Team
Academic Staff
Jan Laufer, M. Sc.
- Room:
- R09 R02 H44
- Phone:
- +49 201 18-34087
- Email:
- Jan.Laufer (at) paluno.uni-due.de
- X.509 Cert:
- user certificate from dfn.de
- Consultation Hour:
- Flexibel - Anmeldung per Email
- Social Media:
- Address:
- Universität Duisburg-Essen, Campus Essen
Fakultät für Informatik
Lehrstuhl für Wirtschaftsinformatik und Softwaretechnik
Universitätsstr. 9
45141 Essen - Author Profiles:
- ORCID
- Google Scholar
Curriculum Vitae:
Berufserfahrung
- Seit Oktober 2024: Wissenschaftlicher Mitarbeiter (Vollzeit) am Lehrstuhl für Wirtschaftsinformatik und Softwaretechnik (Lehrstuhlinhaber: Prof. Dr. Stefan Eicker) an der Universität Duisburg-Essen
- Oktober 2023 - September 2024: Wissenschaftlicher Mitarbeiter (Vollzeit) am Lehrstuhl Software Systems Engineering (Lehrstuhlinhaber: Prof. Dr. Klaus Pohl) an der Universität Duisburg-Essen Duisburg-Essen
- Januar 2021 - September 2023: Wissenschaftlicher Mitarbeiter (Teilzeit) am Lehrstuhl Software Systems Engineering (Lehrstuhlinhaber: Prof. Dr. Klaus Pohl) an der Universität Duisburg-Essen Duisburg-Essen
- Mai 2018 - Dezember 2020: Studentische Hilfskraft am Lehrstuhl Software Systems Engineering (Lehrstuhlinhaber: Prof. Dr. Klaus Pohl) an der Universität Duisburg-Essen
Studium
- Oktober 2020 - Juli 2024: Studium der Wirtschaftsinformatik (M. Sc.) an der Universität Duisburg-Essen
- Masterarbeit: "An empirical user study of an approach for explaining online reinforcement learning decisions of adaptive systems"
- Oktober 2017 - Oktober 2020: Studium der Wirtschaftsinformatik (B. Sc.) an der Universität Duisburg-Essen
- Bachelorarbeit: "Modellierung von Datenschutzgefährdungen im Fog-Computing anhand von Fallbeispielen aus dem EU-Forschungsprojekt FogProtect mithilfe der Modellierungssprachen UMLsec und SysML-Sec"
Honours and Awards:
- Stipendiat Deutschlandstipendium (UDE-Stipendium) im Sommersemester 2023
- Stipendiat Deutschlandstipendium (UDE-Stipendium) im Wintersemester 2020/2021 - Sommersemester 2021 (Förderer: Dr. Heinz-Horst Deichmann Stiftung)
Fields of Research:
Aktuelle Forschungsgebiete:
- Generative AI
- Explainable AI
Frühere Forschungsgebiete:
- (Self-)Adaptive Systems
- Data Protection
Publications:
- Metzger, Andreas; Laufer, Jan; Feit, Felix; Pohl, Klaus: A User Study on Explainable Online Reinforcement Learning for Adaptive Systems. In: ACM Trans. Auton. Adapt. Syst. (TAAS), Vol 19 (2024) No 3. doi:10.1145/3666005CitationAbstractDetails
Online reinforcement learning (RL) is increasingly used for realizing adaptive systems in the presence of design time uncertainty because Online RL can leverage data only available at run time. With Deep RL gaining interest, the learned knowledge is no longer represented explicitly but hidden in the parameterization of the underlying artificial neural network. For a human, it thus becomes practically impossible to understand the decision-making of Deep RL, which makes it difficult for (1) software engineers to perform debugging, (2) system providers to comply with relevant legal frameworks, and (3) system users to build trust. The explainable RL technique XRL-DINE, introduced in earlier work, provides insights into why certain decisions were made at important time steps. Here, we perform an empirical user study concerning XRL-DINE involving 73 software engineers split into treatment and control groups. The treatment group is given access to XRL-DINE, while the control group is not. We analyze (1) the participants’ performance in answering concrete questions related to the decision-making of Deep RL, (2) the participants’ self-assessed confidence in giving the right answers, (3) the perceived usefulness and ease of use of XRL-DINE, and (4) the concrete usage of the XRL-DINE dashboard.
- Metzger, Andreas; Bartel, Jone; Laufer, Jan: An AI Chatbot for Explaining Deep Reinforcement Learning Decisions of Service-Oriented Systems. In: Monti, F.; Rinderle-Ma, S.; Ruiz Cortés, A.; Zheng, Z.; Mecella, M. (Ed.): International Conference on Service-Oriented Computing (ICSOC). Springer, 2023, p. 323-338. doi:10.1007/978-3-031-48421-6_22CitationDetails
- Smolka, Sven; Laufer, Jan; Mann, Zoltán Ádám; Pohl, Klaus: UMLsec4Edge: Extending UMLsec to model data-protection-compliant edge computing systems. In: 2022 48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA). Gran Canaria, Spain 2022, p. 418-425. doi:10.1109/SEAA56994.2022.00072CitationDetails
- Zmiewski, Sascha Sven; Laufer, Jan; Mann, Zoltán Ádám: Automatic online quantification and prioritization of data protection risks. In: Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES). Association for Computing Machinery (ACM), Vienna, Austria 2022. doi:10.1145/3538969.3539005CitationAbstractDetails
Data processing systems operate in increasingly dynamic environments, such as in cloud or edge computing. In such environments, changes at run time can result in the dynamic appearance of data protection vulnerabilities, i.e., configurations in which an attacker could gain unauthorized access to confidential data. An autonomous system can mitigate such vulnerabilities by means of automated self-adaptations. If there are several data protection vulnerabilities at the same time, the system has to decide which ones to address first. In other areas of cybersecurity, risk-based approaches have proven useful for prioritizing where to focus efforts for increasing security. Traditionally, risk assessment is a manual and time-consuming process. On the other hand, addressing run-time risks requires timely decision-making, which in turn necessitates automated risk assessment. In this paper, we propose a mathematical model for quantifying data protection risks at run time. This model accounts for the specific properties of data protection risks, such as the time it takes to exploit a data protection vulnerability and the damage caused by such exploitation. Using this risk quantification, our approach can make, in an automated process, sound decisions on prioritizing data protection vulnerabilities dynamically. Experimental results show that our risk prioritization method leads to a reduction of up to 15.8% in the damage caused by data protection vulnerabilities.
- Lachner, Clemens; Laufer, Jan; Dustdar, Schahram; Pohl, Klaus: A Data Protection Focused Adaptation Engine for Distributed Video Analytics Pipelines. In: IEEE Access, Vol 10 (2022), p. 68669-68685. doi:10.1109/ACCESS.2022.3185990CitationDetails
- Laufer, Jan; Mann, Zoltán Ádám; Metzger, Andreas: Modelling Data Protection in Fog Computing Systems using UMLsec and SysML-Sec. In: ACM IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C). Fukuoka, Japan 2021, p. 777-786. doi:10.1109/models-c53483.2021.00124CitationDetails
- Mann, Zoltán Ádám; Kunz, Florian; Laufer, Jan; Bellendorf, Julian; Metzger, Andreas; Pohl, Klaus: RADAR: Data Protection in Cloud-Based Computer Systems at Run Time. In: IEEE Access, Vol 9 (2021), p. 70816-70842. doi:10.1109/ACCESS.2021.3078059CitationDetails
Talks:
- Laufer, Jan: Automatic online quantification and prioritization of data protection risks, FoMSESS-Jahrestreffen, 05.10.2022, Virtual. Details
- Laufer, Jan: Automatic online quantification and prioritization of data protection risks, 17th International Conference on Availability, Reliability and Security, 24.08.2022, Vienna, Austria. Details
- Laufer, Jan: Modelling Data Protection in Fog Computing Systems using UMLsec and SysML-Sec, 13th System Analysis and Modelling Conference, 11.10.2021, Virtual. Details
Courses:
Betreuung von
- Seminararbeiten:
- "Gegenüberstellung unterschiedlicher Ansätze zur Modellierung von Security Patterns" (SoSe 2021)
- "Attack Trees: Möglichkeiten und Einsatzgebiete" (SoSe 2022)
- "Übersicht über DevSecOps Methoden und Metriken" (WiSe 2022/2023)
- "Resolving Causal Confusion in Deep Reinforcement Learning: An Introduction to Current Approaches" (WiSe 2023/2024)
- "Identifizierung von ChatbotEvaluationsmöglichkeiten" (SoSe 2024)
- "Identifizierung von Einsatzmöglichkeiten von Large Language Models im Requirements Engineering" (SoSe 2024)
- Bachelorprojekten:
- "Modellierung von Security-Aspekten von Fallbeispielen aus dem EU-Projekt FogProtect mithilfe ausgewählter Erweiterungen der BPMN" (SoSe 2021)
- "Privacy Metriken im Rahmen von FogProtectAnwendungsfällen" (WiSe 2021/2022)
- Abschlussarbeiten (siehe unten)
Frühere Lehrveranstaltungen:
- Organisation des Bachelor-Seminars am Lehrstuhl SSE (SoSe 2023 - SoSe 2024)
- Übungsleitung im Modul Requirements Engineering (WiSe 2023/2024)
Tutored Theses:
- The Impact of Remote Work on Cybercrime (Bachelor Thesis Business Information Systems, in progress)
- Refaktorisierung der Explainable-AI-Technik XRL-DINE zur flexiblen Anpassung an unterschiedliche State- und Action-Spaces sowie Reward-Channels (Bachelor Thesis Computer Science, 2024)
- Anwendung der Explainable-AI-Technik XRL-DINE auf den adaptiven Videoencoder SAVE (Bachelor Thesis Computer Science, 2023)
- Erweiterung des RADAR-Ansatzes für die Adaption von Fog-Computing-Systemen um eine Erklärbarkeits-Komponente (Bachelor Thesis Computer Science, 2023)
- Automatische Erkennung von DSGVO-Datenschutzverletzungen in Laufzeitmodellen von Fog-Computing Systemen (Bachelor Thesis Computer Science, 2022)
- Erweiterung von UMLsec zur Modellierung von Datenschutzanforderungen und -gefährdungen im Fog-Computing (Bachelor Thesis Computer Science, 2021)
Memberships:
- Alumni der Fakultät für Wirtschaftswissenschaften der Universität Duisburg-Essen
- Bundeskader DLRG (seit 2018)