Publikationen


Suche nach „[Michael] [Heigl]“ hat 14 Publikationen gefunden
Suchergebnis als PDF
    DigitalNachhaltigElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, D. Fiala, Laurin Dörr, Michael Heigl

    On the Energy Consumption of Quantum-resistant Cryptographic Software Implementations Suitable for Wireless Sensor Networks

    Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (July 26-28, 2019; Prague, Czech Republic), vol. Vol. 2 (SECRYPT 2019 : 16th International Conference on Security and Cryptography)

    2019

    DOI: 10.5220/0007835600720083

    Abstract anzeigen

    For an effective protection of the communication in Wireless Sensor Networks (WSN) facing e.g. threats by quantum computers in the near future, it is necessary to examine the applicability of quantum-resistant mechanisms in this field. It is the aim of this article to survey possible candidate schemes utilizable on sensor nodes and to compare the energy consumption of a selection of freely-available software implementations using a WSN-ready Texas Instruments CC1350 LaunchPad ARM® Cortex®-M3 microcontroller board.

    DigitalNachhaltigElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, D. Fiala, Laurin Dörr, Michael Heigl

    Comparison of Energy-Efficient Key Management Protocols for Wireless Sensor Networks

    Proceedings of the 2019 International Electronics Communication Conference (IECC '19) [July 7-9, 2019; Okinawa, Japan]

    2019

    DOI: 10.1145/3343147.3343156

    Abstract anzeigen

    A Wireless Sensor Network (WSN) contains small sensor nodes which monitor physical or environmental conditions. WSN is an important technology for digitalization of industrial periphery and is often used in environments which are not hardened against security impacts. These networks are easy to attack due to the open communication medium and low computing resources of the applied devices. Establishing security mechanisms is difficult while taking into account low energy consumption. Low cost sensors with limited resources make the implementation of cryptographic algorithms even more challenging. For WSNs cryptographic functions are needed without high impact on energy consumption and latency. Therefore, security in WSNs is a challenging field of research. This paper compares lightweight energy-efficient key exchange protocols which are suitable for WSN. The protocols were also implemented in WSN-capable Texas Instrument boards and the energy consumption was measured during the key exchange. This paper shows that schemes have to be chosen depending on the specific network requirements and that the usage of asymmetric cryptography does not always result in a high energy consumption.

    DigitalMobilElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, D. Fiala, Michael Heigl

    A Lightweight Quantum-Safe Security Concept for Wireless Sensor Network Communication

    Proceedings of the IEEE Annual International Conference on Pervasive Computing and Communications Workshops (March 11-15, 2019; Kyoto, Japan)

    2019

    ISBN: 978-1-5386-9150-2

    DOI: 10.1109/PERCOMW.2019.8730749

    Abstract anzeigen

    The ubiquitous internetworking of devices in all areas of life is boosted by various trends for instance the Internet of Things. Promising technologies that can be used for such future environments come from Wireless Sensor Networks. It ensures connectivity between distributed, tiny and simple sensor nodes as well as sensor nodes and base stations in order to monitor physical or environmental conditions such as vibrations, temperature or motion. Security plays an increasingly important role in the coming decades in which attacking strategies are becoming more and more sophisticated. Contemporary cryptographic mechanisms face a great threat from quantum computers in the near future and together with Intrusion Detection Systems are hardly applicable on sensors due to strict resource constraints. Thus, in this work a future-proof lightweight and resource-aware security concept for sensor networks with a processing stage permeated filtering mechanism is proposed. A special focus in the concepts evaluation lies on the novel Magic Number filter to mitigate a special kind of Denial-of-Service attack performed on CC1350 LaunchPad ARM Cortex-M3 microcontroller boards.

    DigitalMobilElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Nicolas Tiefnig, Martin Schramm, D. Fiala, Laurin Dörr, Michael Heigl

    A Resource-Preserving Self-Regulating Uncoupled MAC Algorithm to be Applied in Incident Detection

    Computers & Security, vol. 85, no. August, pp. 270-285

    2019

    DOI: 10.1016/j.cose.2019.05.010

    Abstract anzeigen

    The connectivity of embedded systems is increasing accompanied with thriving technology such as Internet of Things/Everything (IoT/E), Connected Cars, Smart Cities, Industry 4.0, 5G or Software-Defined Everything. Apart from the benefits of these trends, the continuous networking offers hackers a broad spectrum of attack vectors. The identification of attacks or unknown behavior through Intrusion Detection Systems (IDS) has established itself as a conducive and mandatory mechanism apart from the protection by cryptographic schemes in a holistic security eco-system. In systems where resources are valuable goods and stand in contrast to the ever increasing amount of network traffic, sampling has become a useful utility in order to detect malicious activities on a manageable amount of data. In this work an algorithm – Uncoupled MAC – is presented which secures network communication through a cryptographic scheme by uncoupled Message Authentication Codes (MAC) but as a side effect also provides IDS functionality producing alarms based on the violation of Uncoupled MAC values. Through a novel self-regulation extension, the algorithm adapts it’s sampling parameters based on the detection of malicious actions. The evaluation in a virtualized environment clearly shows that the detection rate increases over runtime for different attack scenarios. Those even cover scenarios in which intelligent attackers try to exploit the downsides of sampling.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Zeitschriftenartikel

    Martin Schramm, R. Dojen, Michael Heigl

    A Vendor-Neutral Unified Core for Cryptographic Operations in GF(p) and GF( 2m ) Based on Montgomery Arithmetic (Article ID 4983404)

    Security and Communication Networks, no. 9, pp. 1-18

    2018

    DOI: 10.1155/2018/4983404

    Abstract anzeigen

    In the emerging IoT ecosystem in which the internetworking will reach a totally new dimension the crucial role of efficient security solutions for embedded devices will be without controversy. Typically IoT-enabled devices are equipped with integrated circuits, such as ASICs or FPGAs to achieve highly specific tasks. Such devices must have cryptographic layers implemented and must be able to access cryptographic functions for encrypting/decrypting and signing/verifying data using various algorithms and generate true random numbers, random primes, and cryptographic keys. In the context of a limited amount of resources that typical IoT devices will exhibit, due to energy efficiency requirements, efficient hardware structures in terms of time, area, and power consumption must be deployed. In this paper, we describe a scalable word-based multivendor-capable cryptographic core, being able to perform arithmetic operations in prime and binary extension finite fields based on Montgomery Arithmetic. The functional range comprises the calculation of modular additions and subtractions, the determination of the Montgomery Parameters, and the execution of Montgomery Multiplications and Montgomery Exponentiations. A prototype implementation of the adaptable arithmetic core is detailed. Furthermore, the decomposition of cryptographic algorithms to be used together with the proposed core is stated and a performance analysis is given.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, D. Fiala, Amar Almaini, Laurin Dörr, Michael Heigl

    Incident Reaction Based on Intrusion Detections’ Alert Analysis

    Proceedings of the 23rd International Conference on Applied Electronics (AE) 2018 (University of West Bohemia, Pilsen, Czech Republic; September 11-12, 2018)

    2018

    DOI: 10.23919/AE.2018.8501419

    Abstract anzeigen

    The protection of internetworked systems by cryptographic techniques have crystallized as a fundamental aspect in establishing secure systems. Complementary, detection mechanisms for instance based on Intrusion Detection Systems has established itself as a fundamental part in holistic security eco-systems in the previous years. However, the interpretation of and reaction on detected incidents is still a challenging task. In this paper an incident handling environment with relevant components and exemplary functionality is proposed that involves the processes from the detection of incidents over their analysis to the execution of appropriate reactions. An evaluation of a selection of implemented interacting components using technology such as OpenFlow or Snort generally proofs the concept.

    DigitalInstitut ProtectITTC Grafenau

    Zeitschriftenartikel

    Karl Leidl, Robert Hable, Michael Fernandes, Nari Arunraj, Michael Heigl

    Comparison of Supervised, Semi-supervised and Unsupervised Learning Methods in Network Intrusion Detection Systems (NIDS) Application

    Anwendungen und Konzepte in der Wirtschaftsinformatik (AKWI), no. 6, pp. 10-19

    2017

    Abstract anzeigen

    With the emergence of the fourth industrial revolution (Industrie 4.0) of cyber physical systems, intrusion detection systems are highly necessary to detect industrial network attacks. Recently, the increase in application of specialized machine learning techniques is gaining critical attention in the intrusion detection community. A wide variety of learning techniques proposed for different network intrusion detection system (NIDS) problems can be roughly classified into three broad categories: supervised, semi-supervised and unsupervised. In this paper, a comparative study of selected learning methods from each of these three kinds is carried out. In order to assess these learning methods, they are subjected to investigate network traffic datasets from an Airplane Cabin Demonstrator. In addition to this, the imbalanced classes (normal and anomaly classes) that are present in the captured network traffic data is one of the most crucial issues to be taken into consideration. From this investigation, it has been identified that supervised learning methods (logistic and lasso logistic regression methods) perform better than other methodswhen historical data on former attacks are available. The results of this study have also showed that the performance of semi-supervised learning method (One class support vector machine) is comparatively better than unsupervised learning method (Isolation Forest) when historical data on former attacks are not available.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, R. Dojen, Michael Heigl

    Experimental assessment of FIRO- and GARO-based noise sources for digital TRNG designs on FPGAs

    Proceedings of the 22nd International Conference on Applied Electronics (AE 2017) [Sep 5-7, 2017; University of West Bohemia, Pilsen, Czech Republic]

    2017

    DOI: 10.23919/AE.2017.8053618

    Abstract anzeigen

    The quality of TRNG designs mainly depends on the grade of the noise source from which the entropy will be harvested to extract randomness. Especially for purely digital noise sources suitable for FPGA implementations the use of Ring Oscillators is suggested in many scientific publications. Standard Ring Oscillator based noise sources however have earned some criticism regarding the amount of entropy generated. On this account different enhancements have been proposed, with Fibonacci Ring Oscillators (FIROs) and Galois Ring Oscillators (GAROs) being prominent examples, which under some circumstances are able to sustain a chaotic oscillation suitable for entropy extraction. This paper deals with the assessment of fully constrained FIRO and GARO noise source designs for a specific target FPGA. Due to the restrictive placement of ring elements the assessment yielded new criteria for choosing proper FIRO/GARO feedback configurations and an enhanced sampling method for entropy extraction has been derived.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Martin Schramm, D. Fiala, Laurin Dörr, Michael Heigl

    Assessment simulation model for uncoupled message authentication

    Proceedings of the 22nd International Conference on Applied Electronics (AE 2017) [Sep 5-7, 2017; University of West Bohemia, Pilsen, Czech Republic]

    2017

    DOI: 10.23919/AE.2017.8053580

    Abstract anzeigen

    Today's trend of an increasing number of networked embedded devices pervades many areas. Ranging from home automation, industrial or automotive applications with a large number of different protocols, low resources and often high demands on real-time make it difficult to secure the communication of such systems. A concept of an uncoupled MAC which is able to ensure the authenticity and integrity of communication flows between two network parties can be used. This is in particular of advance for outdated legacy components still participating in the network. In this paper a assessment simulation model of the mechanism behind this technology is described. It outlines the probability of detecting an attack depending on the message authentication overhead. The model considers all control variables and performs measurements based on random data traffic. The results of the statistical analysis state that a high attack detection rate can be obtained even with a small communication overhead.

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Andreas Grzemba, Martin Schramm, Laurin Dörr, Michael Heigl

    Embedded Plug-In Devices to Secure Industrial Network Communications

    IEEE Proceedings of the 21st International Conference on Applied Electronics (Sept 6-7 2016, Pilsen, Czech Republic)

    2016

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Beitrag (Sammelband oder Tagungsband)

    Andreas Fuchs, Andreas Grzemba, Martin Aman, Michael Heigl

    Industrial Legacy System Communication Through Interconnected Embedded Plug-In Devices

    Applied Research Conference 2016

    2016

    ISBN: 978-3-86460-494-2

    DigitalElektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Michael Heigl

    DecADe - Decentralized Anomaly Detection

    Posterpräsentation

    5. Tag der Forschung, Deggendorf

    Elektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Andreas Grzemba, Christian Boiger, Laurin Dörr, Michael Heigl

    IT-Security-Architektur für Next-Generation Kommunikationssysteme im Automobil

    32. VDI/VW-Gemeinschaftstagung: Fahrerassistenzsysteme und automatisiertes Fahren, Wolfsburg

    Elektrotechnik und MedientechnikInstitut ProtectIT

    Vortrag

    Andreas Grzemba, Martin Aman, Karl Leidl, Michael Heigl

    Intrusion Detection Sensoren für industrielle Netzwerke

    CYBICS - Cyber Security for Industrial Control Systems (Workshop & Konferenz für IT-Sicherheit in der Industrie), Würzburg