Christoph Meinel

Hasso Plattner Institute, Potsdam, Brandenburg, Germany

Are you Christoph Meinel?

Claim your profile

Publications (625)32.11 Total impact

  • 8th International Conference on Security of Information and Networks (SIN 2015); 09/2015
  • The IEEE International Symposium on Big Data Security on Cloud (BigDataSecurity 2015); 08/2015
  • [Show abstract] [Hide abstract]
    ABSTRACT: Modern Security Information and Event Management systems should be capable to store and process high amount of events or log messages in different formats and from different sources. This requirement often prevents such systems from usage of computational-heavy algorithms for security analysis. To deal with this issue, we built our system based on an in-memory database with an integrated machine learning library, namely SAP HANA. Three approaches, i.e. (1) deep normalisation of log messages (2) storing data in the main memory and (3) running data analysis directly in the database, allow us to increase processing speed in such a way, that machine learning analysis of security events becomes possible nearly in real-time. To prove our concepts, we measured the processing speed for the developed system on the data generated using Active Directory testbed and showed the efficiency of our approach for high-speed analysis of security events.
    14th International Symposium on Parallel and Distributed Computing (ISPDC 2015); 06/2015
  • International Conference on Mobile, Secure and Programmable Networking (MSPN 2015); 06/2015
  • International Conference on Mobile, Secure and Programmable Networking (MSPN 2015); 06/2015
  • Source
    Ingo Rauth, Eva Köppen, Birgit Jobst, Christoph Meinel
  • [Show abstract] [Hide abstract]
    ABSTRACT: The highly complex and controversial topic of vaccine safety communication warrants innovative, user-centered solutions that would start with gaining mutual respect while taking into account the needs, concerns and underlying motives of patients, parents and physicians. To this end, a non-profit collaborative project was conducted by The Vienna Vaccine Safety Initiative, an international think tank aiming to promote vaccine safety research and communication, and the School of Design Thinking in Potsdam, Germany, the first school for innovation in Europe. The revolutionary concept of the Design Thinking approach is to group students in small multi-disciplinary teams. As a result they can generate ground-breaking ideas by combining their expertise and different points of view. The team agreed to address the following design challenge question: “How might we enable physicians to encourage parents and children to prevent infectious diseases?” The current article describes, step-by step, the ideation and innovation process as well as first tangible outcomes of the project.
    Current Drug Safety 04/2015; 10(1):31-40. DOI:10.2174/157488631001150407105400
  • Christoph Meinel
    Informatik Spektrum 04/2015; 38(2). DOI:10.1007/s00287-015-0873-1
  • Julia von Thienen, Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Design Thinking is an approach to creating human-centered product or service innovations, based on a model of problem solving. Regularly, design thinking projects yield exciting visions for a better future. However, up to the present they often fail to impact the world at a larger-scale. In design thinking terminology, one can say the community is very good at “hunting big ideas” but less good at “bringing big ideas home”. In this paper, we build upon the Stages of Change model from healthcare to understand present-day strengths and weaknesses of design thinking methodology. The Stages of Change model systematizes tools, methods and techniques which promote big change. By way of example, in the field of healthcare such methods can be used to reduce disease rates in society. Against the background of the Stages of Change framework it becomes obvious that design thinkers use many methods and techniques which support early change processes. They help to create visions for change. However, design thinkers rarely use methods or techniques in support of later change processes, i.e. to initiate and maintain big changes in the world. Building on the Stages of Change model, a framework is suggested that systematizes design thinking tools, methods and techniques according to their (presumed) effects. This framework sheds light on strategic gaps in the present design thinking methodology. In order to realize more big design thinking ideas, we suggest design thinkers adopt tools, methods and techniques which have been found effective in the Stages of Change research as means to implement and consolidate big changes in the world.
  • Amir Azodi, David Jaeger, Feng Cheng, Christoph Meinel
    International Conference on Information Science and Applications; 02/2015
  • Amir Azodi, David Jaeger, Feng Cheng, Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: As computer networks grow in size and complexity, monitoring them becomes more challenging. In order to meet the needs of IT administrators maintaining such networks, various Network Monitoring Systems (NMS) have been developed. Most NMSs rely solely on active scanning techniques in order to detect the topology of the networks they monitor. We propose a passive scanning solution using the logs produced by the systems within the networks. Additionally, we demonstrate how passive monitoring can be used to develop a holistic knowledge graph of the network landscape.
    International Conference on Information Science and Applications; 02/2015
  • Anja Perlich, Andrey Sapegin, Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Keeping data confidential is a deeply rooted requirement in medical documentation. However, there are increasing calls for patient transparency in medical record documentation. With Tele-Board MED, an interactive system for joint documentation of doctor and patient is developed. This web-based application designed for digital whiteboards will be tested in treatment sessions with psychotherapy patients and therapists. In order to ensure the security of patient data, security measures were implemented and they are illustrated in this paper. We followed the major information security objectives: confidentiality, integrity, availability and accountability. Next to technical aspects, such as data encryption, access restriction through firewall and password, and measures for remote maintenance, we address issues at organizational and infrastructural levels as well (e.g., patients’ access to notes). With this paper we want to increase the awareness of information security, and promote a security conception from the beginning of health software research projects. The measures described in this paper can serve as an example for other health software applications dealing with sensitive patient data, from early user testing phases on.
    International Conference on Health Informatics (HEALTHINF 2015); 01/2015
  • Julia von Thienen, Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: The ability to solve life problems creatively is an important attribute of mentally healthy people. It helps to handle all kinds of life challenges. Correspondingly, behaviour psychotherapists teach patients an approved process of creative problem solving to advance their mental health. Interestingly, the process model psychotherapists implement to tackle life problems is not at all unique. Engineers use and teach almost an identical process to confront engineering design problems, referring to their approach as “design thinking.” Parallels like these open up multiple opportunities for a fruitful exchange. In this chapter, we present a design thinking based problem solving crash course for psychotherapy to help people tackle personal life problems creatively. The crash course has been set up on Tele-Board MED, a digital documentation system for medical settings.
    Multisciplinary contributions to the science of creative thinking, Edited by G. E. Corraza, S. Agnoli, 01/2015: chapter Tele-Board MED: Supporting creative problem solving in behaviour psychotherapy; Springer.
  • [Show abstract] [Hide abstract]
    ABSTRACT: The highly complex and controversial topic of vaccine safety communication warrants innovative, user-centered solutions that would start with gaining mutual respect while taking into account the needs, concerns and underlying motives of patients, parents and physicians. To this end, a non-profit collaborative project was conducted by The Vienna Vaccine Safety Initiative, an international think tank aiming to promote vaccine safety research and communication, and the School of Design Thinking in Potsdam, Germany, the first school for innovation in Europe. The revolutionary concept of the Design Thinking approach is to group students in small multi-disciplinary teams. As a result they can generate ground-breaking ideas by combining their expertise and different points of view. The team agreed to address the following design challenge question: "How might we enable physicians to encourage parents and children to prevent infectious diseases?" The current article describes, step-by step, the ideation and innovation process as well as first tangible outcomes of the project.
  • [Show abstract] [Hide abstract]
    ABSTRACT: Software-as-a-Service (SaaS) is emerging as a new software delivery model, where the application and its associated data are hosted in the cloud. Due to the nature of SaaS and the cloud in general, where the data and the computation are beyond the control of the user, data privacy and security becomes a vital factor in this new paradigm. In multi-tenant SaaS applications, the tenants (i.e., companies) become concerned about the confidentiality of their data since several tenants are consolidated onto a shared infrastructure (i.e., databases). Consequently, two main questions raise. First, how to prohibit a tenant from accessing other’s data? Second, how to avoid the security threats from co-located competing tenants? In this paper, we address the second question. We present SecPlace, a resource allocation model designed to increase the level of security for tenants sharing the same infrastructure. SecPlace avoids hosting competing companies on the same database instance. We minimize the risk of co-resident tenants by preventing any two tenants of the same business type to be hosted on the same database server. SecPlace utilizes the usage of tenant subscription data, such as business type and tenant size and place the tenant accordingly. We conduct extensive experiments to validate our approach. The results show that our approach is practical, achieves its goal, and have a moderate complexity.
    IEEE ATC 2014, Bali, Indonesia; 12/2014
  • 7th International Conference on Passwords (PASSWORDS'14); 12/2014
  • Ibrahim Takouna, Kai Sachs, Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Energy management has become a significant concern in data centers for reducing operational costs. Using virtualization allows server consolidation, which increases server utilization and reduces energy consumption by turning off idle servers. This needs to consider the power state change overhead. In this paper, we investigate proactive resource provisioning in short-term planning for performance and energy management. To implement short-term planning based on workload prediction, this requires dealing with high fluctuations that are inaccurately predictable by using single value prediction. Unlike long-term planning, short-term planning can not depend on periodical patterns. Thus, we propose an adaptive range-based prediction algorithm instead of a single value. We implement and extensively evaluate the proposed range-based prediction algorithm with different days of real workload. Then, we exploit the range prediction for implementing proactive provisioning using robust optimization taking into consideration uncertainty of the demand. We formulate proactive VM provisioning as a multiperiod robust optimization problem. To evaluate the proposed approach, we use several experimental setups and different days of real workload. We use two metrics: energy savings and robustness for ranking the efficiency of different scenarios. Our approach mitigates undesirable changes in the power state of servers. This enhances servers' availability for accommodating new VMs, its robustness against uncertainty in workload change, and its reliability against a system failure due to frequent power state changes.
    The Journal of Supercomputing 12/2014; 70(3):1514-1536. DOI:10.1007/s11227-014-1246-2 · 0.84 Impact Factor
  • Amir Azodi, David Jaeger, Feng Cheng, Christoph Meinel
    International Conference on IT Convergence and Security; 10/2014
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: BDD is an efficient data structure that in last few years has been used effectively in computer science and engineering. BDD-based attack in key stream cryptanalysis is supposed to be one of the best forms of attack in its kind. In this paper, we propose a new key stream attack which is based on ZDD(a variant of BDD). We show how our ZDD-based key stream attack can be used against the E0 type of the Bluetooth security mechanism. We implemented our algorithm using CUDD package. The experimental results witness the superiority of our method. We have also derived a mathematical proof for the algorithm, which shows that its behavior even under the worst circumstances is better than BDD attack.
  • [Show abstract] [Hide abstract]
    ABSTRACT: Invited paper. Preliminary version of this paper appears as ”Hierarchical Object Log Format for Normalisation of Security Events” in Proceedings of the 9th International Conference on Information Assurance and Security (IAS 2013). The differences in log file formats employed in a variety of services and applications remain to be a problem for security analysts and developers of intrusion detection systems. The proposed solution, i.e. the usage of common log formats, has a limited utilisation within existing systems for security management. In our paper, we reveal the reasons for this limitation and show disadvantages of existing common log formats for ormalisation of security events. To deal with it we have created a new log format that fits for intrusion detection purposes and can be extended easily. Based on our developing intrusion detection system, we demonstrate advantages of offered format. However, taking previous work into account, we would like to propose a new format as an extension to existing common log formats, rather than a standalone specification.

Publication Stats

3k Citations
32.11 Total Impact Points

Institutions

  • 2006–2014
    • Hasso Plattner Institute
      Potsdam, Brandenburg, Germany
  • 2005–2014
    • Universität Potsdam
      • • Chair of Linguistics
      • • Hasso-Plattner-Institut für Softwaresystemtechnik GmbH
      Potsdam, Brandenburg, Germany
  • 2011
    • University of Southampton
      • Department of Electronics and Computer Science (ECS)
      Southampton, England, United Kingdom
  • 2010
    • University of Bayreuth
      Bayreuth, Bavaria, Germany
  • 2009
    • University of Luxembourg
      Letzeburg, Luxembourg, Luxembourg
  • 1994–2006
    • Universität Trier
      • Faculty IV
      Trier, Rheinland-Pfalz, Germany
  • 1997
    • University of Colorado at Boulder
      Boulder, Colorado, United States
  • 1992–1995
    • Humboldt-Universität zu Berlin
      Berlín, Berlin, Germany