% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-10-16 % Creation time: 03-38-45 % --- Number of references % 5 % @Inproceedings { 2024-wolsing-deployment, title = {Deployment Challenges of Industrial Intrusion Detection Systems}, year = {2024}, month = {9}, abstract = {With the escalating threats posed by cyberattacks on Industrial Control Systems (ICSs), the development of customized Industrial Intrusion Detection Systems (IIDSs) received significant attention in research. While existing literature proposes effective IIDS solutions evaluated in controlled environments, their deployment in real-world industrial settings poses several challenges. This paper highlights two critical yet often overlooked aspects that significantly impact their practical deployment, i.e., the need for sufficient amounts of data to train the IIDS models and the challenges associated with finding suitable hyperparameters, especially for IIDSs training only on genuine ICS data. Through empirical experiments conducted on multiple state-of-the-art IIDSs and diverse datasets, we establish the criticality of these issues in deploying IIDSs. Our findings show the necessity of extensive malicious training data for supervised IIDSs, which can be impractical considering the complexity of recording and labeling attacks in actual industrial environments. Furthermore, while other IIDSs circumvent the previous issue by requiring only benign training data, these can suffer from the difficulty of setting appropriate hyperparameters, which likewise can diminish their performance. By shedding light on these challenges, we aim to enhance the understanding of the limitations and considerations necessary for deploying effective cybersecurity solutions in ICSs, which might be one reason why IIDSs see few deployments.}, keywords = {Industrial Intrusion Detection Systems, Cyber-Physical Systems, Industrial Control Systems, Deployment}, web_url = {https://arxiv.org/pdf/2403.01809}, publisher = {Springer}, booktitle = {Proceedings of the 10th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems (CyberICPS '24), co-located with the the 29th European Symposium on Research in Computer Security (ESORICS '24)}, event_place = {Bydgoszcz, Poland}, event_name = {10th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems (CyberICPS 2024)}, event_date = {September 16-20, 2024}, state = {accepted}, language = {English}, reviewed = {1}, author = {Wolsing, Konrad and Wagner, Eric and Basels, Frederik and Wagner, Patrick and Wehrle, Klaus} } @Inproceedings { 2024-wagner-madtls, title = {Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication}, year = {2024}, month = {7}, day = {1}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-madtls.pdf}, publisher = {ACM}, booktitle = {19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS '24), Singapur}, event_place = {Singapur}, event_name = {ACM ASIA Conference on Computer and Communications Security (AsiaCCS)}, event_date = {July 1-5, 2024}, DOI = {10.1145/3634737.3637640}, reviewed = {1}, author = {Wagner, Eric and Heye, David and Serror, Martin and Kunze, Ike and Wehrle, Klaus and Henze, Martin} } @Incollection { 2024_pennekamp_blockchain-industry, title = {Blockchain Technology Accelerating Industry 4.0}, year = {2024}, month = {3}, day = {7}, volume = {105}, pages = {531-564}, abstract = {Competitive industrial environments impose significant requirements on data sharing as well as the accountability and verifiability of related processes. Here, blockchain technology emerges as a possible driver that satisfies demands even in settings with mutually distrustful stakeholders. We identify significant benefits achieved by blockchain technology for Industry 4.0 but also point out challenges and corresponding design options when applying blockchain technology in the industrial domain. Furthermore, we survey diverse industrial sectors to shed light on the current intersection between blockchain technology and industry, which provides the foundation for ongoing as well as upcoming research. As industrial blockchain applications are still in their infancy, we expect that new designs and concepts will develop gradually, creating both supporting tools and groundbreaking innovations.}, tags = {internet-of-production}, publisher = {Springer}, series = {Advances in Information Security}, chapter = {17}, booktitle = {Blockchains – A Handbook on Fundamentals, Platforms and Applications}, ISBN = {978-3-031-32145-0}, DOI = {10.1007/978-3-031-32146-7_17}, reviewed = {1}, author = {Pennekamp, Jan and Bader, Lennart and Wagner, Eric and Hiller, Jens and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2024-wagner-acns-aggregate, title = {When and How to Aggregate Message Authentication Codes on Lossy Channels?}, year = {2024}, month = {3}, day = {5}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-mac-aggregation.pdf}, booktitle = {22nd International Conference on Applied Cryptography and Network Security (ACNS '24), Abu Dhabi, UAE}, event_place = {Abu Dhabi, UAE}, event_name = {International Conference on Applied Cryptography and Network Security (ACNS)}, event_date = {March 5-9, 2024}, state = {accepted}, reviewed = {1}, author = {Wagner, Eric and Serror, Martin and Wehrle, Klaus and Henze, Martin} } @Article { 2024_pennekamp_supply-chain-survey, title = {An Interdisciplinary Survey on Information Flows in Supply Chains}, journal = {ACM Computing Surveys}, year = {2024}, month = {2}, day = {1}, volume = {56}, number = {2}, abstract = {Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.}, keywords = {information flows; data communication; supply chain management; data security; data sharing; systematic literature review}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf}, publisher = {ACM}, ISSN = {0360-0300}, DOI = {10.1145/3606693}, reviewed = {1}, author = {Pennekamp, Jan and Matzutt, Roman and Klinkm{\"u}ller, Christopher and Bader, Lennart and Serror, Martin and Wagner, Eric and Malik, Sidra and Spi{\ss}, Maria and Rahn, Jessica and G{\"u}rpinar, Tan and Vlad, Eduard and Leemans, Sander J. J. and Kanhere, Salil S. and Stich, Volker and Wehrle, Klaus} }