Christoph Meinel

Hasso Plattner Institute, Potsdam, Brandenburg, Germany

Are you Christoph Meinel?

Claim your profile

Publications (660)48.19 Total impact

  • Lighton Phiri · Christoph Meinel · Hussein Suleman
    [Show abstract] [Hide abstract]
    ABSTRACT: Abstract Effective classroom management is considered a key criterion to making classrooms effective learning environments. Supporting classroom orchestration—the teacher-centric real-time management of classroom activities—is central to achieving effective classroom management. However, the multi-faceted nature of classroom orchestration, its complexity, and general classroom constraints such as time, present challenges for the effective management of the modern-day classroom environment. Though effective, most existing approaches for overcoming orchestration challenges, such as Google Classroom, are arguably ad hoc. We argue that streamlined technology-driven orchestration can be attained through the use of an orchestration workbench, potentially making educators more effective within formal learning environments. Early supporting evidence, from a study involving the use of a prototype orchestration tool, demonstrates the feasibility of organised orchestration and its potential to improve students’ learning experience.
    No preview · Article · Jan 2016 · Computers & Education
  • Xiaoyin Che · Sheng Luo · Cheng Wang · Christoph Meinel

    No preview · Article · Jan 2016
  • Source
    Anja Perlich · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Therapeutic documentation is a crucial part in psychotherapy and should first and foremost support the patient's therapy progress. Yet, the notes taken throughout a therapy, mainly serve the use of therapists. In line with the movement of patient empowerment, the calls for patients’ access to their records are growing louder and were incorporated into the German patients’ rights law. Hence, with Tele-Board MED, an interactive system for joint documentation of therapist and patient was developed. In this paper, we introduce one of its many features: the automatic creation of treatment session summaries. Our contribution also consists of the evaluation of its potential for practical use by psychotherapists. The aim of our work is twofold, namely the involvement of patients in the documentation, and the support of therapists with their documentation duties. The aspects of investigation include the therapists’ documentation habits (regarding time, amount, and method), their purposes to manually create session summaries and opinion about the automatically created summaries. It was discovered that the bigger part of the motivation for treatment session documentation lies in the therapists’ personal purposes, such as remembering a case right before the next session. Nevertheless therapists are willing to turn documentation in a cooperative activity if they had effective and efficient tools at hand. With the system presented, they can well imagine summarizing important issues together with the patient at the end of a session and also handing out printed summaries to them.
    Preview · Article · Dec 2015 · Procedia Computer Science
  • Source
    Kennedy Torkura · Feng Cheng · Christoph Meinel
    [Show description] [Hide description]
    DESCRIPTION: Security issues are still prevalent in cloud computing particularly public cloud. Efforts by Cloud Service Providers to secure out-sourced resources are not sufficient to gain trust from customers. Service Level Agreements (SLAs) are currently used to guarantee security and privacy, however research into SLAs monitoring suggests levels of dissatisfaction from cloud users. Accordingly, enterprises favor private clouds such as OpenStack as they offer more control and security visibility. However, private clouds do not provide absolute security, they share some security challenges with public clouds and eliminate other challenges. Security metrics based approaches such as quantitative security assessments could be adopted to quantify security value of private and public clouds. Software quantitative security assessments provide extensive visibility into security postures and help assess whether or not security has improved or deteriorated. In this paper we focus on private cloud security using OpenStack as a case study, we conduct a quantitative assessment of OpenStack based on empirical data. Our analysis is multi-faceted, covering OpenStack major releases and services. We employ security metrics to determine the vulnerability density, vulnerability severity metrics and patching behavior. We show that OpenStack’s security has improved since inception, however concerted efforts are imperative for secure deployments, particularly in production environments.
    Full-text · Research · Dec 2015
  • Kennedy Torkura · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Vulnerability scanners are deployed in computer networks and software to timely identify security flaws and misconfigurations. However, cloud computing has introduced new attack vectors that requires commensurate change of vulnerability assessment strategies. To investigate the effectiveness of these scanners in cloud environments, we first conduct a quantitative security assessment of OpenStack’s vulnerability lifecycle and discover severe risk levels resulting from prolonged patch release duration. More specifically, there are long time lags between OpenStack patch releases and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actions and creation of exploits such as zero-days. Mitigating these concern requires systems with current knowledge on events within the vulnerability lifecycle. However, current vulnerability scanners are designed to depend on information about publicly announced vulnerabilities which mostly includes only vulnerability disclosure dates. Accordingly, we propose a framework that would mitigate these risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories and Bug Tracking Systems. The information is thereafter used to automatically generate plugins armed with current information about zero-day exploits and unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks.
    No preview · Conference Paper · Dec 2015
  • Source
    Konrad-Felix Krentz · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: To survive reboots, 802.15.4 security normally requires an 802.15.4 node to store both its anti-replay data and its frame counter in non-volatile memory. However, the only non-volatile memory on most 802.15.4 nodes is flash memory, which is energy consuming, slow, as well as prone to wear. Establishing session keys frees 802.15.4 nodes from storing anti-replay data and frame counters in non-volatile memory. For establishing pairwise session keys for use in 802.15.4 security in particular, Krentz et al. proposed the Adaptable Pairwise Key Establishment Scheme (APKES). Yet, APKES neither supports reboots nor mobile nodes. In this paper, we propose the Adaptive Key Establishment Scheme (AKES) to overcome these limitations of APKES. Above all, AKES makes 802.15.4 security survive reboots without storing data in non-volatile memory. Also, we implemented AKES for Contiki and demonstrate its memory and energy efficiency. Of independent interest, we resolve the issue that 802.15.4 security stops to work if a node's frame counter reaches its maximum value, as well as propose a technique for reducing the security-related per frame overhead.
    Full-text · Conference Paper · Dec 2015
  • Source
    Philipp Berger · Patrick Hennig · Martin Schoenberg · Christoph Meinel

    Full-text · Dataset · Dec 2015
  • Source
    Philipp Berger · Patrick Hennig · Martin Schoenberg · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: In recent years, blogs have become a very popular way to publish information, express opinions and hold discussions. Hence researchers and industry have interest in analyzing the blogosphere. Due to the increasing diversity of blog usage, the initial categorization into web genres is the first necessary step before any analyses. In this research, we focus on the distinction between traditional blogs, news portals, forums and miscellaneous websites. Especially the new distinction between news portals and blogs allows analyses to adapt to the network-specific characteristics of traditional media with high journalistic effort and more personal weblogs and their authors. We present a set of 80 features and extensively experiment with possible combinations and SVM parameters to identify the best constellation for the categorization into the four different web genres. Our experiments show a maximal accuracy of 83.5% overall. This high precision was reached using a combination of trained n-grams, structural properties (e.g. Twitter links) and quantitative properties like the text's length and number of dates.
    Full-text · Conference Paper · Dec 2015
  • Kennedy Torkura · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Vulnerability assessments are best practices for computer security and requirements for regulatory compliance. Potential and existing security holes can be identified during vulnerability assessments and security breaches could be averted. However, the unique nature of cloud computing environments requires more dynamic assessment techniques. The proliferation of cloud services and cloud-aware applications introduce more cloud vulnerabilities. But, current measures for identification, mitigation and prevention of cloud vulnerabilities do not suffice. Our investigations indicate a possible reason for this inefficiency to lapses in availability of precise, cloud vulnerability information. We observed also that most research efforts in the context of cloud vulnerability concentrate on IaaS, leaving other cloud models largely unattended. Similarly, most cloud assessment efforts tackle general cloud vulnerabilities rather than cloud specific vulnerabilities. Yet, mitigating cloud specific vulnerabilities is important for cloud security. Hence, this paper proposes a new approach that addresses the mentioned issues by monitoring, acquiring and adapting publicly available cloud vulnerability information for effective vulnerability assessments. We correlate vulnerability information from public vulnerability databases and develop Network Vulnerability Tests for specific cloud vulnerabilities. We have implemented, evaluated and verified the suitability of our approach
    No preview · Conference Paper · Nov 2015
  • Aragats Amirkhanyan · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Nowadays, we have a lot of data produced by social media services, but more and more often these data contain information about a location that gives us the wide range of possibilities to analyze them. Since we can be interested not only in the content, but also in the location where this content was produced. For good analyzing geo-spatial data, we need to find the best approaches for geo clustering. And the best approach means real-time clustering of massive geodata with high accuracy. In this paper, we present a new approach of clustering geodata for online maps, such as Google Maps, OpenStreetMap and others. Clustered geodata based on their location improve visual analysis of them and improve situational awareness. Our approach is the server-side online algorithm that does not need the entire data to start clustering. Also, this approach works in real-time and could be used for clustering of massive geodata for online maps in reasonable time. We implemented the proposed approach to prove the concept, and also, we provided experiments and evaluation of our approach.
    No preview · Conference Paper · Nov 2015
  • Christoph Matthies · Lukas Pirl · Amir Azodi · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: As computer software systems grow ever more sophisticated, so do the mechanisms used in compromising them. Some of the most advanced cyber attacks in recent years would have required considerable preparation and research on the specific software applications and the hardware they targeted. In this paper we focus on native applications and evaluate different reverse engineering techniques with a focus on memory manipulation, used to compromise their security. Additionally we discuss different protection mechanism and their practicalities. The techniques discussed are executed against a well known application (i.e. the Microsoft Windows Solitaire game) and the results are presented.
    No preview · Conference Paper · Sep 2015
  • Amir Azodi · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Network Topology Discovery and Inventory Listing are two of the primary features of modern network monitoring systems (NMS). Current NMSs rely heavily on active scanning techniques for discovering and mapping network information. Although this approach works, it introduces some major drawbacks such as the performance impact it can exact, specially in larger network environments. As a consequence, scans are often run less frequently which can result in stale information being presented and used by the network monitoring system. Alternatively, some NMSs rely on their agents being deployed on the hosts they monitor. In this article, we present a new approach to Network Topology Discovery and Network Inventory Listing using only passive monitoring and scanning techniques. The proposed techniques rely solely on the event logs produced by the hosts and network devices present within a network. Finally, we discuss some of the advantages and disadvantages of our approach.
    No preview · Article · Sep 2015 · Wireless Personal Communications
  • Aragats Amirkhanyan · Andrey Sapegin · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: For testing new methods of network security or new algorithms of security analytics, we need the experimental environments as well as the testing data which are much as possible similar to the real-world data. Therefore, the researchers are always trying to find the best approaches and recommendations of creating and simulating testbeds, because the issue of automation of the testbed creation is a crucial goal to accelerate research progress. One of the ways to generate data is simulate the user behavior on the virtual machines, but the challenge is how to describe what we want to simulate. In this paper, we present a new approach of describing user behavior for the simulation tool. This approach meets requirements of simplicity and extensibility. And it could be used for generating user behavior scenarios to simulate them on Windows-family virtual machines. The proposed approached is applied to our developed simulation tool that we use for solving a problem of the lack of data for research in network security and security analytics areas by generating log dataset that could be used for testing new methods of network security and new algorithms of security analytics.
    No preview · Conference Paper · Sep 2015
  • Marian Gawron · Aragats Amirkhanyan · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: The detection of vulnerabilities in computer systems and computer networks as well as the representation of the re- sults are crucial problems. The presented method tackles the problem with an automated detection and an intuitive rep- resentation. For detecting vulnerabilities the approach uses a logical representation of preconditions and postconditions of vulnerabilities. Thus an automated analytical function could detect security leaks on a target system. The gath- ered information is used to provide security advisories and enhanced diagnostics for the system. Additionally the condi- tional structure allows us to create attack graphs to visualize the network structure and the integrated vulnerability infor- mation. Finally we propose methods to resolve the identi�ed weaknesses whether to remove or update vulnerable appli- cations and secure the target system. This advisories are created automatically and provide possible solutions for the security risks.
    No preview · Conference Paper · Sep 2015
  • Feng Cheng · Andrey Sapegin · Marian Gawron · Christoph Meinel

    No preview · Conference Paper · Aug 2015
  • Marian Gawron · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: The detection of vulnerabilities in computer systems and computer networks as well as the weakness analysis are crucial problems. The presented method tackles the problem with an automated detection. For identifying vulnerabilities the approach uses a logical representation of preconditions and postconditions of vulnerabilities. The conditional structure simulates requirements and impacts of each vulnerability. Thus an automated analytical function could detect security leaks on a target system based on this logical format. With this method it is possible to scan a system without much expertise, since the automated or computer-aided vulnerability detection does not require special knowledge about the target system. The gathered information is used to provide security advisories and enhanced diagnostics which could also detect attacks that exploit multiple vulnerabilities of the system.
    No preview · Conference Paper · Aug 2015
  • David Jaeger · Amir Azodi · Feng Cheng · Christoph Meinel

    No preview · Conference Paper · Jul 2015
  • Franka Grunewald · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: The use of video lectures in distance learning involves the two major problems of searchability and active user participation. In this paper we promote the implementation and usage of a collaborative educational video annotation functionality to overcome these two challenges. Different use cases and requirements, as well as details of the implementation, are explained. Furthermore, we suggest more improvements to foster a culture of participation and an algorithm for the extraction of semantic data. Finally, evaluations in the form of user tests and questionnaires in a MOOC setting are presented. The results of the evaluation are promising, as they indicate not only that students perceive it as useful, but also that the learning effectiveness increases. The combination of personal lecture video annotations with a semantic topic map was also evaluated positively and will thus be investigated further, as will the implementation in a MOOC context.
    No preview · Article · Jul 2015 · IEEE Transactions on Learning Technologies
  • Andrey Sapegin · Marian Gawron · David Jaeger · Feng Cheng · Christoph Meinel
    [Show abstract] [Hide abstract]
    ABSTRACT: Modern Security Information and Event Management systems should be capable to store and process high amount of events or log messages in different formats and from different sources. This requirement often prevents such systems from usage of computational-heavy algorithms for security analysis. To deal with this issue, we built our system based on an in-memory database with an integrated machine learning library, namely SAP HANA. Three approaches, i.e. (1) deep normalisation of log messages (2) storing data in the main memory and (3) running data analysis directly in the database, allow us to increase processing speed in such a way, that machine learning analysis of security events becomes possible nearly in real-time. To prove our concepts, we measured the processing speed for the developed system on the data generated using Active Directory testbed and showed the efficiency of our approach for high-speed analysis of security events.
    No preview · Conference Paper · Jun 2015

  • No preview · Conference Paper · Jun 2015

Publication Stats

3k Citations
48.19 Total Impact Points


  • 2006-2015
    • Hasso Plattner Institute
      • School of Design Thinking
      Potsdam, Brandenburg, Germany
  • 2005-2014
    • Universität Potsdam
      • • Chair of Linguistics
      • • Hasso-Plattner-Institut für Softwaresystemtechnik GmbH
      Potsdam, Brandenburg, Germany
  • 1992-2012
    • Humboldt-Universität zu Berlin
      Berlín, Berlin, Germany
  • 2011
    • Chalmers University of Technology
      Goeteborg, Västra Götaland, Sweden
  • 2010
    • University of Bayreuth
      Bayreuth, Bavaria, Germany
  • 2009
    • University of Luxembourg
      Letzeburg, Luxembourg, Luxembourg
  • 1994-2006
    • Universität Trier
      • Faculty IV
      Trier, Rheinland-Pfalz, Germany
  • 1997
    • University of Colorado at Boulder
      Boulder, Colorado, United States