Your search keyword '"Sven Köhler"' showing total 10 results

1. Insider Attack Identification and Prevention in Collection-Oriented Dataflow-Based Processes

Author

Anandarup Sarkar, Bertram Ludäscher, Sven Köhler, and Matt Bishop

Subjects

Information privacy, Exploit, Computer Networks and Communications, business.industry, Dataflow, Computer science, 020207 software engineering, 02 engineering and technology, Directed acyclic graph, Machine learning, computer.software_genre, Electronic mail, Computer Science Applications, Data modeling, Attack model, Pre-play attack, Control and Systems Engineering, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Artificial intelligence, Electrical and Electronic Engineering, business, computer, Information Systems

Abstract

We introduce an approach of automatically identifying attacks by insider agents on dataflow-based processes having a collection-oriented data model and then improving the processes to prevent the attacks against them. Some process data, if used by some agents via steps at certain points of timeline, will lead to a privacy attack. A manual identification of these vulnerable data and rogue agents is quite tedious; thus, our approach automatically performs these identifications. We model a process and an attack based on a directed acyclic graph, with steps, reading and writing data, and controlled by agents. Then, we perform a declarative implementation to find out if this attack model can be mapped onto the process model based on some similarity criteria. If these criteria are met, we conclude that the attack model is “similar enough” to the process model to be successfully realized through it. Each possible way of mapping shows an avenue of attack on the process. Agent collusion scenarios are also identified. Finally, our approach automatically identifies process improvement opportunities and iteratively exploits them, thereby eliminating attack avenues.

Published

2017

2. A SQL-Middleware Unifying Why and Why-Not Provenance for First-Order Queries

Author

Bertram Ludäscher, Seokki Lee, Boris Glavic, and Sven Köhler

Subjects

SQL, Theoretical computer science, Relational database, Computer science, media_common.quotation_subject, Context (language use), 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Datalog, Debugging, Negation, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, Graph (abstract data type), 020201 artificial intelligence & image processing, Rewriting, computer, media_common, computer.programming_language

Abstract

Explaining why an answer is in the result of a query or why it is missing from the result is important for many applications including auditing, debugging data and queries, and answering hypothetical questions about data. Both types of questions, i.e., why and why-not provenance, have been studied extensively. In this work, we present the first practical approach for answering such questions for queries with negation (firstorder queries). Our approach is based on a rewriting of Datalog rules (called firing rules) that captures successful rule derivations within the context of a Datalog query. We extend this rewriting to support negation and to capture failed derivations that explain missing answers. Given a (why or why-not) provenance question, we compute an explanation, i.e., the part of the provenance that is relevant to answer the question. We introduce optimizations that prune parts of a provenance graph early on if we can determine that they will not be part of the explanation for a given question. We present an implementation that runs on top of a relational database using SQL to compute explanations. Our experiments demonstrate that our approach scales to large instances and significantly outperforms an earlier approach which instantiates the full provenance to compute explanations.

Published

2017

3. Implementing Unified Why- and Why-Not Provenance Through Games

Author

Bertram Ludäscher, Sven Köhler, Boris Glavic, and Seokki Lee

Subjects

Provenance, SQL, Relational database, Computer science, Programming language, Computation, InformationSystems_DATABASEMANAGEMENT, Limit (mathematics), computer.software_genre, computer, Datalog, computer.programming_language

Abstract

Using provenance to explain why a query returns a result or why a result is missing has been studied extensively. However, the two types of questions have been approached independently of each other. We present an efficient technique for answering both types of questions for Datalog queries based on a game-theoretic model of provenance called provenance games. Our approach compiles provenance requests into Datalog and translates the resulting query into SQL to execute it on a relational database backend. We apply several novel optimizations to limit the computation to provenance relevant to a given user question.

Published

2016

4. TurkDeck

Author

Johannes Jasper, Robert Kovacs, Lung-Pan Cheng, Thijs Roumen, Hannes Rantzsch, Patrick Baudisch, Jonas Kemper, Sven Köhler, and Patrick Schmidt

Subjects

Multimedia, Human–computer interaction, Computer science, Physical space, Immersion (virtual reality), Doors, Computer-mediated reality, Virtual reality, computer.software_genre, Metaverse, computer, Mixed reality, Likert scale

Abstract

TurkDeck is an immersive virtual reality system that reproduces not only what users see and hear, but also what users feel. TurkDeck produces the haptic sensation using props, i.e., when users touch or manipulate an object in the virtual world, they simultaneously also touch or manipulate a corresponding object in the physical world. Unlike previous work on prop-based virtual reality, however, TurkDeck allows creating arbitrarily large virtual worlds in finite space and using a finite set of physical props. The key idea behind TurkDeck is that it creates these physical representations on the fly by making a group of human workers present and operate the props only when and where the user can actually reach them. TurkDeck manages these so-called "human actuators" by displaying visual instructions that tell the human actuators when and where to place props and how to actuate them. We demonstrate TurkDeck at the example of an immersive 300m2 experience in 25m2 physical space. We show how to simulate a wide range of physical objects and effects, including walls, doors, ledges, steps, beams, switches, stompers, portals, zip lines, and wind. In a user study, participants rated the realism/immersion of TurkDeck higher than a traditional prop-less baseline condition (4.9 vs. 3.6 on 7 item Likert).

Published

2015

5. Towards Automated Design, Analysis and Optimization of Declarative Curation Workflows

Author

Sven Köhler, David Lowery, James Hanken, Paul J. Morris, Bertram Ludäscher, James Macklin, Tianhong Song, Maureen Kelly, and Robert A. Morris

Subjects

Data curation, Database, Windows Workflow Foundation, business.industry, Computer science, InformationSystems_INFORMATIONSYSTEMSAPPLICATIONS, Construct (python library), computer.software_genre, Workflow engine, lcsh:Z, XPDL, Workflow technology, lcsh:Bibliography. Library science. Information resources, Workflow, Software engineering, business, computer, Workflow management system

Abstract

Data curation is increasingly important. Our previous work on a Kepler curation package has demonstrated advantages that come from automating data curation pipelines by using workflow systems. However, manually designed curation workflows can be error-prone and inefficient due to a lack of user understanding of the workflow system, misuse of actors, or human error. Correcting problematic workflows is often very time-consuming. A more proactive workflow system can help users avoid such pitfalls. For example, static analysis before execution can be used to detect the potential problems in a workflow and help the user to improve workflow design. In this paper, we propose a declarative workflow approach that supports semi-automated workflow design, analysis and optimization. We show how the workflow design engine helps users to construct data curation workflows, how the workflow analysis engine detects different design problems of workflows and how workflows can be optimized by exploiting parallelism.

Published

2014

6. Insider Attack Identification and Prevention Using a Declarative Approach

Author

Sean Riddle, Matt Bishop, Sven Köhler, Anandarup Sarkar, and Bertram Ludaescher

Subjects

Exploit, business.industry, Computer science, Vulnerability, Machine learning, computer.software_genre, Data modeling, Attack model, Vulnerability assessment, Insider attack, Artificial intelligence, Data mining, business, computer

Abstract

A process is a collection of steps, carried out using data, by either human or automated agents, to achieve a specific goal. The agents in our process are insiders, they have access to different data and annotations on data moving in between the process steps. At various points in a process, they can carry out attacks on privacy and security of the process through their interactions with different data and annotations, via the steps which they control. These attacks are sometimes difficult to identify as the rogue steps are hidden among the majority of the usual non-malicious steps of the process. We define process models and attack models as data flow based directed graphs. An attack A is successful on a process P if there is a mapping relation from A to P that satisfies a number of conditions. These conditions encode the idea that an attack model needs to have a corresponding similarity match in the process model to be successful. We propose a declarative approach to vulnerability analysis. We encode the match conditions using a set of logic rules that define what a valid attack is. Then we implement an approach to generate all possible ways in which agents can carry out a valid attack A on a process P, thus informing the process modeler of vulnerabilities in P. The agents, in addition to acting by themselves, can also collude to carry out an attack. Once A is found to be successful against P, we automatically identify improvement opportunities in P and exploit them, eliminating ways in which A can be carried out against it. The identification uses information about which steps in P are most heavily attacked, and try to find improvement opportunities in them first, before moving onto the lesser attacked ones. We then evaluate the improved P to check if our improvement is successful. This cycle of process improvement and evaluation iterates until A is completely thwarted in all possible ways.

Published

2014

7. Imaginary reality basketball

Author

Emilia Wittmers, Christian Holz, Sven Köhler, Stefanie Reinicke, Patrick Schmidt, Henning Pohl, Patrick Baudisch, Patrick Lühne, and Marius Knaust

Subjects

Auditory feedback, Basketball, Multimedia, Ball game, ComputingMilieux_PERSONALCOMPUTING, Ball (mathematics), computer.software_genre, computer, Motion capture, The Imaginary

Abstract

We present imaginary reality basketball, i.e., a ball game that mimics the respective real world sport, i.e., basketball, except that there is no visible ball. The ball is virtual and players learn about its position only from watching each other act and a small amount of occasional auditory feedback, e.g., when a person is receiving the ball. Imaginary reality games maintain many of the properties of physical sports, such as unencumbered play, physical exertion, and immediate social interaction between players. At the same time, they allow introducing game elements from video games, such as power-ups, non-realistic physics, and player balancing. Most importantly, they create a new game dynamic around the notion of the invisible ball.

Published

2014

8. Imaginary reality gaming

Author

Stefanie Reinicke, Henning Pohl, Christian Holz, Patrick Lühne, Patrick Schmidt, Patrick Baudisch, Emilia Wittmers, Sven Köhler, and Marius Knaust

Subjects

Game mechanics, Basketball, Multimedia, Computer science, ComputingMilieux_PERSONALCOMPUTING, Ball (mathematics), Physics engine, Game play, computer.software_genre, Video game design, computer, Motion capture, The Imaginary

Abstract

We present imaginary reality games, i.e., games that mimic the respective real world sport, such as basketball or soccer, except that there is no visible ball. The ball is virtual and players learn about its position only from watching each other act and a small amount of occasional auditory feed-back, e.g., when a person is receiving the ball. Imaginary reality games maintain many of the properties of physical sports, such as unencumbered play, physical exertion, and immediate social interaction between players. At the same time, they allow introducing game elements from video games, such as power-ups, non-realistic physics, and player balancing. Most importantly, they create a new game dynamic around the notion of the invisible ball. To allow players to successfully interact with the invisible ball, we have created a physics engine that evaluates all plausible ball trajectories in parallel, allowing the game engine to select the trajectory that leads to the most enjoyable game play while still favoring skillful play.

Published

2013

9. On implementing provenance-aware regular path queries with relational query engines

Author

Bertram Ludäscher, Sven Köhler, Saumen Dey, Michael Wang, Eric Gribkoff, and Víctor Cuevas-Vicenttín

Subjects

Workflow, Theoretical computer science, Relational database management system, Computer science, Reachability, Relational database, Biological database, Regular expression, computer.software_genre, computer, Semantic Web, Datalog, computer.programming_language

Abstract

Use of graphs is growing rapidly in social networks, semantic web, biological databases, scientific workflow provenance, and other areas. Regular Path Queries (RPQs) can be seen as a core graph query language to answer pattern-based reachability queries. Unfortunately, the number of freely available systems for querying graphs using RPQs is rather limited, and available implementations do not provide direct support for a number of desirable variants of RPQs, e.g., to return those edges that are contained in some (or all) paths that match the given regular expression R. Thus, by returning not just a pair (x, y) of end points of paths that match R, but also "witness edges" (u, v) inbetween, our RPQ variants can be understood as returning additional provenance information about the answer (x, y), i.e., those edges (u, v) that are in some (or all) paths from x to y matching R. We propose a number of such RPQ variants and show how they can be implemented using either Datalog or a suitable RDBMS. Our initial experimental results indicate that RPQs and our provenance-aware variants (RPQProv), when implemented using conventional relational technologies, yield reasonable performance even for relatively large graphs. On the other hand, the overhead associated with some of these variants also makes efficient handling of provenance-aware graph queries an interesting challenge for future research.

Published

2013

10. Declarative Datalog Debugging for Mere Mortals

Author

Bertram Ludäscher, Sven Köhler, and Yannis Smaragdakis

Subjects

Profiling (computer programming), Computer science, Programming language, media_common.quotation_subject, Deductive database, Transitive closure, Tracing, Skolem normal form, computer.software_genre, Datalog, Debugging, Rewriting, computer, media_common, computer.programming_language

Abstract

Tracing why a "faulty" fact A is in the model M=P(I) of program P on input I quickly gets tedious, even for small examples. We propose a simple method for debugging and "logically profiling" P by generating a provenance-enriched rewriting P, which records rule firings according to the logical semantics. The resulting provenance graph can be easily queried and analyzed using a set of predefined and ad-hoc queries. We have prototypically implemented our approach for two different Datalog engines (DLV and LogicBlox), demonstrating the simplicity, effectiveness, and system-independent nature of our method.

Published

2012