University of Applied Sciences Rapperswil

eprints OST (Ostschweider Fachhochschule)
Not a member yet
    1194 research outputs found

    Development of a scalable and secure RAG-as-a-Service infrastructure

    Get PDF
    Large Language Models (LLMs) have become very popular with the introduction of chatbots such as ChatGPT or Gemini. LLMs are very good at Natural Language Processing (NLP), which means they have the ability to interpret and communicate in human language. However, they are limited to the knowledge used during training, so it is difficult and resource-intensive to keep them up-to-date and/or to integrate domain-specific knowledge. In addition, LLMs tend to hallucinate and give inaccurate answers when the specific data is not available in the language model. To overcome these limitations, Retrieval-Augmented Generation (RAG) has been introduced. This novel approach facilitates the incorporation of up-to-date and domain-specific knowledge, while reducing the hallucination of LLMs by providing missing information in a targeted manner. These substantial benefits have led to the popularity of RAG. One of the most pressing concerns in many RAG implementations is the security and privacy of the data involved, especially when handling sensitive or classified information. Ensuring that data remains within authorized boundaries, maintaining full traceability, and preventing unauthorized data exposure are critical requirements. To address these challenges, we propose an architectural blueprint and core functionality for a secure and scalable RAG-as-a-Service infrastructure. This design emphasizes local data processing and containment within system boundaries, enabling predictable data flows and robust privacy protection. The system incorporates the security risks and mitigation strategies identified in our prior research, ensuring adaptability and resilience through a modular and customizable core framework. Furthermore, the architecture is designed for seamless scalability and to host multiple systems on a single infrastructure. This makes it suitable for a wide range of use cases and deployment scenarios. The system's core components were developed using a microservice-based design and deployed via Kubernetes to ensure scalability and adaptability. Security was a central concern throughout the implementation process. In addition to encrypting all external traffic, we integrated a modern authentication solution based on the OAuth 2.0 and OpenID Connect standards to safeguard our RAG system. The resulting platform is fully operational and will be used during our hands-on workshop at the IEEE Swiss Conference on Data Science (SDS2025) on June 26, 2025, at the Circle Convention Center, Zurich Airport. Additional steps included comprehensive system testing and thorough preparation for the upcoming workshop. Keywords: Retrieval-Augmented Generation (RAG), RAG Security, RAG-as-a-Service, Data Security, Privacy, Scalable Architecture, Secure AI Systems, Local RAG Pipeline, Large Language Models (LLMs), Natural Language Processing (NLP), Microservice Architecture, Docker, Kubernetes, Workshop, SDS2025, IEE

    Content Analyzer

    Get PDF
    Titel: Website Advanced Content Analysis Tool Untertitel: Arbeitstyp: Bachelorarbeit Semester: FS 2025 Studiengang: BSc Informatik Sprache: Deutsch Diplomanden: Ali Al-Kubaisi, Simon Amberg Referent: Prof. Dr. Markus Stolze Korreferent: Reto Senn, bitforge AG, Zürich, ZH Themengebiet: Software Engineering Einleitung: Das Ziel dieser Bachelorarbeit war die Entwicklung einer Webapplikation `Content Analyzer` zur automatisierten Analyse von Webseiteninhalten. Die Applikation soll Unternehmen dabei unterstützen, den Zustand ihrer Webseiten hinsichtlich Barrierefreiheit in Bezug auf Standards wie den den Web Content Accessibility Guidelines (WCAG) und Schreibstil effizient zu bewerten und zu verbessern. Vorgehen / Technologien: Im Zentrum der Arbeit stand die Umsetzung eines Web-Scrapers und eines modularen Systems, das open-source Analysetools über einen Plugin-Mechanismus integriert. Der entwickelte Web-Scraper nutzt moderne Technologien, um Inhalte von Webseiten automatisiert zu erfassen und in einem Repository zu speichern. Anhand dieses Repositorys wird dann die erfasste Webseitenstruktur mithilfe der eingebundenen Analysetools untersucht. Die initiale Implementierung umfasste insbesondere die Analyse von Barrierefreiheit mithilfe des Tools Axe-Core sowie ergänzende Auswertungen hinsichtlich der WCAG-Richtlinien. Zusätzlich wurde ein Schreibstil-Checker entwickelt, der regelbasierte und KI-gestützte Ansätze für grammatikalische Korrekturen und Textanalysen kombiniert. Darüber hinaus bietet die Applikation Möglichkeiten zur Verwaltung und Annotation von Inhalten und Gruppierung, sowie Verwaltung von erkannten Problemen. Ergebnis: Besondere Herausforderungen beim Web-Scraping ergaben sich aus der Diversität an Technologien und Architekturen, die für moderne Webseiten eingesetzt werden, sowie der baumartigen Struktur von Webseiten. Diese wurden durch detaillierte Analyse der Problemdomäne, sorgfältige Technologieauswahl, sowie einer iterativen Entwicklung erfolgreich bewältigt. Das Ergebnis der Arbeit ist ein flexibles und wartbares System, das es ermöglicht, Webseiten auf grundlegende Richtlinie zu überprüfen. Über eine anschauliche Darstellung der Resultate können erkannten Problemen verwaltet und behoben werden. In Zukunft soll das System als Grundlage dienen, auf der weitere Analysetools eingebunden werden können, um aufkommende Standards abzudecken und neue Fähigkeiten einzubinden. Bild 1: Analysis Dashboard: Plugin-Übersicht, Schreibstill, Content-Management, Coverage-Statistiken Bild 2: Modulare Architektur: Frontend, Webserver, Web-Scraper, Analyse-Services, MongoDB Bild 3: Accessibility Resultat mit WCAG-Analys

    LambdaLab – A Visual, Block-Based Approach to Functional Programming

    No full text
    Block-based programming tools such as "Scratch" or "LEGO Mindstorms" can give beginner programmers an enjoyable first impression of programming. These tools are based on the imperative programming style, whereas for functional programming, no suitable block-based tool currently exists. By also using a block-based approach for teaching functional programming, the learning process for students could be improved. Previously, new visual approaches to functional programming were studied and evaluated and a proof of concept application with the proposed approach was implemented during a student research project in 2023. The main goal of this project is to refine the existing concept and implement an application which can be used by programmers who want to learn how to program in a functional style. The application should be built using Haskell and accessible as a web application. LambdaLab allows users to incrementally build functions by adding different blocks to so-called typed holes. Typed holes are placeholders which can only be filled with an expression of a specific type. Type annotations and a visual indicator which shows whether a specific block can be added to a typed hole guide the user in the creation of their functions. The type annotations are determined through the process of type inference. Thanks to the visual editor, syntax errors are impossible, which removes a big hurdle for beginner programmers. The application gathered positive feedback from users in the usability tests. They were able to quickly grasp the concept and enjoyed using the application. Areas for further improvement, which were identified during the usability tests, were documented and some changes were already implemented. Overall, this thesis demonstrates significant improvements compared to the proof of concept application. LambdaLab has reached a stage where its effectiveness in enhancing students' understanding of functional programming and making the learning process more enjoyable can now be evaluated in classroom settings. Further usability improvements, such as the ability to rename bindings or an integrated tutorial, could be implemented in a future project. Additionally, support for pattern matching would greatly improve the applicability of LambdaLab. By addressing the aforementioned opportunities for enhancement, the system can become even more usable and effective

    Instant Payment Integration at the Point of Sale

    Get PDF
    Diese Bachelorarbeit befasst sich mit der Konzeption und prototypischen Umsetzung einer Zahlungslösung, die Instant Payments (IP) und Open Banking für den Einsatz im Onlinehandel und am physischen Point of Sale nutzbar macht. Ziel war es, die technische Machbarkeit eines Systems zu demonstrieren, das IP-Zahlungen in Echtzeit validiert und damit eine sofortige Warenfreigabe ermöglicht. Nach einer Analyse verschiedener technischer Umsetzungsoptionen wurde ein Ansatz gewählt, bei dem die Zahlungsplattform direkten Zugriff auf das Empfängerkonto hat, um Zahlungseingänge in Echtzeit zu überprüfen. Hierfür wurde ein System mit einem .NET-Backend, einem Next.JS-basierten Händlerportal und einer Angular-Checkout-Seite entwickelt. Die Datenhaltung erfolgt mittels PostgreSQL und Redis, während eine Testbankenumgebung der Innofactory AG für die Simulation von IP-Zahlungen und den Abruf von Transaktionsdaten über eine Open-Banking-Schnittstelle eingesetzt wurde. Die entwickelte Lösung demonstriert die technische Machbarkeit einer solchen Plattform und identifiziert zudem auch bestehende Hürden, darunter Gebühren für IP-Zahlungen, die noch geringe Verbreitung von IP-versendenden Banken und Usability-Aspekte von Mobile Banking Apps bei der Erfassung von IP-Zahlungen. Interviews mit Fachpersonen des Banken- und E-Commerce-Sektors sowie eine begleitende Umfrage gaben zusätzlich Aufschluss über Marktpotenziale, Anforderungen und Akzeptanzkriterien

    Development of an LLM-first 2D Videogame

    Get PDF
    Traditional role-playing video games (RPGs), where players assume the role of a character in a fictional world, often rely on static dialogues and storylines. This can make replaying the game feel repetitive and less engaging, as the story and conversations remain the same. In contrast, tabletop RPGs thrive on the creativity of the human game master, who continuously invents new settings and stories and allows play- ers to interact naturally with the world. With the rise of large language models (LLMs), new opportunities are emerging for digital games. A key strength of modern LLMs is their ability to generate human-like text in response to natural language input. Integrating LLMs into games enables live, context-sensitive responses to player actions and dialogue, bringing some of the freedom and spontaneity of tabletop RPGs into video games. This project aims to develop a 2D RPG with a top-down view that combines traditional gameplay with the creative power of LLMs. At the start of each game, an LLM generates a unique world. During gameplay, characters respond to the player in real time, meaning no playthrough is the same. For developers, this moves focus away from scripting fixed content to designing systems and prompts that enable the AI to take over parts of the storytelling.The game is developed in Unity using a 2D pixel art style and includes typical RPG elements such as story, exploration, non- playable characters (NPC), battles, items and quests. Game content is partly generated using LLMs and partly built from predefined assets. For example, character parts like heads, bodies and clothes are defined in advance, and the LLM selects from these to create NPCs. Similarly, the map is built from predefined 30x30 tiles depicting elements like forests, plains and villages, which the LLM as- sembles into a complete world. The generation process starts with a prompt defining the map, followed by prompts for quests, NPCs and items. NPC appearance and battle skills are generated in separate prompts to keep outputs manageable. For simpler tasks like NPC visuals, skills and interactions, we use OpenAI’s cost- efficient GPT-4o-mini. For tasks requiring more consistency and depth, such as map and quest generation, we use the o3-mini model. We built a functional top-down 2D RPG with LLM-supported elements that generates new content on each playthrough. Our key finding is that the quality of generated content depends heavily on the context provided. Without sufficient details, quests and characters often become repetitive or inconsistent. For example, NPCs might block quest progression, or items can appear in incorrect locations. While these is- sues occasionally caused confusion, the eight people we selected to test our game generally responded positively, appreciating the dynamic nature of the experience. A major challenge we encountered was balancing the amount and complexity of prompts with system performance. Longer or more detailed prompts improve output coherence but increase the risk of missing details. Splitting input into smaller prompts helps but raises processing time. A promising approach is sending multiple prompts simulta- neously for parallel processing, which could improve content accuracy and reduce wait times. Overall, this project indicates that a thoughtful combination of AI and traditional techniques can open exciting new possibilities for creating more dynamic and imaginative games in the future

    Automated Testing Framework for Malware Detection in Microsoft Defender for Endpoint

    Get PDF
    Microsoft Defender for Endpoint (MDE) is a widely used security platform that protects enterprise systems against malware and other threats. Despite its powerful capabilities, the detection mechanisms behind MDE remain largely opaque. The detection logic is updated frequently through cloud-driven changes, but without versioning or public documentation. This lack of transparency presents a challenge: security teams are unable to verify whether new threats are being effectively detected or whether previous detection capabilities have silently changed. This thesis presents an automated testing framework that executes real-world malware samples in isolated virtual machines and analyzes MDE's response via its official cloud Application Programming Interface (API). The system is implemented in PowerShell and uses Microsoft Hyper-V to ensure clean, reproducible testing environments for each sample. Detection results are retrieved and compiled into structured reports that highlight alert types, detection gaps, and behavioral consistency. One key feature is a similarity analysis based on Levenshtein distance, which compares newly returned MDE alert titles against a reference list. This enables the system to flag alerts that may indicate mutated malware or changes in detection terminology, providing early indicators of MDE’s shifting detection patterns. The framework allows configuration through both a Command Line Interface (CLI) and external JavaScript Object Notation (JSON) files, and all results can be stored in a persistent datastore for potential future trend comparison. By offering a safe, repeatable, and data-driven approach to malware testing, this framework fills a critical visibility gap in endpoint protection assurance. It allows organizations to proactively validate MDE’s responses to threats, understand behavioral changes in its detection engine, and build evidence-based trust in their endpoint defense strategy

    Nutzerzentrierte Entwicklung einer Webapplikation für das operative Produktionsmanagement

    No full text
    Die SFS Group Schweiz AG ist ein international tätiger Industriekonzern mit Hauptsitz in Heerbrugg, der sich auf die Entwicklung und Herstellung von Präzisionskomponenten, Befestigungssystemen und industriellen Versorgungslösungen spezialisiert hat. In den globalen Produktionswerken werden täglich zahlreiche Kennzahlen erfasst, um die Leistung der Produktionsanlagen zu überwachen und kontinuierlich zu verbessern. Ziel dieser Bachelorarbeit ist es, die Nutzung dieser Kennzahlen durch direkte Führungskräfte in der Produktion zu fördern. Dazu wurde ein bestehender Prototyp für die digitale Durchführung der wöchentlichen Meetings in der Produktion, der im Rahmen einer vorangegangenen Studienarbeit entstanden ist, weiterentwickelt und funktional ausgebaut. Im Fokus standen dabei eine intuitive Darstellung der Kennzahlen, die Einführung einer Notizfunktion sowie die Integration eines Aufgabenmanagements. Die Entwicklung erfolgte nutzerzentriert: In Interviews und Usability-Tests wurden Anforderungen und Verbesserungspotenziale ermittelt und in Form von Wireframes konzeptionell aufgearbeitet. Auf dieser Grundlage wurde die Applikation technisch überarbeitet und in ihrer Architektur, Benutzeroberfläche und Funktionalität deutlich verbessert. Die neu gestaltete Team-Übersicht ermöglicht eine schnelle Erfassung der wichtigsten Kennzahlen, während Aufgaben und Notizen die operative Kommunikation direkt in der Applikation unterstützen. Die anschliessende Validierung durch Tests und Nutzerrückmeldungen bestätigt eine erhöhte Benutzerfreundlichkeit sowie die Erfüllung der zuvor definierten Anforderungen. Die Applikation bietet damit eine belastbare Grundlage für einen produktiven Pilotbetrieb und die zukünftige Weiterentwicklung

    OST Marketplace App for Android and iOS using Kotlin Multiplatform (KMP)

    Get PDF
    Whether students want to reduce clutter, generate extra income or contribute to a more sustainable economy, having an accessible way to sell and buy secondhand or new items can be beneficial. Unfortunately, existing marketplaces are not specifically designed for an academic environment. Their users are spread out and trust is limited, which discourages users from using them. To foster the usage of such marketplaces and combat the mentioned issues, a university-specific marketplace app should be created. For the frontend, a cross-platform mobile app was developed. A major part of this thesis was the research and evaluation of Kotlin Multiplatform, which was used to develop the app. This provided both theoretical and practical insights into the technology. Various multiplatform-compatible frameworks and libraries such as Compose Multiplatform, Voyager and Koin were utilized. The backend is a REST API built with Python using FastAPI. SQLAlchemy is used as the ORM to interact with a PostgreSQL database. The entire backend, including a search engine, is hosted on AWS, leveraging services such as ECS Fargate, RDS, EC2, and S3. Firebase was used for push notifications, PubNub for real-time chat and Microsoft Entra ID for authentication. The Kotlin Multiplatform research has concluded that the technology is sufficiently advanced to be used in productive applications. While still young in comparison to its competitors, JetBrains’ support for its technology is evident and its progress is rapid. As of May 6, 2025, the iOS platform has also been marked as stable, meaning that cross-platform mobile development is now fully stable in Kotlin Multiplatform. The developed app, POSTE, is a fully functional marketplace where users can create listings, browse listings, initiate a chat with the seller and much more. OST students can sign in using their OST-specific Microsoft account. This not only enhances the trust among users but also gives a sense of community

    Semantic Clustering Toolbox

    Get PDF
    This thesis presents the design, development, and evaluation of a semantic clustering toolbox intended to support non-technical users in analyzing open-ended survey responses. The motivation stems from a desire to expedite the labor- and time-intensive process of survey data analysis in research and evaluation contexts. The toolbox allows users to upload survey data, perform semantic clustering, analyze sentiment, and export results through a simplified interface. Developed using a Design Science Research methodology, it integrates embedding models for semantic representation, the K-means algorithm for clustering, dimensionality reduction for visualization, and language models for sentiment analysis. A notable feature of the system is the inclusion of cluster stability visualizations, which help users interpret the consistency of clustering outcomes across multiple runs. The artifact was evaluated through internal clustering metrics, user feedback and requirement validation using real-world survey data provided by the IFSAR research institute. Results indicate that the toolbox effectively identifies dominant themes and supports exploratory analysis, while remaining accessible to non-technical users. Despite its utility, the toolbox has limitations, including sensitivity to input quality and the inherent subjectivity of interpreting clusters without ground truth labels. Nonetheless, the artifact fulfills its primary goal and offers a practical foundation for future enhancements and research. Overall, this work contributes a practical and extensible tool for the semantic clustering of textual data

    Antimony: A visual approach to designing and deploying Containerlab networks.

    Get PDF
    Containerlab is a powerful framework for container-based network emulation but lacks a user-friendly graphical interface and fine-grained access management. This makes it less accessible to users unfamiliar with CLI-based workflows and less suitable for usage in large-scale lab environments. This thesis presents the completion of Antimony, a tool that addresses these very problems by providing a server that communicates with the Containerlab tool chain and a user-friendly interface for designing, deploying and maintaining network topologies. The goal of this thesis is to develop a platform that simplifies the integration of Containerlab into educational lab environments. A user-interface makes it easier for students and teachers to understand networking concepts and design networks through visual topology management. Building on our previous thesis, whose goal was to develop an initial interface prototype, this work focuses on finalizing that prototype and designing a robust server that acts as the binding between the interface and Containelab. By developing our own server, we are able to implement features such as log streaming and fine-grained access management. The resulting product is a user-friendly platform that can be deployed locally for personal testing, as well as in large-scale educational environments. Thanks to our flexible authentication scheme, it is possible to seamlessly integrate with existing university infrastructure such as Azure AD or other OpenID providers

    1,015

    full texts

    1,194

    metadata records
    Updated in last 30 days.
    eprints OST (Ostschweider Fachhochschule)
    Access Repository Dashboard
    Do you manage Open Research Online? Become a CORE Member to access insider analytics, issue reports and manage access to outputs from your repository in the CORE Repository Dashboard! 👇