We use an application scenario that collects, transports and stores sensor data in a database. The data is gathered with a high frequency of 1000 datasets per second. In the context of this scenario, we analyze the performance of multiple popular database systems. The benchmark results include the load on the system writing the data and the system running the database.

In our previous work, we proposed a system which makes complex production machines more user-friendly by giving the recommendations to the operator. So, we assist the user working with a complex production machine. The recommen- dations are presented like: ”In the last 10 occurrences of this event the operators performed the following keystrokes”. While working on the project, we had problems with retrieving the correct recommendations from our knowledge base. Meanwhile, we gathered more data from our project partners. Now, we dive deeper into this data in order to improve our solutions. This work describes methods to preprocess the data. This preprocessing should help us building up the knowledge base. To achieve this automatically, we do not want to know much about the machine and the production process itself.

Complementing previous research, this paper addresses the challenge of exploring the drivers of customer dissatisfaction in buyer-manufacturer relationships in a B2B and a business-to-government (B2G) context, to enhance existing models of the outcomes of dissatisfaction. Based on qualitative data in a dyadic research setting, this paper collects and analyzes data from both the buying and manufacturing side in Germany, referring to internationally sold standard and customized product solutions. Customers are not limited to business clients, they include public institutions and partners. Embedding empirical observations and data in established theoretical frames, this paper enhances existing dissatisfaction research by adding its antecedents and suggests a new unified customer satisfaction and dissatisfaction model. Empirical results provide substantial implications for both B2B and B2G marketing management. Additionally, the implications for future academic research are outlined.

Critical Infrastructures (CIs) use Supervisory Control And Data Acquisition (SCADA) systems for remote control and monitoring. Sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and variety due to the massive spread of connectivity and standardisation of open SCADA protocols. Traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. Therefore, in this paper, we assess Machine Learning (ML) for intrusion detection in SCADA systems using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), and Random Forest (RF) are assessed in terms of accuracy, precision, recall and F 1 score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF detect intrusions effectively, with an F 1 score of respectively > 99%.

Code similarity measures create a comparison metric showing to what degree two code samples have the same functionality, e.g., to statically detect the use of known libraries in binary code. They are both an indispensable part of automated malware analysis, as well as a helper for the detection of plagiarism (IP protection) and the illegal use of open-source libraries in commercial apps. The centroid similarity metric extracts control-flow features from binary code and encodes them as geometric structures before comparing them. In our paper, we propose novel improvements to the centroid approach and apply it to the ARM architecture for the first time. We implement our approach as a plug-in for the IDA Pro disassembler and evaluate it regarding efficiency, accuracy and robustness on Android. Based on a dataset of 508,745 APKs, collected from 18 third-party app markets, we achieve a detection rate of 89% for the use of native code libraries, with an FPR of 10.8%. To test the robustness of our approach against the compiler version, optimization level, and other code transformations, we obfuscate and recompile known open-source libraries to evaluate which code transformations are resisted. Based on our results, we discuss how code re-use can be hidden by obfuscation and conclude with possible improvements.

With SDN/NFV, the telecom industry embraces operational flexibility and cost optimization, while facing new risks from off-premise cloud computing, known as introspection by malicious operators. Introspection is identified as a serious risk only by the IT industry in general when considering cloud operation. To mitigate it, processor vendors have invested in the last decade to design Trusted Execution Environments (TEEs) plugged into their processor architectures. TEEs bring a quantum hardware-level security higher than any software-based security. They are all essentially aimed at protecting data and code when executed and processed in the cloud or in untrusted environment. In this paper, we emphasize on the blocking factors for the use of TEEs today: processor market fragmentation, major architectural and design deviations between TEEs from various CPU vendors and finally, a relatively complex enablement of these TEE technologies for non-security experts. We describe a code interpretation solution to break those blocking factors by providing a universal abstraction layer for TEEs. The paper gives a conceptual blueprint of a solution that enables Intel's SGX and AMD's SEV, defined as the most contemplated candidates in this paper for SDN/NFV or 5G deployment. Our study presents the key challenges and advanced functionalities we view as essential for meeting key SDN/NFV requirements and which are deploy ability, software performance and easy setup. Innovative directions are given to deal efficiently with these upcoming requirements.

In this paper, we leverage SGX to provide a secure remote computation framework to be used in a cloud scenario. Our framework consists of two parts, a local part running on the user's machine and a remote part which is executed within the provider's environment. Users can connect and authenticate themselves to the remote side, verify the integrity of a newly spawned loading enclave, and deploy confidential code to the provider's machine. While we are not the first using SGX in a cloud scenario, we provide a full implementation considering all practical pitfalls, e.g., we use Intel's Attestation Services to prove the integrity of the loading enclave to our users. We also take care of establishing a secure bidirectional channel between the target enclave and the client running on the user's machine to send code, commands, and data. The performance overhead of CPU-bound applications using our framework is below 10% compared to remote computation without using SGX.

Dynamic analysis of Android malware suffers from techniques that identify the analysis environment and prevent the malicious behavior from being observed. While there are many analysis solutions that can thwart evasive malware on Windows, the application of similar techniques for Android has not been studied in-depth. In this paper, we present Lumus, a novel technique to uncover evasive malware on Android. Lumus compares the execution traces of malware on bare metal and emulated environments. We used Lumus to analyze 1,470 Android malware samples and were able to uncover 192 evasive samples. Comparing our approach with other solutions yields better results in terms of accuracy and false positives. We discuss which information are typically used by evasive malware for detecting emulated environments, and conclude on how analysis sandboxes can be strengthened in the future.

Laser cladding on 200 μm thin substrates is a challenge due to poor heat dissipation. Successful coatings were produced using Yb fiber laser with closed-loop controlled laser power. Samples were investigated by SEM and EDS.

This book describes the results of a research project on compliance and organizational integrity, financed by the German government and conducted over the last three years. The book offers a theoretical framework and valid instruments for measuring the outcome of compliance management: organizational integrity. To pinpoint the specifics of organizational integrity, and to create a framework for assessment, the book analyzes not only the cases of Siemens and Deutsche Bank but also a specific form of organization: governmental organizations. The book includes the results of a survey of employees in five German cities, in the course of which the author conducted interviews with the personnel responsible for compliance in different organizations. In addition, during their discussions he analyzed the administrative staff with regard to the decision-making processes they were involved in.

You all know this from watching CSI: When a crime is committed, usually some form of digital evidence is left on devices such as computers, mobile phones, or the navigation system of a car a suspect has used. Indeed, law enforcement agencies are regularly interested in data from personal devices to find evidence, guide investigations, or even act as proof in a court of law. This tutorial article by Felix Freiling et al. mentions the San Bernadino case as a prominent example. But how do police investigators go about accessing this evidence? Is what is shown on TV realistic? Whereas, in times of classical hard disks, accessing data was quite easy due to the non- volatility of the memory device. However, this is getting increasingly difficult because of developing technologies like SSDs, other forms of flash storage, and, in particular, for volatile memory such as RAM, with the major problem being to read out data while guarding “authenticity.” In the past ten years, there has been some substantial development in the area of forensic data acquisition, which is summarized by the article. It gives clear indications of what currently can be technically done and what cannot be done by police investigators. So, if you watch CSI again and the cops need to access some digital evidence, you can tell truth from fiction. —Jürgen Teich, Friedrich-Alexander-Universität Erlangen-Nürnberg