Publications
List of Publications
Business Informatics Group, TU Wien
Parametric Balinese Rumah - Procedural Modeling of Traditional Balinese Architecture
Peter FerschinMonika Di AngeloGalina PaskalevaAlonzo C. AddisonGabriele GuidiLivio De LucaSofia PescarinKeywords:
Astract: Traditional Balinese architecture is based on ancient Bali-Hindu philosophy which can be observed in traditional built environments on Bali. The underlying architectural principles are very complex containing intrinsic "parametric rules" based on both a philosophical and a building tradition. The parameters are in relation to the religious belief system as well as being derived from the bodily dimensions of the "head" of a building. We aim at determining in which way these underlying building principles can be preserved by contemporary digital means. As a hypothesis we test a parametric formalization as CGA shape grammar made operative using the CityEngine. In order to formalize these building principles the following methods were devised: identification and collection of appropriate literature in English and Indonesian, partial translation of available material to English, field trips for contextual information and additional knowledge, and transformation of all sources of information into a shape grammar. An interactive visualization of ancient Balinese building principles is exemplified through the traditional house compound, the "rumah", demonstrating the strength of a parametric approach. Moreover, it includes both, tangible and intangible heritage aspects by analyzing the appearance of (tangible) built heritage, as well as the (intangible) underlying philosophy and traditional knowledge. Our contribution aims at supporting the understanding and preservation of the architectural heritage of Balinese building principles.
Ferschin, P., Di Angelo, M., & Paskaleva, G. (2013). Parametric Balinese Rumah - Procedural Modeling of Traditional Balinese Architecture. In A. C. Addison, G. Guidi, L. De Luca, & S. Pescarin (Eds.), 2013 Digital Heritage International Congress (pp. 199–206). IEEE. http://hdl.handle.net/20.500.12708/54831
Keywords:
Astract: Business transactions between companies are more and more executed by a flow of well-defined electronic business documents. The resulting inter-organizational business processes are often realized by concepts known from service-oriented computing. Exchanging a business document corresponds to a service call and the input/output of the service calls commonly follows a certain business document standard. However, these standards typically present the superset of all required elements used in any business context. In a specific context (in a specific industry, in a specific geopolitical region, etc.) the input/output is adjusted to this context by constraints on the generic structure. Accordingly, a specific service is always used in a specific context. It follows that it is important to define the business context of a service (in a structured format). For this purpose we have developed the Business Context Ontology model (BCOnt). In this paper we elaborate on the theoretical concepts and the underlying algorithms as well as on their implementation in practice.
Novakovic, D., & Huemer, C. (2013). Putting Services in Context. In Proceedings of the 6th IEEE International Conference on Service Oriented Computing and Applications (SOCA 2013). IEEE International Conference on Service Oriented Computing and Applications (SOCA 2013), Kauai, USA, Non-EU. IEEE. http://hdl.handle.net/20.500.12708/54836
Making UML "hip": A First Experience Report on Using Modern Teaching Tools for Object-Oriented Modelling
Marion ScholzPetra KaufmannMartina SeidlKeywords:
Astract: We steadily aim at improving our first year´s university course
Introduction to Object-Oriented Modelling. To that end we explore how
technological teaching support may be used to extend the classical classroom experience for the students. For several years, we used Web-based out-of-the-box e-learning tools for providing additional teaching support.
This solution works well, but has some severe restrictions. In this paper, we show how to overcome these restrictions with a custom implementation. Further, we are now starting to explore mobile facilities as offered by smartphone Apps as well as social media facilities in order to enhance the learning experience in our modelling course. We report on our first experiences with these kinds of technologies.
Scholz, M., Kaufmann, P., & Seidl, M. (2013). Making UML “hip”: A First Experience Report on Using Modern Teaching Tools for Object-Oriented Modelling. In Proceedings of the Educators’ Symposium co-located with ACM/IEEE 16th International Conference on Model Driven Engineering Languages and Systems (MODELS 2013) (pp. 1–8). CEUR Workshop Proceedings. http://hdl.handle.net/20.500.12708/54868
Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach
Markus GruberChristian SchanesFlorian FankhauserMartin MoutranThomas GrechenigJavier LopezXinyi HuangRavi SandhuKeywords:
Astract: Voice over IP systems are more and more replacing Public Switched Telephone Network infrastructures. The number of voice telephony installations and the number of Session Initiation Protocol users is constantly increasing. Attacks against Voice over IP systems are becoming more imaginative and many attacks can cause financial damage, e.g., attackers gain money or create costs for the victim. Therefore, the dependency on available and secure Voice over IP systems to conduct secure business is given. We provide an environment to uncover real-world toll fraud attacks by collecting data using a Voice over IP honeynet solution.
Gruber, M., Schanes, C., Fankhauser, F., Moutran, M., & Grechenig, T. (2013). Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach. In J. Lopez, X. Huang, & R. Sandhu (Eds.), Network and System Security (pp. 628–634). Springer Lecture Notes in Computer Science. http://hdl.handle.net/20.500.12708/55054
Voice calls for free: How the black market establishes free phone calls - Trapped and uncovered by a VoIP honeynet
Markus GruberChristian SchanesFlorian FankhauserThomas GrechenigJordi Castellà-RocaKeywords:
Astract: The number of Voice over IP systems and the number of Session Initiation Protocol users is constantly increasing. The new Voice over IP infrastructures are connected with the traditional Public Switched Telephone Network and attacks against the phone infrastructure are becoming more imaginative. The attacks can cause financial losses, e.g., attackers steal money or incur costs for the victim. We analyze the current status of toll fraud attacks by analyzing real-world attacks collected in a Voice over IP honeynet solution. Based on the detailed data about real attacks, the creation or adaption of existing prevention mechanisms is possible in order to avoid toll fraud attacks in live environments.
Gruber, M., Schanes, C., Fankhauser, F., & Grechenig, T. (2013). Voice calls for free: How the black market establishes free phone calls - Trapped and uncovered by a VoIP honeynet. In J. Castellà-Roca (Ed.), Proceedings of the International Conference on Privacy, Security and Trust (pp. 205–212). IEEE. http://hdl.handle.net/20.500.12708/55055
Generic Approach for Security Error Detection Based on Learned System Behavior Models for Automated Security Tests
Christian SchanesAndreas HüblerFlorian FankhauserThomas GrechenigKeywords:
Astract: The increasing complexity of software and IT systems creates the necessity for research on technologies addressing current key security challenges. To meet security requirements in IT infrastructures, a security engineering process has to be established. One crucial factor contributing to a higher level of security is the reliable detection of security vulnerabilities during security tests. In the presented approach, we observe the behavior of the system under test and introduce machine learning methods based on derived behavior metrics. This is a generic method for different test targets which improves the accuracy of the security test result of an automated security testing approach. Reliable automated determination of security failures in security test results increases the security quality of the tested software and avoids costly manual validation.
Schanes, C., Hübler, A., Fankhauser, F., & Grechenig, T. (2013). Generic Approach for Security Error Detection Based on Learned System Behavior Models for Automated Security Tests. In Proceedings of the Sixth IEEE International Conference on Software Testing, Verification and Validation (pp. 453–460). IEEE. http://hdl.handle.net/20.500.12708/55058
Improving the Accuracy of Automated Security Tests Based on Learned System Behavior Models
Christian SchanesFlorian FankhauserAndreas HüblerThomas GrechenigKeywords:
Astract: The increasing complexity of software and IT systems creates the necessity for research on technologies addressing current key security challenges. To meet security problems in IT infrastructures, a security engineering process has to be established. One crucial factor contributing to a higher level of security is the reliable detection of security vulnerabilities during security tests. We observe the behavior of the system under test and introduce machine learning methods based on derived behavior metrics. This improves the accuracy of the security test result of an automated security testing approach. Reliable automated determination of security failures in security test results increases the security quality of the tested software and avoids costly manual validation.
Schanes, C., Fankhauser, F., Hübler, A., & Grechenig, T. (2013). Improving the Accuracy of Automated Security Tests Based on Learned System Behavior Models. In Proceedings of the Fourth International Workshop on Security Testing (SECTEST 2013). The Fourth International Workshop on Security Testing (SECTEST 2013), Luxembourg, EU. IEEE. http://hdl.handle.net/20.500.12708/55059
Keywords:
Astract: The Resource-Event-Agent (REA) ontology is a powerful and well accepted approach towards the design of enterprise information systems in the academic world. However, it still lacks application in industry products. Software like ERP applications might benefit from REA data structure by building their product's core on a robust, economic theory based, business ontology. Consequently, we have lately started a feasibility study with an Austrian ERP vendor, in which we investigate whether or not the ERP vendor can use the REA ontology as basis for their new ERP system. This paper is aimed at raising questions about uncertainties in REA we came across in our study so far.
Mayrhofer, D., Huemer, C., & Regatschnig, P. (2013). REA-ERP: Challenges of Using REA in an ERP System. In Proceedings of the 7th International Workshop on Value Modeling and Business Ontology (VMBO 2013) (p. 4). http://hdl.handle.net/20.500.12708/55355
Mayerhofer, T., Langer, P., Wimmer, M., & Kappel, G. (2013). xMOF: Executable DSMLs Based on fUML. In Software Language Engineering (pp. 56–75). Springer. https://doi.org/10.1007/978-3-319-02654-1_4
TETRABox - A Generic White-Box Testing Framework for Model Transformations
Johannes SchönböckGerti KappelManuel WimmerAngelika KuselWerner RetschitzeggerWieland Schwinger
Schönböck, J., Kappel, G., Wimmer, M., Kusel, A., Retschitzegger, W., & Schwinger, W. (2013). TETRABox - A Generic White-Box Testing Framework for Model Transformations. In 2013 20th Asia-Pacific Software Engineering Conference (APSEC). 20th Asia-Pacific Software Engineering Conference (APSEC), Bangkok, Thailand, Non-EU. IEEE. https://doi.org/10.1109/apsec.2013.21