% % This file was created by the TYPO3 extension % bib % --- Timezone: CET % Creation date: 2024-03-28 % Creation time: 22-41-28 % --- Number of references % 10 % @Inproceedings { 2022-serror-ccs-inside, title = {Poster: INSIDE - Enhancing Network Intrusion Detection in Power Grids with Automated Facility Monitoring}, year = {2022}, month = {11}, day = {7}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-serror-ccs-inside.pdf}, publisher = {ACM}, howpublished = {online}, booktitle = {Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security}, event_place = {Los Angeles, CA, USA}, event_date = {November 8, 2022}, DOI = {10.1145/3548606.3563500}, reviewed = {1}, author = {Serror, Martin and Bader, Lennart and Henze, Martin and Schwarze, Arne and N{\"u}rnberger, Kai} } @Inproceedings { 2022-rechenberg-cim, title = {Guiding Ship Navigators through the Heavy Seas of Cyberattacks}, year = {2022}, month = {10}, keywords = {Maritime Cybersecurity, Intrusion Detection System, Integrated Bridge System, IEC 61162-450, NMEA 0183}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-rechenberg-guiding.pdf}, web_url = {https://zenodo.org/record/7148794}, publisher = {Zenodo}, booktitle = {European Workshop on Maritime Systems Resilience and Security (MARESEC 2022)}, event_place = {Bremerhaven, Germany}, DOI = {10.5281/zenodo.7148794}, reviewed = {1}, author = {von Rechenberg, Merlin and R{\"o}{\ss}ler, Nina and Schmidt, Mari and Wolsing, Konrad and Motz, Florian and Bergmann, Michael and Padilla, Elmar and Bauer, Jan} } @Proceedings { 2022-wolsing-radarsec, title = {Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset}, year = {2022}, month = {9}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-radar.pdf}, publisher = {IEEE}, event_place = {Edmonton, Canada}, event_name = {47th IEEE Conference on Local Computer Networks (LCN)}, event_date = {September 26-29, 2022}, DOI = {10.1109/LCN53696.2022.9843801}, reviewed = {1}, author = {Wolsing, Konrad and Saillard, Antoine and Bauer, Jan and Wagner, Eric and van Sloun, Christian and Fink, Ina Berenice and Schmidt, Mari and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022-schemmel-kdalloc, title = {A Deterministic Memory Allocator for Dynamic Symbolic Execution}, year = {2022}, month = {6}, tags = {safe}, url = {https://drops.dagstuhl.de/opus/volltexte/2022/16237/pdf/LIPIcs-ECOOP-2022-9.pdf}, booktitle = {European Conference on Object-Oriented Programming (ECOOP 2022)}, DOI = {10.4230/LIPIcs.ECOOP.2022.9}, reviewed = {1}, author = {Schemmel, Daniel and B{\"u}ning, Julian and Busse, Frank and Nowack, Martin and Cadar, Cristian} } @Inproceedings { 2022_dahlmanns_tlsiiot, title = {Missed Opportunities: Measuring the Untapped TLS Support in the Industrial Internet of Things}, year = {2022}, month = {5}, day = {31}, pages = {252-266}, abstract = {The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and authentication, (i) traditional industrial protocols, e.g., Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g., MQTT, are directly designed to use TLS. To understand whether these changes indeed lead to secure Industrial Internet of Things deployments, i.e., using TLS-based protocols, which are configured according to security best practices, we perform an Internet-wide security assessment of ten industrial protocols covering the complete IPv4 address space. Our results show that both, retrofitted existing protocols and newly developed secure alternatives, are barely noticeable in the wild. While we find that new protocols have a higher TLS adoption rate than traditional protocols (7.2 \% vs. 0.4 \%), the overall adoption of TLS is comparably low (6.5 \% of hosts). Thus, most industrial deployments (934,736 hosts) are insecurely connected to the Internet. Furthermore, we identify that 42 \% of hosts with TLS support (26,665 hosts) show security deficits, e.g., missing access control. Finally, we show that support in configuring systems securely, e.g., via configuration templates, is promising to strengthen security.}, keywords = {industrial communication; network security; security configuration}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-dahlmanns-asiaccs.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan}, event_place = {Nagasaki, Japan}, event_name = {ASIACCS '22}, event_date = {May 30-June 3, 2022}, ISBN = {978-1-4503-9140-5/22/05}, DOI = {10.1145/3488932.3497762}, reviewed = {1}, author = {Dahlmanns, Markus and Lohm{\"o}ller, Johannes and Pennekamp, Jan and Bodenhausen, J{\"o}rn and Wehrle, Klaus and Henze, Martin} } @Inproceedings { WagnerBH2022, title = {Take a Bite of the Reality Sandwich: Revisiting the Security of Progressive Message Authentication Codes}, year = {2022}, month = {5}, day = {18}, pages = {207-221}, url = {/fileadmin/papers/2022/2022-wagner-r2d2.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '22)}, event_place = {San Antonio, Texas, USA}, event_name = {15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '22)}, ISBN = {978-1-4503-9216-7/22/05}, DOI = {10.1145/3507657.3528539}, reviewed = {1}, author = {Wagner, Eric and Bauer, Jan and Henze, Martin} } @Inproceedings { 2022_wagner_ccchain, title = {Scalable and Privacy-Focused Company-Centric Supply Chain Management}, year = {2022}, month = {5}, day = {4}, abstract = {Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.}, keywords = {supply chain management; blockchain; permissionless; deployment; tracing and tracking; privacy}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wagner-ccchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805503}, reviewed = {1}, author = {Wagner, Eric and Matzutt, Roman and Pennekamp, Jan and Bader, Lennart and Bajelidze, Irakli and Wehrle, Klaus and Henze, Martin} } @Article { 2022_brauner_iop, title = {A Computer Science Perspective on Digital Transformation in Production}, journal = {ACM Transactions on Internet of Things}, year = {2022}, month = {5}, day = {1}, volume = {3}, number = {2}, abstract = {The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality.}, keywords = {Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf}, publisher = {ACM}, ISSN = {2691-1914}, DOI = {10.1145/3502265}, reviewed = {1}, author = {Brauner, Philipp and Dalibor, Manuela and Jarke, Matthias and Kunze, Ike and Koren, Istv{\'a}n and Lakemeyer, Gerhard and Liebenberg, Martin and Michael, Judith and Pennekamp, Jan and Quix, Christoph and Rumpe, Bernhard and van der Aalst, Wil and Wehrle, Klaus and Wortmann, Andreas and Ziefle, Martina} } @Article { 2022-wolsing-aistracks, title = {Anomaly Detection in Maritime AIS Tracks: A Review of Recent Approaches}, journal = {Journal of Marine Science and Engineering}, year = {2022}, month = {1}, day = {14}, volume = {10}, number = {1}, abstract = {The automatic identification system (AIS) was introduced in the maritime domain to increase the safety of sea traffic. AIS messages are transmitted as broadcasts to nearby ships and contain, among others, information about the identification, position, speed, and course of the sending vessels. AIS can thus serve as a tool to avoid collisions and increase onboard situational awareness. In recent years, AIS has been utilized in more and more applications since it enables worldwide surveillance of virtually any larger vessel and has the potential to greatly support vessel traffic services and collision risk assessment. Anomalies in AIS tracks can indicate events that are relevant in terms of safety and also security. With a plethora of accessible AIS data nowadays, there is a growing need for the automatic detection of anomalous AIS data. In this paper, we survey 44 research articles on anomaly detection of maritime AIS tracks. We identify the tackled AIS anomaly types, assess their potential use cases, and closely examine the landscape of recent AIS anomaly research as well as their limitations.}, keywords = {automatic identification system; AIS; anomaly detection; maritime safety; maritime security; maritime surveillance}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-aistracks.pdf}, web_url = {https://www.mdpi.com/2077-1312/10/1/112}, language = {en}, DOI = {10.3390/jmse10010112}, reviewed = {1}, author = {Wolsing, Konrad and Roepert, Linus and Bauer, Jan and Wehrle, Klaus} } @Inproceedings { lorenz-ven2us-2022, title = {Interconnected network protection systems - the basis for the reliable and safe operation of distribution grids with a high penetration of renewable energies and electric vehicle}, year = {2022}, abstract = {Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development. In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests.}, tags = {ven2us}, booktitle = {Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal}, event_place = {Porto}, event_name = {CIRED workshop on E-mobility and power distribution systems 2022}, event_date = {June 2-3, 2022}, DOI = {10.1049/icp.2022.0768}, reviewed = {1}, author = {Lorenz, Matthias and Pletzer, Tobias Markus and Schuhmacher, Malte and Sowa, Torsten and Dahms, Michael and Stock, Simon and Babazadeh, Davood and Becker, Christian and Jaeger, Johann and Lorz, Tobias and Dahlmanns, Markus and Fink, Ina Berenice and Wehrle, Klaus and Ulbig, Andreas and Linnartz, Philipp and Selimaj, Antigona and Offergeld, Thomas} }