% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-07-27 % Creation time: 06-49-35 % --- Number of references % 4 % @Inproceedings { 2024-saillard-exploring, title = {Exploring Anomaly Detection for Marine Radar Systems}, year = {2024}, month = {9}, abstract = {Marine radar systems are a core technical instrument for collision avoidance in shipping and an indispensable decision-making aid for navigators on the ship’s bridge in limited visibility conditions at sea, in straits, and harbors. While electromagnetic attacks against radars can be carried out externally, primarily by military actors, research has recently shown that marine radar is also vulnerable to attacks from cyberspace. These can be carried out internally, less “loudly”, and with significantly less effort and know-how, thus posing a general threat to the shipping industry, the global maritime transport system, and world trade. Based on cyberattacks discussed in the scientific community and a simulation environment for marine radar systems, we investigate in this work to which extent existing Intrusion Detection System (IDS) solutions can secure vessels’ radar systems, how effective their detection capability is, and where their limits lie. From this, we derive a research gap for radar-specific methods and present the first two approaches in that direction. Thus, we pave the way for necessary future developments of anomaly detection specific for marine navigation radars.}, keywords = {Marine Radar Systems, Maritime Cyber Security, Intrusion Detection Systems, Anomaly Detection, Navico BR24}, publisher = {Springer}, booktitle = {Proceedings of the 10th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems (CyberICPS '24), co-located with the the 29th European Symposium on Research in Computer Security (ESORICS '24)}, event_place = {Bydgoszcz, Poland}, event_name = {10th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems (CyberICPS 2024)}, event_date = {September 16-20, 2024}, state = {accepted}, language = {English}, reviewed = {1}, author = {Saillard, Antoine and Wolsing, Konrad and Wehrle, Klaus and Bauer, Jan} } @Inproceedings { 2023-wolsing-xluuvlab, title = {XLab-UUV – A Virtual Testbed for Extra-Large Uncrewed Underwater Vehicles}, year = {2023}, month = {10}, abstract = {Roughly two-thirds of our planet is covered with water, and so far, the oceans have predominantly been used at their surface for the global transport of our goods and commodities. Today, there is a rising trend toward subsea infrastructures such as pipelines, telecommunication cables, or wind farms which demands potent vehicles for underwater work. To this end, a new generation of vehicles, large and Extra-Large Unmanned Underwater Vehicles (XLUUVs), is currently being engineered that allow for long-range, remotely controlled, and semi-autonomous missions in the deep sea. However, although these vehicles are already heavily developed and demand state-of-the-art communi- cation technologies to realize their autonomy, no dedicated test and development environments exist for research, e.g., to assess the implications on cybersecurity. Therefore, in this paper, we present XLab-UUV, a virtual testbed for XLUUVs that allows researchers to identify novel challenges, possible bottlenecks, or vulnerabilities, as well as to develop effective technologies, protocols, and procedures.}, keywords = {Maritime Simulation Environment, XLUUV, Cyber Range, Autonomous Shipping, Operational Technology}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-wolsing-xluuvlab.pdf}, publisher = {IEEE}, booktitle = {1st IEEE LCN Workshop on Maritime Communication and Security (MarCaS)}, event_place = {Daytona Beach, Florida, USA}, event_name = {1st IEEE LCN Workshop on Maritime Communication and Security (MarCaS)}, event_date = {Oktober 1-5, 2023}, state = {accepted}, language = {en}, DOI = {10.1109/LCN58197.2023.10223405}, reviewed = {1}, author = {Wolsing, Konrad and Saillard, Antoine and Padilla, Elmar and Bauer, Jan} } @Inproceedings { 2022-wolsing-ipal, title = {IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems}, year = {2022}, month = {10}, day = {26}, abstract = {The increasing interconnection of industrial networks exposes them to an ever-growing risk of cyber attacks. To reveal such attacks early and prevent any damage, industrial intrusion detection searches for anomalies in otherwise predictable communication or process behavior. However, current efforts mostly focus on specific domains and protocols, leading to a research landscape broken up into isolated silos. Thus, existing approaches cannot be applied to other industries that would equally benefit from powerful detection. To better understand this issue, we survey 53 detection systems and find no fundamental reason for their narrow focus. Although they are often coupled to specific industrial protocols in practice, many approaches could generalize to new industrial scenarios in theory. To unlock this potential, we propose IPAL, our industrial protocol abstraction layer, to decouple intrusion detection from domain-specific industrial protocols. After proving IPAL’s correctness in a reproducibility study of related work, we showcase its unique benefits by studying the generalizability of existing approaches to new datasets and conclude that they are indeed not restricted to specific domains or protocols and can perform outside their restricted silos.}, url = {/fileadmin/papers/2022/2022-wolsing-ipal.pdf}, booktitle = {Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2022)}, DOI = {10.1145/3545948.3545968}, reviewed = {1}, author = {Wolsing, Konrad and Wagner, Eric and Saillard, Antoine and Henze, Martin} } @Proceedings { 2022-wolsing-radarsec, title = {Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset}, year = {2022}, month = {9}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-radar.pdf}, publisher = {IEEE}, event_place = {Edmonton, Canada}, event_name = {47th IEEE Conference on Local Computer Networks (LCN)}, event_date = {September 26-29, 2022}, DOI = {10.1109/LCN53696.2022.9843801}, reviewed = {1}, author = {Wolsing, Konrad and Saillard, Antoine and Bauer, Jan and Wagner, Eric and van Sloun, Christian and Fink, Ina Berenice and Schmidt, Mari and Wehrle, Klaus and Henze, Martin} }