This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-05-11
Creation time: 12-16-15
--- Number of references
4
inproceedings
2024-wagner-madtls
Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication
2024
7
1
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-madtls.pdf
19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS '24), Singapur
Singapur
ACM ASIA Conference on Computer and Communications Security (AsiaCCS)
July 1-5, 2024
unpublished
1
EricWagner
DavidHeye
MartinSerror
IkeKunze
KlausWehrle
MartinHenze
inproceedings
2024_dahlmanns_ipv6-deployments
Unconsidered Installations: Discovering IoT Deployments in the IPv6 Internet
2024
5
10
Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data.
Internet of Things, security, Internet measurements, IPv6, address generators
internet-of-production
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
accepted
1
MarkusDahlmanns
FelixHeidenreich
JohannesLohmöller
JanPennekamp
KlausWehrle
MartinHenze
incollection
2024_matzutt_blockchain-content
Illicit Blockchain Content – Its Different Shapes, Consequences, and Remedies
2024
3
7
105
301-336
Augmenting public blockchains with arbitrary, nonfinancial content fuels novel applications that facilitate the interactions between mutually distrusting parties. However, new risks emerge at the same time when illegal content is added. This chapter thus provides a holistic overview of the risks of content insertion as well as proposed countermeasures. We first establish a simple framework for how content is added to the blockchain and subsequently distributed across the blockchain’s underlying peer-to-peer network. We then discuss technical as well as legal implications of this form of content distribution and give a systematic overview of basic methods and high-level services for inserting arbitrary blockchain content. Afterward, we assess to which extent these methods and services have been used in the past on the blockchains of Bitcoin Core, Bitcoin Cash, and Bitcoin SV, respectively. Based on this assessment of the current state of (unwanted) blockchain content, we discuss (a) countermeasures to mitigate its insertion, (b) how pruning blockchains relates to this issue, and (c) how strategically weakening the otherwise desired immutability of a blockchain allows for redacting objectionable content. We conclude this chapter by identifying future research directions in the domain of blockchain content insertion.
Blockchain content insertion; Illicit content; Pruning; Redaction
Springer
Advances in Information Security
10
Blockchains – A Handbook on Fundamentals, Platforms and Applications
978-3-031-32145-0
10.1007/978-3-031-32146-7_10
1
RomanMatzutt
MartinHenze
DirkMüllmann
KlausWehrle
inproceedings
2024-wagner-acns-aggregate
When and How to Aggregate Message Authentication Codes on Lossy Channels?
2024
3
5
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-mac-aggregation.pdf
22nd International Conference on Applied Cryptography and Network Security (ACNS '24), Abu Dhabi, UAE
Abu Dhabi, UAE
International Conference on Applied Cryptography and Network Security (ACNS)
March 5-9, 2024
accepted
1
EricWagner
MartinSerror
KlausWehrle
MartinHenze