November 29, 2017,  12:30-13:30,  Location : Zi 2042,  Speaker : R. Bortolameotti (Riccardo) MSc.

DECANTeR: DeteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting

We present DECANTeR, a system to detect anomalous outbound HTTP communication, which passively extracts fingerprints for each application running on a monitored host. The goal of our system is to detect unknown malware and backdoor communication indicated by unknown fingerprints extracted from a host's network traffic. We evaluate a prototype with realistic data from an international organization and datasets composed of malicious traffic. We show that our system achieves a false positive rate of 0.9%, an average detection rate of 97.7%, and that it cannot be evaded by malware using simple evasion techniques such as using known browser user agent values. Moreover, we show that our solution outperforms the current state of the art that detects covert communication channels by focusing only on benign data. Finally, DECANTeR detects 96.8% of information stealers in our dataset, which shows its potential to detect data exfiltration. 

November 21, 2017,  14:00-15:00,  Location : Zi 2042,  Speaker : T.R. van de Kamp (Tim) MSc.

How to Monitor When All Data Is Encrypted?

We propose the first multi-client predicate-only encryption scheme capable of efficiently testing the equality of two encrypted vectors.

Our construction can be used for the privacy-preserving monitoring of relations among multiple clients. Since both the clients' data and the predicates are encrypted, our system is suitable for situations in which this information is considered sensitive. We prove our construction plaintext and predicate private in the generic bilinear group model using random oracles, and secure under chosen-plaintext attack with unbounded corruptions under the symmetric external Diffie–Hellman assumption. Additionally, we provide a proof-of-concept implementation that is capable of evaluating one thousand predicates defined over the inputs of ten clients in less than a minute on commodity hardware. 

October 24, 2017,  14:00-14:30,  Location : Zi 2126,  Speaker : H.T. Esquivel Vargas (Herson) MSc.

Automatic Deployment of Specification-based Intrusion Detection in the BACnet Protocol

Specification-based intrusion detection (SB-ID) is a suitable approach to monitor Building Automation Systems (BASs) because the correct and non-compromised functioning of the system is well understood. The goal is to compare the expected behavior of devices with their actual behavior as observed in the network.

The main drawback of SB-ID is that the creation of specifications often require human intervention. Automated specification extraction, on the other hand, is crucial to effectively apply SB-ID in volatile environments such as BASs where new devices are often added, removed, or replaced.

We present an approach to automatically extract specifications in the context of the BACnet protocol (ISO 16484-5) extensively used in our university campus. 

September 05, 2017,  13:00-14:00,  Location : HalB 2E,  Speaker : Dilan Seckiner MSc

Safety: Forensic Gait Analysis: Morphometric body assessment with associated CCTV image quantification

Closed Circuit Television (CCTV) cameras are often referred to as 'the silent witness' and have rapidly become a universal presence capturing footage useful for activity level and some source level inference. From this, photo-comparative analysis of a trace or 'a "person of interest" (POI) can be assessed when compared to a suspect. Limitation of CCTV images arises however, from the various distortions present within the camera specification and environmental influences. Additional challenges exist when facial features are concealed or otherwise obscured, thus preventing facial analysis. One solution to overcome this, is the morphometric assessment of the body. Further, as POIs are frequently recorded in motion, implementing gait analysis could further determine whether distinct features are apparent within the POI.

The aim of this study was to produce a standardised method for morphometric gait analysis that incorporates the quantification of image distortion and to determine distinct features of the body during gait (stance, walk, run). Hypothesis being, H0: P(E|Same Source) = P(E|SS) and H1: P(E|Different Source) = P(E|DS). The method comprised of a morphometric assessment of 18 anthropometric measurements (static, dynamic and angle), 25 morphological features for stance and 52 morphological features for gait assessed, of both male and female volunteers (437 in total). From this, a standardised protocol was developed, and population databases established from which frequency statistics will be obtained once all data has been completed. Furthermore to ascertain which features exactly were common or distinct once compared to all age, race and sex categories for correlation determination and finally to apply the likelihood ratio to this research.

Body mapping as a forensic tool is often poorly validated or subjective. However, this does not mean it is not of value. The broader purpose of this research is therefore to establish a method of evaluating gait analysis that offers valuable information to the criminal justice system whilst being scientifically robust, and importantly adhering to the admissibility standards of the Australian legal system. 

August 22, 2017,  15:15-16:15,  Location : ZI 2126,  Speaker : Thomas Hupperich, Ruhr-Universität Bochum, Germany

Cybersecurity: Fingerprinting - An Introduction to System Recognition

Client fingerprinting is a technique for state-less user tracking and recognizing user systems in Internet context. It is widely used and implemented by advertisers, online shops and website analytic engines. Current state-of-the-art fingerprinters utilize code snippets to obtain system fingerprints and aim to identify specific systems among others.

This lecture gives an introduction to the concept of web-based client fingerprinting and covers the principle of recognition performed by a computer system. It tackles the core problem of similarity measurement and presents approaches for system recognition based on fingerprint data. 

June 12, 2017,  15:00-16:00,  Location : Zi 2126,  Speaker : Thomas Hupperich (Ruhr University Bochum, Germany)

Mobile Device Fingerprinting

Client fingerprinting techniques enhance classical cookie-based user tracking to increase the robustness of tracking techniques. A unique identifier is created based on characteristic attributes of a client device, and then used for deployment of personalized advertisements or similar use cases. Whereas fingerprinting performs well for highly customized devices - especially desktop computers -, these methods often lack in precision for highly standardized devices like mobile phones. But are mobile devices save from fingerprinting or can such methods evolve to target also these systems?

Additionally, fingerprinting of web clients is often seen as an offence to web users' privacy as it usually takes place without the users' knowledge, awareness, and consent. Thus, we need to investigate possibilities to outrun fingerprinting mechanisms. 

May 23, 2017,  12:30-13:30,  Location : Zi 2126,  Speaker : Dr. T. Inan (Tolga)

Pose Robust 3D Face Recognition

Over the last decade, three-dimensional facial recognition has been extensively researched. Very good results have been reported for frontal and non-expressive faces. Recent studies have focused on identifying faces with orientation and expression variations. This problem is still being investigated.
We will also refer to our work for three-dimensional face recognition that is robust to orientation. This seminar will contain a short summary from the speaker's previous research experience. 

May 03, 2017,  12:30-13:30,  Location : Zi 2042,  Speaker : Drs. H.C.A. Wienen (Hans)

Elephantophagism, or the hunt for an accident

When conducting a literature review, you want to find as many relevant papers as possible. But how do you select relevant articles from an initial corpus of 1775 articles? How do you eat an elephant?

I present the way in which we surveyed the current state of the art in accident analysis methods, starting out from all 108 databases the University has available and ending in a set of three classes of accident models. How did we make sure that no relevant articles were missed, how did we compare results and which results did we compare?

Furthermore, I'll present some of our findings from the review: which classes of analysis methods are there, in what respects do they differ and what are our plans now that we know this. 

April 12, 2017,  13:00-14:00,  Location : Zi 2042,  Speaker : D.H. Apriyanti (Diah Harnoni) MSc.

Flower Biometrics: Identification of Orchid Species Using Flower Image

The system to identify orchid species has developed. Although taxonomists usually use the key identification that needs some parts of the plant, this system only needs the orchid's flower image. The system uses semi-automated segmentation process, takes the HSV colour feature also shape features such as Centroid Contour Distance, aspect ratio, roundness, etc from the flower image and then identifies them using k-Nearest Neighbors which is compared with Probabilistic Neural Network and Support Vector Machine. Orchid is a unique flower. It has a part of the flower called lip (labellum) that distinguishes it from other flowers even from other types of orchids. We also proposed to do feature extraction not only on flower region but also on lip (labellum) region. The result shows that our proposed method can increase the accuracy value of the system. 

March 08, 2017,  14:00-15:00,  Location : Zi 2042,  Speaker : P. Normakristagaluh (Pesigrihastamadya (Pesi)) MSc.

Plant Species Classification by Leaf Shape and Vein – A Case Study of the Dillenia Genus

A classification of the architectural features of dicot leaves---i.e., the placement and form of those elements constituting the outward expression of leaf structure, including shape, marginal position and gland position----has been developed as the result of an extensive survey of plants. In this research, image processing methods have been used to classify genus of Dillenia. The feature extraction method is applied as a descriptor that was including a method of fractal dimension, length and width ratio, ratio of perimeter and area, moment invariant and the angle between the primary and secondary venation. After extraction of such features, a selection performed by the method of variance analysis and CFS Subset Evaluator. Identification of Dillenia, which is fundamental application of the classification, is determined by shape and an angle of divergence between primary and secondary vein. Classification method's consists of Naive Bayesian Classifier, FLVQ (Fuzzy Learning Vector Quantization), and BPNN (Back Propagation Neural Network) and ELM (Extreme Learning Machine). 

February 23, 2017,  14:00-15:00,  Location : Zi 2042,  Speaker : Dr. A. Vasenev (Alexandr)

Improving the Robustness of Urban Electricity Networks (IRENE) project

The societal and economic consequences of power outages can be severe, in particular if outages last longer than a few hours. Highly decentralized energy system of future smart cities could use wind and sun energy to mitigate the impact of such outages. The IRENE (Improving the Robustness of Urban Electricity Networks, project concentrated on ways to identify threats to the grid and on how stakeholders can improve grid robustness. This seminar overviews outcomes of the project. 

February 16, 2017,  13:00-14:00,  Location : Zi 2042,  Speaker : Marcos R. S. Borges

Emergencies and Disasters: The application domain for studies on Knowledge Engineering at the GRECO Research Group

GRECO (Knowledge Engineering Group) is a research group that is part of the Graduate Program in Informatics at the Federal University of Rio de Janeiro. The GRECO is formed by seven faculty members, 25 Ph.D. Students and over 35 M.Sc. students. The research topics covered by the group include information and knowledge management, collaboration support technologies, human factors and interfaces, ergonomics, social networks, and cognitive task analysis. Although members of the group have been working with Emergency Management Systems for over 15 years, only recently the group adopted emergencies and disasters as the preferential application domains for its research studies. As a result a number of works are under development using the problems of the various phases of disasters and emergencies cycle as problem motivation for research projects. This talk presents a summary of current projects that focus on the Emergency Response phase. Several concepts guide our research: Context, Knowledge sharing, Cooperation and group Decision Support. It will present the framework that was construct around these concepts.

Short Biography:

DR.MARCOS BORGES is Full Professor in the Computer Science Department at the Federal University of Rio de Janeiro. He earned his doctorate in Computer Science from the University of East Anglia (UK) in 1986. From 1994-1996, he was a visiting research scholar and a member of the Object Technology Lab at Santa Clara U. in California. Dr. Borges also served as Visiting Professor at the Polytechnic U. of Valencia, Spain. He has published over 200 research papers in international conferences and journals, including Decision Support Systems, Computers in Industry, and Expert Systems and Applications. His research interests include Computer Supported Collaborative Work (CSCW), Collective Knowledge and Emergency Management Systems. He is a member of the ISCRAM Board and organized the 2016 edition of ISCRAM Conference in Rio de Janeiro. He is also the PC Co-Chair for the ACM CSCW 2017 Conference. 

February 15, 2017,  13:00-14:00,  Location : Zi 2042,  Speaker : N.H. Lestriandoko (Nova) MSc.

Chip Quality Analysis Using Hough Transform

Collaboration Research between LIPI - ALICE CERN

ALICE (A Large Ion Collider Experiment) is a heavy-ion detector on the Large Hadron Collider(LHC) ring. It is designed to study the physics of strongly interacting matter at extreme energy densities, where a phase of matter called quark-gluon plasma forms. ALICE equipment consists of various detectors with their own functions. Those detectors are Inner Tracking System (ITS), Time Projection Chamber (TPC), Time of Flight Detector (TOF),Muon Spectrometer, Transition Radiation Detector (TRD) and etc. Approximately 600 million times per second, particles collide within the Large Hadron Collider (LHC). Each collision generates particles that often decay in complex ways into even more particles. Electronic circuits record the passage of each particle through a detector as a series of electronic signals, and send the data to the CERN Data Centre (DC) for digital reconstruction.

The sensor chip size measurement and adjusting chip position are parts of quality analysis of detectors in the ITS Project. By the using of Hough Transform, these activities can be done easily. The edge detection, cropping, mean filter, and intensity leveling up were used as image preprocessing. Mexican Hat filter also could be used to support Hough voting, especially to increase the accuracy. Experimental results over several chip images showed the efficiency of proposed method. 

January 25, 2017,  12:30-13:30,  Location : Zi 2042,  Speaker : W.H.A. Alsaqaf (Wasim) MSc.

Services: Engineering Quality Requirements in Large Scale Distributed Agile Environment

Agile software development methods have become increasingly popular in the last years. However, agile methods don't specify explicitly how to deal with the quality requirements. Moreover there is little known about how organizations currently deal with this shortcoming. Based on several case studies this research will investigate real-world large-scale distributed agile projects to understand the challenges agile teams face regarding quality requirements and the approach they are currently using to cope with these challenges. After that a set of good practices will be introduced to explicitly integrate quality requirements in agile processes. Other case studies will be conducted to validate the suggested good practices.