Publikationen


Suche nach „[Institut ProtectIT]“ hat 50 Publikationen gefunden
Suchergebnis als PDF
    DigitalAngewandte InformatikInstitut ProtectIT

    Zeitschriftenartikel

    Amar Almaini, A. Al Dubai, I. Romdhani, Martin Schramm, A. Alsarhan

    Lightweight edge authentication for software defined networks

    Computing (Special Issue), no. 8 August 2020

    2020

    DOI: 10.1007/s00607-020-00835-4

    Abstract anzeigen

    OpenFlow is considered as the most known protocol for Software Defined Networking (SDN). The main drawback of OpenFlow is the lack of support of new header definitions, which is required by network operators to apply new packet encapsulations. While SDN’s logically centralized control plane could enhance network security by providing global visibility of the network state, it still has many side effects. The intelligent controllers that orchestrate the dumb switches are overloaded and become prone to failure. Delegating some level of control logic to the edge or, to be precise, the switches can offload the controllers from local state based decisions that do not require global network wide knowledge. Thus, this paper, to the best of our knowledge, is the first to propose the delegation of typical security functions from specialized middleboxes to the data plane. We leverage the opportunities offered by programming protocol-independent packet processors (P4) language to present two authentication techniques to assure that only legitimate nodes are able to access the network. The first technique is the port knocking and the second technique is the One-Time Password. Our experimental results indicate that our proposed techniques improve the network overall availability by offloading the controller as well as reducing the traffic in the network without noticeable negative impact on switches’ performance.

    Angewandte InformatikInstitut ProtectIT

    Vortrag

    A. Hawbani, Y. Zhang, Amar Almaini, A. Yassin, L. Zhao, R. Cao

    2020 Master's Programs in Suzhou

    2019

    DOI: 10.13140/RG.2.2.28640.43522

    Abstract anzeigen

    How to get a free scholarship at the most prestigious Chinese universities. This program is available for students with an undergraduate degree, and it often takes one to two years to complete.

    DigitalAngewandte InformatikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Amar Almaini, A. Al Dubai, I. Romdhani, Martin Schramm

    Delegation of Authentication to the Data Plane in Software Defined Networks

    Proceedings of the 18th IEEE International Conference on Ubiquitous Computing and Communications (IUCC 2019) [October 21-23, 2019, Shenyang, China]

    2019

    DOI: 10.1109/IUCC/DSCI/SmartCNS.2019.00038

    Abstract anzeigen

    OpenFlow is considered as the most known protocol for Software Defined Networking (SDN). The main drawback of OpenFlow is the lack of support of new header definitions, which is required by network operators to apply new packet encapsulations. While SDN's logically centralized control plane could enhance network security by providing global visibility of the network state, it still has many side effects. The intelligent controllers that orchestrate the dumb switches are overloaded and become prone to failure. Delegating some level of control logic to the switches can offload the controllers from local state based decisions that do not require global network-wide knowledge. Thus, this paper, to the best of our knowledge, is the first to propose the delegation of typical security functions from specialized middleboxes to the data plane. We leverage the opportunities offered by P4 language to implement the functionality of authenticating nodes using port knocking. Our experimental results indicate that our proposed technique improves the network overall availability by offloading the controller as well as reducing the traffic in the network without noticeable negative impact on switches' performance.

    DigitalNachhaltigElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Michael Heigl, Laurin Dörr, Martin Schramm, D. Fiala

    On the Energy Consumption of Quantum-resistant Cryptographic Software Implementations Suitable for Wireless Sensor Networks

    Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (July 26-28, 2019; Prague, Czech Republic), vol. Vol. 2 (SECRYPT 2019 : 16th International Conference on Security and Cryptography)

    2019

    DOI: 10.5220/0007835600720083

    Abstract anzeigen

    For an effective protection of the communication in Wireless Sensor Networks (WSN) facing e.g. threats by quantum computers in the near future, it is necessary to examine the applicability of quantum-resistant mechanisms in this field. It is the aim of this article to survey possible candidate schemes utilizable on sensor nodes and to compare the energy consumption of a selection of freely-available software implementations using a WSN-ready Texas Instruments CC1350 LaunchPad ARM® Cortex®-M3 microcontroller board.

    DigitalNachhaltigElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Laurin Dörr, Michael Heigl, D. Fiala, Martin Schramm

    Comparison of Energy-Efficient Key Management Protocols for Wireless Sensor Networks

    Proceedings of the 2019 International Electronics Communication Conference (IECC '19) [July 7-9, 2019; Okinawa, Japan]

    2019

    DOI: 10.1145/3343147.3343156

    Abstract anzeigen

    A Wireless Sensor Network (WSN) contains small sensor nodes which monitor physical or environmental conditions. WSN is an important technology for digitalization of industrial periphery and is often used in environments which are not hardened against security impacts. These networks are easy to attack due to the open communication medium and low computing resources of the applied devices. Establishing security mechanisms is difficult while taking into account low energy consumption. Low cost sensors with limited resources make the implementation of cryptographic algorithms even more challenging. For WSNs cryptographic functions are needed without high impact on energy consumption and latency. Therefore, security in WSNs is a challenging field of research. This paper compares lightweight energy-efficient key exchange protocols which are suitable for WSN. The protocols were also implemented in WSN-capable Texas Instrument boards and the energy consumption was measured during the key exchange. This paper shows that schemes have to be chosen depending on the specific network requirements and that the usage of asymmetric cryptography does not always result in a high energy consumption.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Karl Leidl

    Anomalieerkennung in industriellen Netzwerken - Cybersicherheit mit Machine Learning

    Forum Künstliche Intelligenz, Stuttgart

    2019

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Karl Leidl

    Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning

    Forum Safety & Security, Sindelfingen

    2019

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Karl Leidl, Andreas Grzemba

    Secure per Machine Learning - Wie KI die Informationssicherheit verbessern kann

    Computer & Automation (Sonderheft Safety & Security), no. Juni

    2019

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Karl Leidl, Andreas Grzemba

    Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning

    Digitaler Tagungsband zum Forum Safety & Security (8.- 10. Juli 2019, Sindelfingen)

    2019

    ISBN: 978-3-645-50185-9

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Robert Wildenauer, Karl Leidl, Martin Schramm

    Hacking an optics manufacturing machine: You don't see it coming?!

    Proceedings of SPIE 11171 (Sixth European Seminar on Precision Optics Manufacturing, 1117101 [9-10 April 2019, Teisnach]), Bellingham, WA, USA

    2019

    DOI: 10.1117/12.2526691

    Abstract anzeigen

    With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Amar Almaini

    Authentication and port scan mitigation in the Software Defined Network Switches

    Posterpräsentation

    6. Tag der Forschung, Deggendorf

    2019

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Fabian Sauer

    Evaluationsframework für Intrusion Detection System (IDS)

    Vortrag und Posterpräsentation

    6. Tag der Forschung, Deggendorf

    2019

    DigitalMobilElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Michael Heigl, Martin Schramm, D. Fiala

    A Lightweight Quantum-Safe Security Concept for Wireless Sensor Network Communication

    Proceedings of the IEEE Annual International Conference on Pervasive Computing and Communications Workshops (March 11-15, 2019; Kyoto, Japan)

    2019

    ISBN: 978-1-5386-9150-2

    DOI: 10.1109/PERCOMW.2019.8730749

    Abstract anzeigen

    The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

    DigitalMobilElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Michael Heigl, Laurin Dörr, Nicolas Tiefnig, D. Fiala, Martin Schramm

    A Resource-Preserving Self-Regulating Uncoupled MAC Algorithm to be Applied in Incident Detection

    Computers & Security, vol. 85, no. August, pp. 270-285

    2019

    DOI: 10.1016/j.cose.2019.05.010

    Abstract anzeigen

    The connectivity of embedded systems is increasing accompanied with thriving technology such as Internet of Things/Everything (IoT/E), Connected Cars, Smart Cities, Industry 4.0, 5G or Software-Defined Everything. Apart from the benefits of these trends, the continuous networking offers hackers a broad spectrum of attack vectors. The identification of attacks or unknown behavior through Intrusion Detection Systems (IDS) has established itself as a conducive and mandatory mechanism apart from the protection by cryptographic schemes in a holistic security eco-system. In systems where resources are valuable goods and stand in contrast to the ever increasing amount of network traffic, sampling has become a useful utility in order to detect malicious activities on a manageable amount of data. In this work an algorithm – Uncoupled MAC – is presented which secures network communication through a cryptographic scheme by uncoupled Message Authentication Codes (MAC) but as a side effect also provides IDS functionality producing alarms based on the violation of Uncoupled MAC values. Through a novel self-regulation extension, the algorithm adapts it’s sampling parameters based on the detection of malicious actions. The evaluation in a virtualized environment clearly shows that the detection rate increases over runtime for different attack scenarios. Those even cover scenarios in which intelligent attackers try to exploit the downsides of sampling.

    DigitalMobilElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Andreas Grzemba

    Entwicklungstrends in der Car IT Security

    2018

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Martin Schramm

    A Practical Introduction to Cryptographic Engineering

    [Invited Talk; eingeladen von Dalibor Fiala (PhD)]

    2018

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Martin Schramm, R. Dojen, Michael Heigl

    A Vendor-Neutral Unified Core for Cryptographic Operations in GF(p) and GF( 2m ) Based on Montgomery Arithmetic (Article ID 4983404)

    Security and Communication Networks, no. 9, pp. 1-18

    2018

    DOI: 10.1155/2018/4983404

    Abstract anzeigen

    In the emerging IoT ecosystem in which the internetworking will reach a totally new dimension the crucial role of efficient security solutions for embedded devices will be without controversy. Typically IoT-enabled devices are equipped with integrated circuits, such as ASICs or FPGAs to achieve highly specific tasks. Such devices must have cryptographic layers implemented and must be able to access cryptographic functions for encrypting/decrypting and signing/verifying data using various algorithms and generate true random numbers, random primes, and cryptographic keys. In the context of a limited amount of resources that typical IoT devices will exhibit, due to energy efficiency requirements, efficient hardware structures in terms of time, area, and power consumption must be deployed. In this paper, we describe a scalable word-based multivendor-capable cryptographic core, being able to perform arithmetic operations in prime and binary extension finite fields based on Montgomery Arithmetic. The functional range comprises the calculation of modular additions and subtractions, the determination of the Montgomery Parameters, and the execution of Montgomery Multiplications and Montgomery Exponentiations. A prototype implementation of the adaptable arithmetic core is detailed. Furthermore, the decomposition of cryptographic algorithms to be used together with the proposed core is stated and a performance analysis is given.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Michael Heigl, Laurin Dörr, Amar Almaini, D. Fiala, Martin Schramm

    Incident Reaction Based on Intrusion Detections’ Alert Analysis

    Proceedings of the 23rd International Conference on Applied Electronics (AE) 2018 (University of West Bohemia, Pilsen, Czech Republic; September 11-12, 2018)

    2018

    DOI: 10.23919/AE.2018.8501419

    Abstract anzeigen

    The protection of internetworked systems by cryptographic techniques have crystallized as a fundamental aspect in establishing secure systems. Complementary, detection mechanisms for instance based on Intrusion Detection Systems has established itself as a fundamental part in holistic security eco-systems in the previous years. However, the interpretation of and reaction on detected incidents is still a challenging task. In this paper an incident handling environment with relevant components and exemplary functionality is proposed that involves the processes from the detection of incidents over their analysis to the execution of appropriate reactions. An evaluation of a selection of implemented interacting components using technology such as OpenFlow or Snort generally proofs the concept.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Michael Heigl

    DecADe - Decentralized Anomaly Detection

    Posterpräsentation

    5. Tag der Forschung, Deggendorf

    2018

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Peter Semmelbauer

    Industrial-Ethernet-Protokolle: Sicherheitsrisiko Layer-2-Switch (Reprint)

    Bavarian Journal of Applied Sciences, vol. 3, no. 1, pp. 277-281

    2017

    Abstract anzeigen

    Der Einsatz bewährter, ethernetbasierter Technologien in der Automatisierungstechnik bringt viele Vorteile, aber birgt auch große Gefahren. Angriffsszenarien, die bisher nur im Office-Netzwerk eines Unternehmens anwendbar waren, lassen sich nun auch für Attacken auf Automationsebene nutzen. Ein bekanntes Szenario ist Port-Stealing. Dabei wird eine Schwachstelle in der Architektur von Layer-2-Switches genutzt. Wie ein solcher Angriff bei industriellen Ethernet-Protokollen funktioniert, wird nachfolgend am Beispiel von Profinet IO gezeigt. Using well-established, Ethernet-based systems in automation technology has many advantages, however, also harbors great dangers. Attack scenarios which had so far been limited to corporate office networks have now been extended to the automation level. Port stealing is a well-known method. The port stealing attack exploits weak spots in the layer 2 switch architecture. Using the example of Profinet IO, the following article illustrates how such an attack on industrial Ethernet communication protocols works in practice.