University of Mannheim

Displaying 1-33 of 33 results

  • White Papers // Sep 2013

    Distributed Firewalls and IDS Interoperability Checking Based on a Formal Approach

    To supervise and guarantee a network security, the administrator uses different security components, such as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of anomalies between filtering rules and alerting rules,...

    Provided By University of Mannheim

  • White Papers // May 2011

    Detecting Hidden Storage Side Channel Vulnerabilities in Networked Applications

    Side channels are communication channels that were not intended for communication and that accidentally leak information. A storage side channel leaks information through the content of the channel and not its timing behavior. Storage side channels are a large problem in networked applications since the output at the level of...

    Provided By University of Mannheim

  • White Papers // May 2011

    Challenges for Selecting Optimal Coordinators in Peer-to-Peer-Based Massively Multi-User Virtual Environments

    Peer-to-Peer-based Massively Multi-user Virtual Environments (P2P-MMVEs) often use coordinator peers to enhance the system's capabilities. The success of this approach depends on selecting suitable peers as coordinators. However, existing approaches either do not select coordinators based on their suitability or simply assume that techniques for such a selection exist. In...

    Provided By University of Mannheim

  • White Papers // Mar 2011

    Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices

    The authors are currently moving from the Internet society to a mobile society where more and more access to information is done by previously dumb phones. For example, the number of mobile phones using a full blown OS has risen to nearly 200% from Q3/2009 to Q3/2010. As a result,...

    Provided By University of Mannheim

  • White Papers // Feb 2011

    An Efficient Mitigation Method for Timing Side Channels on the Web

    Research has shown that timing side channels exist in web applications. An obvious, but problematic, mitigation for timing attacks is to delay the execution time to the worst case execution time, so that all requests have the same response time. On the upside, this prevents timing attacks as there are...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Credit Risk And The Macro Economy In An Affine Term Structure Model

    The interrelations between corporate lending conditions and the macro economy are getting increasingly important in particular in the context of bank regulation and monetary policy. In this paper, the author develops an affine macrofinance model of the term structures of US Treasury yields and US corporate bond yields. The author...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Authenticated Query Flooding in Sensor Networks

    The authors propose a novel mechanism for authentication of queries in a sensor network in case these queries are flooded. In the protocol, the base station appends an authenticator to every query, such that each sensor can verify with certain probability that the query is sent by the base station....

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Compensating the Leakage Effect From Band-Limited Noise in DFT-Based Multi-Carrier Modulation

    Orthogonal Frequency Division Multiplexing (OFDM) systems suffer from the low spectral selectivity of the Discrete Fourier Transform (DFT). External sources of interference generally do not only contain spectral components at the discrete frequencies analyzed by the DFT of an OFDM system. Due to the leakage effect of the DFT, the...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Forking Agents in Sensor Networks

    Information about local event is to be distributed by agents in a sensor network. The agents are sent out traveling hop-by-hop into random directions, leaving a path of information behind them in the nodes visited. An arbitrary node requesting for information also emits an agent traveling into a random direction....

    Provided By University of Mannheim

  • White Papers // Dec 2010

    Location Privacy in Urban Sensing Networks: Research Challenges and Directions

    During the last few years there have been an increasing number of people-centric sensing projects. These combine location information with sensors available on mobile phones, giving birth to a different dimension in sensing the environment and providing one with new opportunities to create collective intelligence systems to address urban-scale problems,...

    Provided By University of Mannheim

  • White Papers // Nov 2010

    Secure Multiparty Linear Programming Using Fixed-Point Arithmetic

    Collaborative optimization problems can often be modeled as a linear program whose objective function and constraints combine data from several parties. However, important applications of this model (e.g., supply chain planning) involve private data that the parties cannot reveal to each other. Traditional linear programming methods cannot be used in...

    Provided By University of Mannheim

  • White Papers // Oct 2010

    Towards Optimal Sensor Placement Strategies for Early Warning Systems

    A network early warning system consists of several distributed sensors to detect malicious network activity. The effectiveness of such early warning systems critically depends on the sensor deployment strategy used. The authors therefore analysed attack patterns of malicious software collected at sensors worldwide to determine an optimal deployment strategy. Their...

    Provided By University of Mannheim

  • White Papers // Jul 2010

    Amun: Automatic Capturing of Malicious Software

    This paper describes the low-interaction server honeypot Amun. Through the use of emulated vulnerabilities Amun aims at capturing malware in an automated fashion. The use of the scripting language Python, a modular design, and the possibility to write vulnerability modules in XML allow the honeypot to be easily maintained and...

    Provided By University of Mannheim

  • White Papers // Jun 2010

    A Privacy-Maintaining Framework for Context-Sensitive Service Discovery Services

    Despite the rapid growth in the number of mobile devices connected to the internet via UMTS or wireless 802.11 hotspots the market for location-based services has yet to take off as expected. Moreover, other kinds of context information are still not routinely supported by mobile services and even when they...

    Provided By University of Mannheim

  • White Papers // Apr 2010

    Pricing And Information Disclosure In Markets With Loss-Averse Consumers

    The authors develop a theory of imperfect competition with loss-averse consumers. All consumers are fully informed about match value and price at the time they make their purchasing decision. However, a share of consumers is initially uncertain about their tastes and forms a reference point consisting of an expected match...

    Provided By University of Mannheim

  • White Papers // Apr 2010

    Financial Literacy And Mutual Fund Investments: Who Buys Actively Managed Funds?

    Previous research indicates that a lack of financial sophistication might explain the past strong growth in active management. The authors construct an objective financial literacy score and analyze the relation between financial literacy and mutual fund investment behavior. They show that there is a positive influence of financial literacy on...

    Provided By University of Mannheim

  • White Papers // Mar 2010

    Towards Open-World Urban Sensing Applications

    All urban sensing applications today take a closed-world approach, where specific data sources are applied for a specific purpose. They are designed with specific input/output interfaces and build their own dedicated server, each one with its own data format. Even though this approach is appropriate for applications that operate in...

    Provided By University of Mannheim

  • White Papers // Mar 2010

    Literature Analysis: Business Analytics & Knowledge Discovery

    One of today's biggest trends in information systems is Business Intelligence (BI). But while everybody talks about the term few people really grasp its contents. An illustrating example is a quote from an IBM Account Manager: "By data warehousing we at IBM mean whatever the customer thinks it means." (S....

    Provided By University of Mannheim

  • White Papers // Mar 2010

    A Dynamic Auction For Multiobject Procurement Under A Hard Budget Constraint

    The authors present a new dynamic auction for procurement problems where payments are bounded by a hard budget constraint and money does not enter the procurer's objective function. A budget-constrained buyer wants to purchase items from a shortlisted set. Items are differentiated by observable quality and sellers have private reserve...

    Provided By University of Mannheim

  • White Papers // Jan 2010

    Integrating People-Centric Sensing With Social Networks: A Privacy Research Agenda

    During the last few years there have been an increasing number of people-centric sensing projects, which combine location information with other sensors available on mobile devices, such as the camera, the microphone or the accelerometer, giving birth to a different dimension in sensing the environment compared to the existing wireless...

    Provided By University of Mannheim

  • White Papers // Jan 2010

    A Malware Instruction Set for Behavior-Based Analysis

    The authors introduce a new representation for monitored behavior of malicious software called Malware Instruction SeT (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or...

    Provided By University of Mannheim

  • White Papers // Dec 2009

    Automatic Analysis of Malware Behavior Using Machine Learning

    Malicious software - so called malware - poses a major threat to the security of computer systems. The amount and diversity of its variants render classic security defenses ineffective, such that millions of hosts in the Internet are infected with malware in form of computer viruses, Internet worms and Trojan...

    Provided By University of Mannheim

  • White Papers // Nov 2009

    Wages And Productivity Growth In A Dynamic Oligopoly

    This paper studies the innovation dynamics of an oligopolistic industry. The firms compete not only in the output market but also by engaging in productivity enhancing innovations to reduce labor costs. Rent sharing may generate productivity dependent wage differentials. Productivity growth creates intertemporal spill - over effects, which affect the...

    Provided By University of Mannheim

  • White Papers // Oct 2009

    On The Use Of Information In Repeated Insurance Markets

    The authors analyze the use of information in a repeated oligopolistic insurance market. To sustain collusion, insurance companies might refrain from changing their pricing schedules even if new information about risks becomes available. They therefore provide an explanation for the existence of "Unused observables" - that is information which insurance...

    Provided By University of Mannheim

  • White Papers // Sep 2009

    Modular Consensus Algorithms for the Crash-Recovery Model

    In the crash-recovery failure model of asynchronous distributed systems, processes can temporarily stop to execute steps and later restart their computation from a predefined local state. The crash-recovery model is much more realistic than the crash-stop failure model in which processes merely are allowed to stop executing steps. The additional...

    Provided By University of Mannheim

  • White Papers // Sep 2009

    Towards a Comprehensive View of Secure Software Engineering

    Secure software engineering is a big challenge. This is mainly due to the increasing complexity, openness and extensibility of modern applications, which make a complete analysis of security requirements very hard. The overall problem space is consequently no longer easily comprehensible for developers. This paper is an attempt to explore...

    Provided By University of Mannheim

  • White Papers // Sep 2009

    A Graph Based Approach to Supporting Reconfiguration in Wireless Sensor Networks

    Considerable research has been performed in applying run-time reconfigurable component models to wireless sensor networks. The ability to dynamically deploy or update software components has clear advantages in sensor network deployments, which are typically large in scale and expected to operate for long periods in dynamic environments. Realizing distributed reconfiguration...

    Provided By University of Mannheim

  • White Papers // Mar 2009

    Adaptive Update Propagation for Low-Latency Massively Multi-User Virtual Environments

    Massively Multi-User Virtual Environments (MMVEs) are highly interactive systems. They require the propagation of state updates to users with little delay. In this paper, the authors propose a novel update propagation approach for MMVEs that enables such low-latency propagation while offering the scalability needed to support MMVEs with massive user...

    Provided By University of Mannheim

  • White Papers // Jan 2009

    Towards an Interest Management Scheme for Peer-Based Virtual Environments

    A fundamental task in peer-to-peer-based Massively Multiuser Virtual Environments is providing all peers with a consistent view of the environment. To do so, state changes must be propagated to peers. To limit the resulting network traffic, existing approaches often restrict the distribution of a state change to peers for which...

    Provided By University of Mannheim

  • White Papers // Dec 2008

    Bootstrapping in Peer-to-Peer Systems

    Peer-to-Peer systems have become a substantial element in computer networking. Distributing the load and splitting complex tasks are only some reasons why many developers have come to adopt this technology. However, all of them face a severe problem at the very beginning: setting up an overlay network, such that other...

    Provided By University of Mannheim

  • White Papers // Nov 2008

    Cooperative Intrusion Detection in Wireless Sensor Networks

    It considered the problem of cooperative intrusion detection in wireless sensor networks where the nodes are equipped with local detector modules and have to identify the intruder in a distributed fashion. The detector modules issue suspicions about an intrusion in the sensor's neighborhood. It formally defines the problem of intrusion...

    Provided By University of Mannheim

  • White Papers // Nov 2008

    Investing In Commodity Futures Markets: Can Spot Price Models Help?

    This paper empirically investigates whether continuous time spot price models are able to help to reveal mispriced commodity futures contracts. Mispricing are identified based on the difference between model and observed prices, using four different models for four different markets, namely the crude oil, copper, silver, and the gold markets....

    Provided By University of Mannheim

  • White Papers // Oct 2008

    Towards Next-Generation Botnets

    This paper introduces the design of an advanced bot called Rambot that is based on the weak nesses found when tracking a diverse set of botnets over a period of several months. The main features of this bot are peer-to-peer communication, strong cryptography, a credit-point system to build bilateral trust...

    Provided By University of Mannheim

  • White Papers // Mar 2010

    A Dynamic Auction For Multiobject Procurement Under A Hard Budget Constraint

    The authors present a new dynamic auction for procurement problems where payments are bounded by a hard budget constraint and money does not enter the procurer's objective function. A budget-constrained buyer wants to purchase items from a shortlisted set. Items are differentiated by observable quality and sellers have private reserve...

    Provided By University of Mannheim

  • White Papers // Nov 2010

    Secure Multiparty Linear Programming Using Fixed-Point Arithmetic

    Collaborative optimization problems can often be modeled as a linear program whose objective function and constraints combine data from several parties. However, important applications of this model (e.g., supply chain planning) involve private data that the parties cannot reveal to each other. Traditional linear programming methods cannot be used in...

    Provided By University of Mannheim

  • White Papers // Jan 2010

    Integrating People-Centric Sensing With Social Networks: A Privacy Research Agenda

    During the last few years there have been an increasing number of people-centric sensing projects, which combine location information with other sensors available on mobile devices, such as the camera, the microphone or the accelerometer, giving birth to a different dimension in sensing the environment compared to the existing wireless...

    Provided By University of Mannheim

  • White Papers // Mar 2010

    Towards Open-World Urban Sensing Applications

    All urban sensing applications today take a closed-world approach, where specific data sources are applied for a specific purpose. They are designed with specific input/output interfaces and build their own dedicated server, each one with its own data format. Even though this approach is appropriate for applications that operate in...

    Provided By University of Mannheim

  • White Papers // Jan 2010

    A Malware Instruction Set for Behavior-Based Analysis

    The authors introduce a new representation for monitored behavior of malicious software called Malware Instruction SeT (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or...

    Provided By University of Mannheim

  • White Papers // Jul 2010

    Amun: Automatic Capturing of Malicious Software

    This paper describes the low-interaction server honeypot Amun. Through the use of emulated vulnerabilities Amun aims at capturing malware in an automated fashion. The use of the scripting language Python, a modular design, and the possibility to write vulnerability modules in XML allow the honeypot to be easily maintained and...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Authenticated Query Flooding in Sensor Networks

    The authors propose a novel mechanism for authentication of queries in a sensor network in case these queries are flooded. In the protocol, the base station appends an authenticator to every query, such that each sensor can verify with certain probability that the query is sent by the base station....

    Provided By University of Mannheim

  • White Papers // Mar 2011

    Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices

    The authors are currently moving from the Internet society to a mobile society where more and more access to information is done by previously dumb phones. For example, the number of mobile phones using a full blown OS has risen to nearly 200% from Q3/2009 to Q3/2010. As a result,...

    Provided By University of Mannheim

  • White Papers // Oct 2010

    Towards Optimal Sensor Placement Strategies for Early Warning Systems

    A network early warning system consists of several distributed sensors to detect malicious network activity. The effectiveness of such early warning systems critically depends on the sensor deployment strategy used. The authors therefore analysed attack patterns of malicious software collected at sensors worldwide to determine an optimal deployment strategy. Their...

    Provided By University of Mannheim

  • White Papers // Jun 2010

    A Privacy-Maintaining Framework for Context-Sensitive Service Discovery Services

    Despite the rapid growth in the number of mobile devices connected to the internet via UMTS or wireless 802.11 hotspots the market for location-based services has yet to take off as expected. Moreover, other kinds of context information are still not routinely supported by mobile services and even when they...

    Provided By University of Mannheim

  • White Papers // Apr 2010

    Financial Literacy And Mutual Fund Investments: Who Buys Actively Managed Funds?

    Previous research indicates that a lack of financial sophistication might explain the past strong growth in active management. The authors construct an objective financial literacy score and analyze the relation between financial literacy and mutual fund investment behavior. They show that there is a positive influence of financial literacy on...

    Provided By University of Mannheim

  • White Papers // Nov 2008

    Investing In Commodity Futures Markets: Can Spot Price Models Help?

    This paper empirically investigates whether continuous time spot price models are able to help to reveal mispriced commodity futures contracts. Mispricing are identified based on the difference between model and observed prices, using four different models for four different markets, namely the crude oil, copper, silver, and the gold markets....

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Credit Risk And The Macro Economy In An Affine Term Structure Model

    The interrelations between corporate lending conditions and the macro economy are getting increasingly important in particular in the context of bank regulation and monetary policy. In this paper, the author develops an affine macrofinance model of the term structures of US Treasury yields and US corporate bond yields. The author...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Compensating the Leakage Effect From Band-Limited Noise in DFT-Based Multi-Carrier Modulation

    Orthogonal Frequency Division Multiplexing (OFDM) systems suffer from the low spectral selectivity of the Discrete Fourier Transform (DFT). External sources of interference generally do not only contain spectral components at the discrete frequencies analyzed by the DFT of an OFDM system. Due to the leakage effect of the DFT, the...

    Provided By University of Mannheim

  • White Papers // Dec 2010

    Location Privacy in Urban Sensing Networks: Research Challenges and Directions

    During the last few years there have been an increasing number of people-centric sensing projects. These combine location information with sensors available on mobile phones, giving birth to a different dimension in sensing the environment and providing one with new opportunities to create collective intelligence systems to address urban-scale problems,...

    Provided By University of Mannheim

  • White Papers // Jan 2011

    Forking Agents in Sensor Networks

    Information about local event is to be distributed by agents in a sensor network. The agents are sent out traveling hop-by-hop into random directions, leaving a path of information behind them in the nodes visited. An arbitrary node requesting for information also emits an agent traveling into a random direction....

    Provided By University of Mannheim

  • White Papers // May 2011

    Challenges for Selecting Optimal Coordinators in Peer-to-Peer-Based Massively Multi-User Virtual Environments

    Peer-to-Peer-based Massively Multi-user Virtual Environments (P2P-MMVEs) often use coordinator peers to enhance the system's capabilities. The success of this approach depends on selecting suitable peers as coordinators. However, existing approaches either do not select coordinators based on their suitability or simply assume that techniques for such a selection exist. In...

    Provided By University of Mannheim

  • White Papers // Jan 2009

    Towards an Interest Management Scheme for Peer-Based Virtual Environments

    A fundamental task in peer-to-peer-based Massively Multiuser Virtual Environments is providing all peers with a consistent view of the environment. To do so, state changes must be propagated to peers. To limit the resulting network traffic, existing approaches often restrict the distribution of a state change to peers for which...

    Provided By University of Mannheim

  • White Papers // Dec 2008

    Bootstrapping in Peer-to-Peer Systems

    Peer-to-Peer systems have become a substantial element in computer networking. Distributing the load and splitting complex tasks are only some reasons why many developers have come to adopt this technology. However, all of them face a severe problem at the very beginning: setting up an overlay network, such that other...

    Provided By University of Mannheim

  • White Papers // Mar 2009

    Adaptive Update Propagation for Low-Latency Massively Multi-User Virtual Environments

    Massively Multi-User Virtual Environments (MMVEs) are highly interactive systems. They require the propagation of state updates to users with little delay. In this paper, the authors propose a novel update propagation approach for MMVEs that enables such low-latency propagation while offering the scalability needed to support MMVEs with massive user...

    Provided By University of Mannheim

  • White Papers // Oct 2008

    Towards Next-Generation Botnets

    This paper introduces the design of an advanced bot called Rambot that is based on the weak nesses found when tracking a diverse set of botnets over a period of several months. The main features of this bot are peer-to-peer communication, strong cryptography, a credit-point system to build bilateral trust...

    Provided By University of Mannheim

  • White Papers // Nov 2008

    Cooperative Intrusion Detection in Wireless Sensor Networks

    It considered the problem of cooperative intrusion detection in wireless sensor networks where the nodes are equipped with local detector modules and have to identify the intruder in a distributed fashion. The detector modules issue suspicions about an intrusion in the sensor's neighborhood. It formally defines the problem of intrusion...

    Provided By University of Mannheim

  • White Papers // Dec 2009

    Automatic Analysis of Malware Behavior Using Machine Learning

    Malicious software - so called malware - poses a major threat to the security of computer systems. The amount and diversity of its variants render classic security defenses ineffective, such that millions of hosts in the Internet are infected with malware in form of computer viruses, Internet worms and Trojan...

    Provided By University of Mannheim

  • White Papers // Mar 2010

    Literature Analysis: Business Analytics & Knowledge Discovery

    One of today's biggest trends in information systems is Business Intelligence (BI). But while everybody talks about the term few people really grasp its contents. An illustrating example is a quote from an IBM Account Manager: "By data warehousing we at IBM mean whatever the customer thinks it means." (S....

    Provided By University of Mannheim

  • White Papers // Sep 2009

    A Graph Based Approach to Supporting Reconfiguration in Wireless Sensor Networks

    Considerable research has been performed in applying run-time reconfigurable component models to wireless sensor networks. The ability to dynamically deploy or update software components has clear advantages in sensor network deployments, which are typically large in scale and expected to operate for long periods in dynamic environments. Realizing distributed reconfiguration...

    Provided By University of Mannheim

  • White Papers // Apr 2010

    Pricing And Information Disclosure In Markets With Loss-Averse Consumers

    The authors develop a theory of imperfect competition with loss-averse consumers. All consumers are fully informed about match value and price at the time they make their purchasing decision. However, a share of consumers is initially uncertain about their tastes and forms a reference point consisting of an expected match...

    Provided By University of Mannheim

  • White Papers // Oct 2009

    On The Use Of Information In Repeated Insurance Markets

    The authors analyze the use of information in a repeated oligopolistic insurance market. To sustain collusion, insurance companies might refrain from changing their pricing schedules even if new information about risks becomes available. They therefore provide an explanation for the existence of "Unused observables" - that is information which insurance...

    Provided By University of Mannheim

  • White Papers // Nov 2009

    Wages And Productivity Growth In A Dynamic Oligopoly

    This paper studies the innovation dynamics of an oligopolistic industry. The firms compete not only in the output market but also by engaging in productivity enhancing innovations to reduce labor costs. Rent sharing may generate productivity dependent wage differentials. Productivity growth creates intertemporal spill - over effects, which affect the...

    Provided By University of Mannheim

  • White Papers // May 2011

    Detecting Hidden Storage Side Channel Vulnerabilities in Networked Applications

    Side channels are communication channels that were not intended for communication and that accidentally leak information. A storage side channel leaks information through the content of the channel and not its timing behavior. Storage side channels are a large problem in networked applications since the output at the level of...

    Provided By University of Mannheim

  • White Papers // Feb 2011

    An Efficient Mitigation Method for Timing Side Channels on the Web

    Research has shown that timing side channels exist in web applications. An obvious, but problematic, mitigation for timing attacks is to delay the execution time to the worst case execution time, so that all requests have the same response time. On the upside, this prevents timing attacks as there are...

    Provided By University of Mannheim

  • White Papers // Sep 2009

    Modular Consensus Algorithms for the Crash-Recovery Model

    In the crash-recovery failure model of asynchronous distributed systems, processes can temporarily stop to execute steps and later restart their computation from a predefined local state. The crash-recovery model is much more realistic than the crash-stop failure model in which processes merely are allowed to stop executing steps. The additional...

    Provided By University of Mannheim

  • White Papers // Sep 2009

    Towards a Comprehensive View of Secure Software Engineering

    Secure software engineering is a big challenge. This is mainly due to the increasing complexity, openness and extensibility of modern applications, which make a complete analysis of security requirements very hard. The overall problem space is consequently no longer easily comprehensible for developers. This paper is an attempt to explore...

    Provided By University of Mannheim

  • White Papers // Sep 2013

    Distributed Firewalls and IDS Interoperability Checking Based on a Formal Approach

    To supervise and guarantee a network security, the administrator uses different security components, such as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of anomalies between filtering rules and alerting rules,...

    Provided By University of Mannheim