whether BLE trackers can be distinguished from BLE devices using Android’s BLE API. |
|
Burkhard Stiller, Katharina Olga Emilia Müller, Bruno Bastos Rodrigues, Christian Killer, Eder John Scheid, Eryk Jerzy Schiller, Krzysztof Gogol, Muriel Figueredo Franco, Jan Von der Assen, Alberto Huertas Celdran, Chao Feng, Internet Economics XVI, Version: 1, 2023. (Technical Report)
|
|