-
Constraint based Modeling according to Reference Design
Authors:
Erik Heiland,
Peter Hillmann,
Andreas Karcher
Abstract:
Reference models in form of best practices are an essential element to ensured knowledge as design for reuse. Popular modeling approaches do not offer mechanisms to embed reference models in a supporting way, let alone a repository of it. Therefore, it is hardly possible to profit from this expertise. The problem is that the reference models are not described formally enough to be helpful in devel…
▽ More
Reference models in form of best practices are an essential element to ensured knowledge as design for reuse. Popular modeling approaches do not offer mechanisms to embed reference models in a supporting way, let alone a repository of it. Therefore, it is hardly possible to profit from this expertise. The problem is that the reference models are not described formally enough to be helpful in develo** solutions. Consequently, the challenge is about the process, how a user can be supported in designing dedicated solutions assisted by reference models. In this paper, we present a generic approach for the formal description of reference models using semantic technologies and their application. Our modeling assistant allows the construction of solution models using different techniques based on reference building blocks. This environment enables the subsequent verification of the developed designs against the reference models for conformity. Therefore, our reference modeling assistant highlights the interdependency. The application of these techniques contributes to the formalization of requirements and finally to quality assurance in context of maturity model. It is possible to use multiple reference models in context of system of system designs. The approach is evaluated in industrial area and it can be integrated into different modeling landscapes.
△ Less
Submitted 17 June, 2024;
originally announced July 2024.
-
A Document-based Knowledge Discovery with Microservices Architecture
Authors:
Habtom Kahsay Gidey,
Mario Kesseler,
Patrick Stangl,
Peter Hillmann,
Andreas Karcher
Abstract:
The first step towards digitalization within organizations lies in digitization - the conversion of analog data into digitally stored data. This basic step is the prerequisite for all following activities like the digitalization of processes or the servitization of products or offerings. However, digitization itself often leads to 'data-rich' but 'knowledge-poor' material. Knowledge discovery and…
▽ More
The first step towards digitalization within organizations lies in digitization - the conversion of analog data into digitally stored data. This basic step is the prerequisite for all following activities like the digitalization of processes or the servitization of products or offerings. However, digitization itself often leads to 'data-rich' but 'knowledge-poor' material. Knowledge discovery and knowledge extraction as approaches try to increase the usefulness of digitized data. In this paper, we point out the key challenges in the context of knowledge discovery and present an approach to addressing these using a microservices architecture. Our solution led to a conceptual design focusing on keyword extraction, similarity calculation of documents, database queries in natural language, and programming language independent provision of the extracted information. In addition, the conceptual design provides referential design guidelines for integrating processes and applications for semi-automatic learning, editing, and visualization of ontologies. The concept also uses a microservices architecture to address non-functional requirements, such as scalability and resilience. The evaluation of the specified requirements is performed using a demonstrator that implements the concept. Furthermore, this modern approach is used in the German patent office in an extended version.
△ Less
Submitted 13 June, 2024;
originally announced July 2024.
-
A Flexible Cryptographic Infrastructure for High-security SDR-based Systems
Authors:
Peter Hillmann,
Björn Stelte
Abstract:
Military software defined radio (SDR) systems are a major factor in future network-centric operations due to their flexibility and support for more capable radio communications systems. The inherent nature of software-based systems requires a more complex auxiliary infrastructure and multiple independent levels of security compared with typical systems: Secure booting of the SDR device, cryptograp…
▽ More
Military software defined radio (SDR) systems are a major factor in future network-centric operations due to their flexibility and support for more capable radio communications systems. The inherent nature of software-based systems requires a more complex auxiliary infrastructure and multiple independent levels of security compared with typical systems: Secure booting of the SDR device, cryptographically signed software, real time operating platform software as well as radio applications. This technology raises new challenges with respect to the management. The largest impact on SDR deployments is due to the auxiliary cryptographic infrastructure for the security of the software life cycle and the cyclic update of the keys. Compared to conventional radio devices, the SDR system with the cryptographic infrastructure described in this paper reaches a higher security level and is more flexible. The advantage is the possibility to deploy trunked radio system and further waveforms, such as coalition wideband, which will be standardized in the future. Also it is possible to update cryptographic mechanisms. In this work, we analyze the requirements for a high secure SDR deployment and model the life cycle of the components of a deployed SDR node based on the Joint Program Executive Office (JPEO) Software Communication Architecture (SCA).
△ Less
Submitted 18 June, 2024;
originally announced June 2024.
-
Lightweight Public Key Encryption in Post-Quantum Computing Era
Authors:
Peter Hillmann
Abstract:
Confidentiality in our digital world is based on the security of cryptographic algorithms. These are usually executed transparently in the background, with people often relying on them without further knowledge. In the course of technological progress with quantum computers, the protective function of common encryption algorithms is threatened. This particularly affects public-key methods such as…
▽ More
Confidentiality in our digital world is based on the security of cryptographic algorithms. These are usually executed transparently in the background, with people often relying on them without further knowledge. In the course of technological progress with quantum computers, the protective function of common encryption algorithms is threatened. This particularly affects public-key methods such as RSA and DH based on discrete logarithms and prime factorization. Our concept describes the transformation of a classical asymmetric encryption method to a modern complexity class. Thereby the approach of Cramer-Shoup is put on the new basis of elliptic curves. The system is provable cryptographically strong, especially against adaptive chosen-ciphertext attacks. In addition, the new method features small key lengths, making it suitable for Internet-of-Things. It represents an intermediate step towards an encryption scheme based on isogeny elliptic curves. This approach shows a way to a secure encryption scheme for the post-quantum computing era.
△ Less
Submitted 24 November, 2023;
originally announced November 2023.
-
User-Like Bots for Cognitive Automation: A Survey
Authors:
Habtom Kahsay Gidey,
Peter Hillmann,
Andreas Karcher,
Alois Knoll
Abstract:
Software bots have attracted increasing interest and popularity in both research and society. Their contributions span automation, digital twins, game characters with conscious-like behavior, and social media. However, there is still a lack of intelligent bots that can adapt to web environments' variability and dynamic nature. Unlike human users, they have difficulty understanding and exploiting t…
▽ More
Software bots have attracted increasing interest and popularity in both research and society. Their contributions span automation, digital twins, game characters with conscious-like behavior, and social media. However, there is still a lack of intelligent bots that can adapt to web environments' variability and dynamic nature. Unlike human users, they have difficulty understanding and exploiting the affordances across multiple virtual environments.
Despite the hype, bots with human user-like cognition do not currently exist. Chatbots, for instance, lack situational awareness on the digital platforms where they operate, preventing them from enacting meaningful and autonomous intelligent behavior similar to human users.
In this survey, we aim to explore the role of cognitive architectures in supporting efforts towards engineering software bots with advanced general intelligence. We discuss how cognitive architectures can contribute to creating intelligent software bots. Furthermore, we highlight key architectural recommendations for the future development of autonomous, user-like cognitive bots.
△ Less
Submitted 20 November, 2023;
originally announced November 2023.
-
Towards Cognitive Bots: Architectural Research Challenges
Authors:
Habtom Kahsay Gidey,
Peter Hillmann,
Andreas Karcher,
Alois Knoll
Abstract:
Software bots operating in multiple virtual digital platforms must understand the platforms' affordances and behave like human users. Platform affordances or features differ from one application platform to another or through a life cycle, requiring such bots to be adaptable. Moreover, bots in such platforms could cooperate with humans or other software agents for work or to learn specific behavio…
▽ More
Software bots operating in multiple virtual digital platforms must understand the platforms' affordances and behave like human users. Platform affordances or features differ from one application platform to another or through a life cycle, requiring such bots to be adaptable. Moreover, bots in such platforms could cooperate with humans or other software agents for work or to learn specific behavior patterns. However, present-day bots, particularly chatbots, other than language processing and prediction, are far from reaching a human user's behavior level within complex business information systems. They lack the cognitive capabilities to sense and act in such virtual environments, rendering their development a challenge to artificial general intelligence research. In this study, we problematize and investigate assumptions in conceptualizing software bot architecture by directing attention to significant architectural research challenges in develo** cognitive bots endowed with complex behavior for operation on information systems. As an outlook, we propose alternate architectural assumptions to consider in future bot design and bot development frameworks.
△ Less
Submitted 26 May, 2023;
originally announced May 2023.
-
Methodology for Holistic Reference Modeling in Systems Engineering
Authors:
Dominik Ascher,
Erik Heiland,
Diana Schnell,
Peter Hillmann,
Andreas Karcher
Abstract:
Models in face of increasing complexity support development of new systems and enterprises. For an efficient procedure, reference models are adapted in order to reach a solution with les overhead which covers all necessary aspects. Here, a key challenge is applying a consistent methodology for the descriptions of such reference designs. This paper presents a holistic approach to describe reference…
▽ More
Models in face of increasing complexity support development of new systems and enterprises. For an efficient procedure, reference models are adapted in order to reach a solution with les overhead which covers all necessary aspects. Here, a key challenge is applying a consistent methodology for the descriptions of such reference designs. This paper presents a holistic approach to describe reference models across different views and levels. Modeling stretches from the requirements and capabilities over their subdivision to services and components up to the realization in processes and data structures. Benefits include an end-to-end traceability of the capability coverage with performance parameters considered already at the starting point of the reference design. This enables focused development while considering design constraints and potential bottlenecks. We demonstrate the approach on the example of the development of a smart robot. Here, our methodology highly supports transferability of designs for the development of further systems.
△ Less
Submitted 21 November, 2022;
originally announced November 2022.
-
(B)LOCKBOX -- Secure Software Architecture with Blockchain Verification
Authors:
Erik Heiland,
Peter Hillmann
Abstract:
According to experts, one third of all IT vulnerabilities today are due to inadequate software verification. Internal program processes are not sufficiently secured against manipulation by attackers, especially if access has been gained. There is a lack of internal control instances that can monitor and control program flows. Especially when a software vulnerability becomes known, quick action is…
▽ More
According to experts, one third of all IT vulnerabilities today are due to inadequate software verification. Internal program processes are not sufficiently secured against manipulation by attackers, especially if access has been gained. There is a lack of internal control instances that can monitor and control program flows. Especially when a software vulnerability becomes known, quick action is required, whereby the consequences for an individual application are often not foreseeable. With our approach (B)LOCKBOX, software building blocks act as verified entities within a transaction-based blockchain network. Source Code, binaries and application execution become supervised. Unwanted interference and manipulation are prevented by the integrity of the distributed system.
△ Less
Submitted 21 November, 2022;
originally announced November 2022.
-
Enterprise Model Library for Business-IT-Alignment
Authors:
Peter Hillmann,
Diana Schnell,
Harald Hagel,
Andreas Karcher
Abstract:
The knowledge of the world is passed on through libraries. Accordingly, domain expertise and experiences should also be transferred within an enterprise by a knowledge base. Therefore, models are an established medium to describe good practices for complex systems, processes, and interconnections. However, there is no structured and detailed approach for a design of an enterprise model library. Th…
▽ More
The knowledge of the world is passed on through libraries. Accordingly, domain expertise and experiences should also be transferred within an enterprise by a knowledge base. Therefore, models are an established medium to describe good practices for complex systems, processes, and interconnections. However, there is no structured and detailed approach for a design of an enterprise model library. The objective of this work is the reference architecture of a repository for models with function of reuse. It includes the design of the data structure for filing, the processes for administration and possibilities for usage. Our approach enables consistent map** of requirements into models via meta-data attributes. Furthermore, the adaptation of reference architectures in specific use cases as well as a reconciliation of interrelationships is enabled. A case study with industry demonstrates the practical benefits of reusing work already done. It provides an organization with systematic access to specifications, standards and guidelines. Thus, further development is accelerated and supported in a structured manner, while complexity remains controllable. The presented approach enriches various enterprise architecture frameworks. It provides benefits for development based on models.
△ Less
Submitted 21 November, 2022;
originally announced November 2022.
-
Enterprise Architecture Model Transformation Engine
Authors:
Erik Heiland,
Peter Hillmann,
Andreas Karcher
Abstract:
With increasing linkage within value chains, the IT systems of different companies are also being connected with each other. This enables the integration of services within the movement of Industry 4.0 in order to improve the quality and performance of the processes. Enterprise architecture models form the basis for this with a better buisness IT-alignment. However, the heterogeneity of the modeli…
▽ More
With increasing linkage within value chains, the IT systems of different companies are also being connected with each other. This enables the integration of services within the movement of Industry 4.0 in order to improve the quality and performance of the processes. Enterprise architecture models form the basis for this with a better buisness IT-alignment. However, the heterogeneity of the modeling frameworks and description languages makes a concatenation considerably difficult, especially differences in syntax, semantic and relations. Therefore, this paper presents a transformation engine to convert enterprise architecture models between several languages. We developed the first generic translation approach that is free of specific meta-modeling, which is flexible adaptable to arbitrary modeling languages. The transformation process is defined by various pattern matching techniques using a rule-based description language. It uses set theory and first-order logic for an intuitive description as a basis. The concept is practical evaluated using an example in the area of a large German IT-service provider. Anyhow, the approach is applicable between a wide range of enterprise architecture frameworks.
△ Less
Submitted 15 August, 2021;
originally announced August 2021.
-
Reference Service Model for Federated Identity Management
Authors:
Daniela Pöhn,
Peter Hillmann
Abstract:
With the pandemic of COVID-19, people around the world increasingly work from home. Each natural person typically has several digital identities with different associated information. During the last years, various identity and access management approaches have gained attraction, hel** for example to access other organization's services within trust boundaries. The resulting heterogeneity create…
▽ More
With the pandemic of COVID-19, people around the world increasingly work from home. Each natural person typically has several digital identities with different associated information. During the last years, various identity and access management approaches have gained attraction, hel** for example to access other organization's services within trust boundaries. The resulting heterogeneity creates a high complexity to differentiate between these approaches and scenarios as participating entity; combining them is even harder. Last but not least, various actors have a different understanding or perspective of the terms, like 'service', in this context. Our paper describes a reference service with standard components in generic federated identity management. This is utilized with modern Enterprise Architecture using the framework ArchiMate. The proposed universal federated identity management service model (FIMSM) is applied to describe various federated identity management scenarios in a generic service-oriented way. The presented reference design is approved in multiple aspects and is easily applicable in numerous scenarios.
△ Less
Submitted 15 August, 2021;
originally announced August 2021.
-
Automated Enterprise Architecture Model Mining
Authors:
Peter Hillmann,
Erik Heiland,
Andreas Karcher
Abstract:
Metadata are like the steam engine of the 21st century, driving businesses and offer multiple enhancements. Nevertheless, many companies are unaware that these data can be used efficiently to improve their own operation. This is where the Enterprise Architecture Framework comes in. It empowers an organisation to get a clear view of their business, application, technical and physical layer. This mo…
▽ More
Metadata are like the steam engine of the 21st century, driving businesses and offer multiple enhancements. Nevertheless, many companies are unaware that these data can be used efficiently to improve their own operation. This is where the Enterprise Architecture Framework comes in. It empowers an organisation to get a clear view of their business, application, technical and physical layer. This modelling approach is an established method for organizations to take a deeper look into their structure and processes. The development of such models requires a great deal of effort, is carried out manually by interviewing stakeholders and requires continuous maintenance. Our new approach enables the automated mining of Enterprise Architecture models. The system uses common technologies to collect the metadata based on network traffic, log files and other information in an organisation. Based on this, the new approach generates EA models with the desired views points. Furthermore, a rule and knowledge-based reasoning is used to obtain a holistic overview. This offers a strategic decision support from business structure over process design up to planning the appropriate support technology. Therefore, it forms the base for organisations to act in an agile way. The modelling can be performed in different modelling languages, including ArchiMate and the Nato Architecture Framework (NAF). The designed approach is already evaluated on a small company with multiple services and an infrastructure with several nodes.
△ Less
Submitted 15 August, 2021;
originally announced August 2021.
-
Cyber Taxi: A Taxonomy of Interactive Cyber Training and Education Systems
Authors:
Marcus Knüpfer,
Tore Bierwirth,
Lars Stiemert,
Matthias Schopp,
Sebastian Seeber,
Daniela Pöhn,
Peter Hillmann
Abstract:
The lack of guided exercises and practical opportunities to learn about cybersecurity in a practical way makes it difficult for security experts to improve their proficiency. Capture the Flag events and Cyber Ranges are ideal for cybersecurity training. Thereby, the participants usually compete in teams against each other, or have to defend themselves in a specific scenario. As organizers of yearl…
▽ More
The lack of guided exercises and practical opportunities to learn about cybersecurity in a practical way makes it difficult for security experts to improve their proficiency. Capture the Flag events and Cyber Ranges are ideal for cybersecurity training. Thereby, the participants usually compete in teams against each other, or have to defend themselves in a specific scenario. As organizers of yearly events, we present a taxonomy for interactive cyber training and education. The proposed taxonomy includes different factors of the technical setup, audience, training environment, and training setup. By the comprehensive taxonomy, different aspects of interactive training are considered. This can help trainings to improve and to be established successfully. The provided taxonomy is extendable and can be used in further application areas as research on new security technologies.
△ Less
Submitted 14 January, 2021;
originally announced January 2021.
-
Selective Deletion in a Blockchain
Authors:
Peter Hillmann,
Marcus Knüpfer,
Erik Heiland,
Andreas Karcher
Abstract:
The constantly growing size of blockchains becomes a challenge with the increasing usage. Especially the storage of unwanted data in a blockchain is an issue, because it cannot be removed naturally. In order to counteract this problem, we present the first concept for the selective deletion of single entries in a blockchain. For this purpose, the general consensus algorithm is extended by the func…
▽ More
The constantly growing size of blockchains becomes a challenge with the increasing usage. Especially the storage of unwanted data in a blockchain is an issue, because it cannot be removed naturally. In order to counteract this problem, we present the first concept for the selective deletion of single entries in a blockchain. For this purpose, the general consensus algorithm is extended by the functionality of regularly creating summary blocks. Previous data of the chain are summarized and stored again in a new block, leaving out unwanted information. With a shifting marker of the Genesis Block, data can be deleted from the beginning of a blockchain. In this way, the technology of the blockchain becomes fully transactional. The concept is independent of a specific block structure, network structure, or consensus algorithm. Moreover, this functionality can be adapted to current blockchains to solve multiple problems related to scalability. This approach enables the transfer of blockchain technology to further fields of application, among others in the area of Industry 4.0 and Product Life-cycle Management.
△ Less
Submitted 14 January, 2021;
originally announced January 2021.
-
NERD: Neural Network for Edict of Risky Data Streams
Authors:
Sandro Passarelli,
Cem Gündogan,
Lars Stiemert,
Matthias Schopp,
Peter Hillmann
Abstract:
Cyber incidents can have a wide range of cause from a simple connection loss to an insistent attack. Once a potential cyber security incidents and system failures have been identified, deciding how to proceed is often complex. Especially, if the real cause is not directly in detail determinable. Therefore, we developed the concept of a Cyber Incident Handling Support System. The developed system i…
▽ More
Cyber incidents can have a wide range of cause from a simple connection loss to an insistent attack. Once a potential cyber security incidents and system failures have been identified, deciding how to proceed is often complex. Especially, if the real cause is not directly in detail determinable. Therefore, we developed the concept of a Cyber Incident Handling Support System. The developed system is enriched with information by multiple sources such as intrusion detection systems and monitoring tools. It uses over twenty key attributes like sync-package ratio to identify potential security incidents and to classify the data into different priority categories. Afterwards, the system uses artificial intelligence to support the further decision-making process and to generate corresponding reports to brief the Board of Directors. Originating from this information, appropriate and detailed suggestions are made regarding the causes and troubleshooting measures. Feedback from users regarding the problem solutions are included into future decision-making by using labelled flow data as input for the learning process. The prototype shows that the decision making can be sustainably improved and the Cyber Incident Handling process becomes much more effective.
△ Less
Submitted 8 July, 2020;
originally announced July 2020.
-
Agile Approach for IT Forensics Management
Authors:
Matthias Schopp,
Peter Hillmann
Abstract:
The forensic investigation of cyber attacks and IT incidents is becoming increasingly difficult due to increasing complexity and intensify networking. Especially with Advanced Attacks (AT) like the increasing Advanced Persistent Threats an agile approach is indispensable. Several systems are involved in an attack (multi-host attacks). Current forensic models and procedures show considerable defici…
▽ More
The forensic investigation of cyber attacks and IT incidents is becoming increasingly difficult due to increasing complexity and intensify networking. Especially with Advanced Attacks (AT) like the increasing Advanced Persistent Threats an agile approach is indispensable. Several systems are involved in an attack (multi-host attacks). Current forensic models and procedures show considerable deficits in the process of analyzing such attacks. For this purpose, this paper presents the novel flower model, which uses agile methods and forms a new forensic management approach. In this way, the growing challenges of ATs are met. In the forensic investigation of such attacks, big data problems have to be solved due to the amount of data that needs to be analyzed. The proposed model meets this requirement by precisely defining the questions that need to be answered in an early state and collecting only the evidence usable in court proceedings that is needed to answer these questions. Additionally, the novel flower model for AT is presented that meets the different phases of an investigation process.
△ Less
Submitted 8 July, 2020;
originally announced July 2020.
-
Dragoon: Advanced Modelling of IP Geolocation by use of Latency Measurements
Authors:
Peter Hillmann,
Lars Stiemert,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
IP Geolocation is a key enabler for many areas of application like determination of an attack origin, targeted advertisement, and Content Delivery Networks. Although IP Geolocation is an ongoing field of research for over one decade, it is still a challenging task, whereas good results are only achieved by the use of active latency measurements. Nevertheless, an increased accuracy is needed to imp…
▽ More
IP Geolocation is a key enabler for many areas of application like determination of an attack origin, targeted advertisement, and Content Delivery Networks. Although IP Geolocation is an ongoing field of research for over one decade, it is still a challenging task, whereas good results are only achieved by the use of active latency measurements. Nevertheless, an increased accuracy is needed to improve service quality. This paper presents an novel approach to find optimized Landmark positions which are used for active probing. Since a reasonable Landmark selection is important for a highly accurate localization service, the goal is to find Landmarks close to the target with respect to the infrastructure and hop count. Furthermore, we introduce a new approach of an adaptable and more accurate mathematical modelling of an improved geographical location estimation process. Current techniques provide less information about solving the Landmark problem as well as are using imprecise models. We demonstrate the usability of our approach in a real-world environment and analyse Geolocation for the first time in Europe. The combination of an optimized Landmark selection and advanced modulation results in an improved accuracy of IP Geolocation.
△ Less
Submitted 28 May, 2020;
originally announced June 2020.
-
A Novel Approach to Solve K-Center Problems with Geographical Placement
Authors:
Peter Hillmann,
Tobias Uhlig,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
The facility location problem is a well-known challenge in logistics that is proven to be NP-hard. In this paper we specifically simulate the geographical placement of facilities to provide adequate service to customers. Determining reasonable center locations is an important challenge for a management since it directly effects future service costs. Generally, the objective is to place the central…
▽ More
The facility location problem is a well-known challenge in logistics that is proven to be NP-hard. In this paper we specifically simulate the geographical placement of facilities to provide adequate service to customers. Determining reasonable center locations is an important challenge for a management since it directly effects future service costs. Generally, the objective is to place the central nodes such that all customers have convenient access to them. We analyze the problem and compare different placement strategies and evaluate the number of required centers. We use several existing approaches and propose a new heuristic for the problem. For our experiments we consider various scenarios and employ simulation to evaluate the performance of the optimization algorithms. Our new optimization approach shows a significant improvement. The presented results are generally applicable to many domains, e.g., the placement of military bases, the planning of content delivery networks, or the placement of warehouses.
△ Less
Submitted 28 May, 2020;
originally announced June 2020.
-
Evaluation of the general applicability of Dragoon for the k-center problem
Authors:
Tobias Uhlig,
Peter Hillmann,
Oliver Rose
Abstract:
The k-center problem is a fundamental problem we often face when considering complex service systems. Typical challenges include the placement of warehouses in logistics or positioning of servers for content delivery networks. We previously have proposed Dragoon as an effective algorithm to approach the k-center problem. This paper evaluates Dragoon with a focus on potential worst case behavior in…
▽ More
The k-center problem is a fundamental problem we often face when considering complex service systems. Typical challenges include the placement of warehouses in logistics or positioning of servers for content delivery networks. We previously have proposed Dragoon as an effective algorithm to approach the k-center problem. This paper evaluates Dragoon with a focus on potential worst case behavior in comparison to other techniques. We use an evolutionary algorithm to generate instances of the k-center problem that are especially challenging for Dragoon. Ultimately, our experiments confirm the previous good results of Dragoon, however, we also can reliably find scenarios where it is clearly outperformed by other approaches.
△ Less
Submitted 28 May, 2020;
originally announced June 2020.
-
Modeling the Location Selection of Mirror Servers in Content Delivery Networks
Authors:
Peter Hillmann,
Tobias Uhlig,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
For a provider of a Content Delivery Network (CDN), the location selection of mirror servers is a complex optimization problem. Generally, the objective is to place the nodes centralized such that all customers have convenient access to the service according to their demands. It is an instance of the k-center problem, which is proven to be NP-hard. Determining reasonable server locations directly…
▽ More
For a provider of a Content Delivery Network (CDN), the location selection of mirror servers is a complex optimization problem. Generally, the objective is to place the nodes centralized such that all customers have convenient access to the service according to their demands. It is an instance of the k-center problem, which is proven to be NP-hard. Determining reasonable server locations directly influences run time effects and future service costs. We model, simulate, and optimize the properties of a content delivery network. Specifically, considering the server locations in a network infrastructure with prioritized customers and weighted connections. A simulation model for the servers is necessary to analyze the caching behavior in accordance to the targeted customer requests. We analyze the problem and compare different optimization strategies. For our simulation, we employ various realistic scenarios and evaluate several performance indicators. Our new optimization approach shows a significant improvement. The presented results are generally applicable to other domains with k-center problems, e.g., the placement of military bases, the planning and placement of facility locations, or data mining.
△ Less
Submitted 28 May, 2020;
originally announced May 2020.
-
Simulation and Optimization of Content Delivery Networks considering User Profiles and Preferences of Internet Service Providers
Authors:
Peter Hillmann,
Tobias Uhlig,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
A Content Delivery Network (CDN) is a dynamic and complex service system. It causes a huge amount of traffic on the network infrastructure of Internet Service Providers (ISPs). Oftentimes, CDN providers and ISPs struggle to find an efficient and appropriate way to cooperate for mutual benefits. This challenge is key to push the quality of service (QoS) for the end-user. We model, simulate, and opt…
▽ More
A Content Delivery Network (CDN) is a dynamic and complex service system. It causes a huge amount of traffic on the network infrastructure of Internet Service Providers (ISPs). Oftentimes, CDN providers and ISPs struggle to find an efficient and appropriate way to cooperate for mutual benefits. This challenge is key to push the quality of service (QoS) for the end-user. We model, simulate, and optimize the behavior of a CDN to provide cooperative solutions and to improve the QoS. Therefor, we determine reasonable server locations, balance the amount of servers and improve the user assignments to the servers. These aspects influence run time effects like caching at the server, response time and network load at specific links. Especially, user request history and profiles are considered to improve the overall performance. Since we consider multiple objectives, we aim to provide a diverse set of pareto optimal solutions using simulation based optimization.
△ Less
Submitted 28 May, 2020;
originally announced May 2020.
-
Optimized Travel to Meetings on a Common Location of Geographical Distributed Participants
Authors:
Peter Hillmann,
Bastian Kühnel,
Tobias Uhlig,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
Members of international organizations often meet in person at a common location for discussions. There is frequently disagreement over the place and time of the meeting due to the different travel efforts of the members. They usually travel by plane and their travel expenses depend on the flight connections. This paper presents an approach to calculate the optimized location and time, where and w…
▽ More
Members of international organizations often meet in person at a common location for discussions. There is frequently disagreement over the place and time of the meeting due to the different travel efforts of the members. They usually travel by plane and their travel expenses depend on the flight connections. This paper presents an approach to calculate the optimized location and time, where and when distributed partners should meet. The presented system considers the requirements and specifications of each individual member. It respects earliest starting time of an event and non night flights. The optimized result is evaluated with regard to multiple objectives. We focus on the minimization of costs and travel time. Our search algorithm identifies individual travel data for all members for a potential event. The output provides recommendations for the global best appointments and offers further information for the partners. Our system saves expenses and time for all members and allows adjustment as well as compensation.
△ Less
Submitted 7 May, 2020;
originally announced May 2020.
-
YANG2UML: Bijective Transformation and Simplification of YANG to UML
Authors:
Mario Golling,
Robert Koch,
Peter Hillmann,
Rick Hofstede,
Frank Tietze
Abstract:
Software Defined Networking is currently revolutionizing computer networking by decoupling the network control (control plane) from the forwarding functions (data plane) enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. Next to the well-known OpenFlow protocol, the XML-based NETCONF protocol is als…
▽ More
Software Defined Networking is currently revolutionizing computer networking by decoupling the network control (control plane) from the forwarding functions (data plane) enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. Next to the well-known OpenFlow protocol, the XML-based NETCONF protocol is also an important means for exchanging configuration information from a management platform and is nowadays even part of OpenFlow. In combination with NETCONF, YANG is the corresponding protocol that defines the associated data structures supporting virtually all network configuration protocols. YANG itself is a semantically rich language, which -- in order to facilitate familiarization with the relevant subject -- is often visualized to involve other experts or developers and to support them by their daily work (writing applications which make use of YANG). In order to support this process, this paper presents an novel approach to optimize and simplify YANG data models to assist further discussions with the management and implementations (especially of interfaces) to reduce complexity. Therefore, we have defined a bidirectional map** of YANG to UML and developed a tool that renders the created UML diagrams. This combines the benefits to use the formal language YANG with automatically maintained UML diagrams to involve other experts or developers, closing the gap between technically improved data models and their human readability.
△ Less
Submitted 7 May, 2020;
originally announced May 2020.
-
On the Evaluation of Military Simulations: Towards A Taxonomy of Assessment Criteria
Authors:
Mario Golling,
Robert Koch,
Peter Hillmann,
Volker Eiseler,
Lars Stiemert,
Andres Rekker
Abstract:
In the area of military simulations, a multitude of different approaches is available. Close Combat Tactical Trainer, Joint Tactical Combat Training System, Battle Force Tactical Training or Warfighter's Simulation 2000 are just some examples within the history of the large DoD Development Program in Modelling and Simulation, representing just a small piece of the variety of diverse solutions. Ver…
▽ More
In the area of military simulations, a multitude of different approaches is available. Close Combat Tactical Trainer, Joint Tactical Combat Training System, Battle Force Tactical Training or Warfighter's Simulation 2000 are just some examples within the history of the large DoD Development Program in Modelling and Simulation, representing just a small piece of the variety of diverse solutions. Very often, individual simulators are very unique and so it is often difficult to classify military simulations even for experienced users. This circumstance is further boosted due to the fact that in the field of military simulations - unlike in other areas - no general classification for military simulations exists. To address this shortcoming, this publication is dedicated to the idea of providing a first contribution to the development of a commonly accepted taxonomy in the area of military simulations. To this end, the problem field is structured into three main categories (general functional requirements for simulators, special military requirements for simulators and non-functional requirements for simulators). Based upon that, individual categories are provided with appropriate classes. For a better understanding, the taxonomy is also applied to a concrete example (NetLogo Rebellion).
△ Less
Submitted 20 April, 2020;
originally announced April 2020.
-
Tracemax: A Novel Single Packet IP Traceback Strategy for Data-Flow Analysis
Authors:
Peter Hillmann,
Frank Tietze,
Gabi Dreo Rodosek
Abstract:
The identification of the exact path that packets are routed on in the network is quite a challenge. This paper presents a novel, efficient traceback strategy named Tracemax in context of a defense system against distributed denial of service (DDoS) attacks. A single packet can be directly traced over many more hops than the current existing techniques allow. In combination with a defense system i…
▽ More
The identification of the exact path that packets are routed on in the network is quite a challenge. This paper presents a novel, efficient traceback strategy named Tracemax in context of a defense system against distributed denial of service (DDoS) attacks. A single packet can be directly traced over many more hops than the current existing techniques allow. In combination with a defense system it differentiates between multiple connections. It aims to letting non-malicious connections pass while bad ones get thwarted. The novel concept allows detailed analyses of the traffic and the transmission path through the network. The strategy can effectively reduce the effect of common bandwidth and resource consumption attacks, foster early warning and prevention as well as higher the availability of the network services for the wanted customers.
△ Less
Submitted 20 April, 2020;
originally announced April 2020.
-
A Novel Multi-Agent System for Complex Scheduling Problems
Authors:
Peter Hillmann,
Tobias Uhlig,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
Complex scheduling problems require a large amount computation power and innovative solution methods. The objective of this paper is the conception and implementation of a multi-agent system that is applicable in various problem domains. Independent specialized agents handle small tasks, to reach a superordinate target. Effective coordination is therefore required to achieve productive cooperation…
▽ More
Complex scheduling problems require a large amount computation power and innovative solution methods. The objective of this paper is the conception and implementation of a multi-agent system that is applicable in various problem domains. Independent specialized agents handle small tasks, to reach a superordinate target. Effective coordination is therefore required to achieve productive cooperation. Role models and distributed artificial intelligence are employed to tackle the resulting challenges. We simulate a NP-hard scheduling problem to demonstrate the validity of our approach. In addition to the general agent based framework we propose new simulation-based optimization heuristics to given scheduling problems. Two of the described optimization algorithms are implemented using agents. This paper highlights the advantages of the agent-based approach, like the reduction in layout complexity, improved control of complicated systems, and extendability.
△ Less
Submitted 20 April, 2020;
originally announced April 2020.
-
Modelling of IP Geolocation by use of Latency Measurements
Authors:
Peter Hillmann,
Lars Stiemert,
Gabi Dreo Rodosek,
Oliver Rose
Abstract:
IP Geolocation is a key enabler for many areas of application like Content Delivery Networks, targeted advertisement and law enforcement. Therefore, an increased accuracy is needed to improve service quality. Although IP Geolocation is an ongoing field of research for over one decade, it is still a challenging task, whereas good results are only achieved by the use of active latency measurements.…
▽ More
IP Geolocation is a key enabler for many areas of application like Content Delivery Networks, targeted advertisement and law enforcement. Therefore, an increased accuracy is needed to improve service quality. Although IP Geolocation is an ongoing field of research for over one decade, it is still a challenging task, whereas good results are only achieved by the use of active latency measurements. This paper presents an novel approach to find optimized Landmarks positions which are used for active probing and introduce an improved location estimation. Since a reasonable Landmark selection is important for a highly accurate localization service, the goal is to find Landmarks close to the target with respect to the infrastructure and hop count. Current techniques provide less information about solving this problem as well as are using imprecise models. We demonstrate the usability of our approach in a real-world environment. The combination of an optimized Landmark selection and advanced modulation results in an improved accuracy of IP Geolocation.
△ Less
Submitted 16 April, 2020;
originally announced April 2020.
-
On the Path to High Precise IP Geolocation: A Self-Optimizing Model
Authors:
Peter Hillmann,
Lars Stiemert,
Gabi Dreo,
Oliver Rose
Abstract:
IP Geolocation is a key enabler for the Future Internet to provide geographical location information for application services. For example, this data is used by Content Delivery Networks to assign users to mirror servers, which are close by, hence providing enhanced traffic management. It is still a challenging task to obtain precise and stable location information, whereas proper results are only…
▽ More
IP Geolocation is a key enabler for the Future Internet to provide geographical location information for application services. For example, this data is used by Content Delivery Networks to assign users to mirror servers, which are close by, hence providing enhanced traffic management. It is still a challenging task to obtain precise and stable location information, whereas proper results are only achieved by the use of active latency measurements. This paper presents an advanced approach for an accurate and self-optimizing model for location determination, including identification of optimized Landmark positions, which are used for probing. Moreover, the selection of correlated data and the estimated target location requires a sophisticated strategy to identify the correct position. We present an improved approximation of network distances of usually unknown TIER infrastructures using the road network. Our concept is evaluated under real-world conditions focusing Europe.
△ Less
Submitted 3 April, 2020;
originally announced April 2020.
-
CAKE: An Efficient Group Key Management for Dynamic Groups
Authors:
Peter Hillmann,
Marcus Knüpfer,
Tobias Guggemos,
Klement Streit
Abstract:
With rapid increase of mobile computing and wireless network linkage, the information exchange between connected systems and within groups increases heavily. Exchanging confidential information within groups via unsecured communication channels is a high security threat. In order to prevent third parties from accessing this data, it is essential to encrypt it. For this purpose, the group participa…
▽ More
With rapid increase of mobile computing and wireless network linkage, the information exchange between connected systems and within groups increases heavily. Exchanging confidential information within groups via unsecured communication channels is a high security threat. In order to prevent third parties from accessing this data, it is essential to encrypt it. For this purpose, the group participants need a common group key to enable encrypted broadcast messages. But efficient key management of secured group communication is a challenging task, if participants rely on low performance hardware and small bandwidth. For coordination and distribution, we present the modular group key management procedure CAKE that is centrally organized and meets strict security requirements. The lightweight G-IKEv2 protocol in combination with the key exchange concept of CAKE leads to an efficiently integrated solution. The hybrid approach combines the advantages of the existing protocols with the objective to reduce the computation and communication effort. It is shown that the procedure is more suitable for changing MANET groups than the existing ones. Moreover, the exchanged group key can be used for any services which provides a wide range of applications.
△ Less
Submitted 25 February, 2020;
originally announced February 2020.