% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-04-18 % Creation time: 13-35-47 % --- Number of references % 7 % @Inproceedings { 2022_kus_ensemble, title = {Poster: Ensemble Learning for Industrial Intrusion Detection}, year = {2022}, month = {12}, day = {8}, number = {RWTH-2022-10809}, abstract = {Industrial intrusion detection promises to protect networked industrial control systems by monitoring them and raising an alarm in case of suspicious behavior. Many monolithic intrusion detection systems are proposed in literature. These detectors are often specialized and, thus, work particularly well on certain types of attacks or monitor different parts of the system, e.g., the network or the physical process. Combining multiple such systems promises to leverage their joint strengths, allowing the detection of a wider range of attacks due to their diverse specializations and reducing false positives. We study this concept's feasibility with initial results of various methods to combine detectors.}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-ensemble-poster.pdf}, publisher = {RWTH Aachen University}, booktitle = {38th Annual Computer Security Applications Conference (ACSAC '22), December 5-9, 2022, Austin, TX, USA}, institution = {RWTH Aachen University}, event_place = {Austin, TX, USA}, event_name = {38th Annual Computer Security Applications Conference (ACSAC '22)}, event_date = {December 5-9, 2022}, DOI = {10.18154/RWTH-2022-10809}, reviewed = {1}, author = {Kus, Dominik and Wolsing, Konrad and Pennekamp, Jan and Wagner, Eric and Henze, Martin and Wehrle, Klaus} } @Inproceedings { 2022-kunze-coin-transport, title = {Evolving the End-to-End Transport Layer in Times of Emerging Computing In The Network (COIN)}, year = {2022}, month = {11}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kunze-coin-transport.pdf}, booktitle = {Proceedings of the 1st Workshop on New IP and Beyond, co-located with the 30th IEEE International Conference on Network Protocols}, event_place = {Lexington, Kentucky, USA}, event_name = {1st Workshop on New IP and Beyond, co-located with the 30th IEEE International Conference on Network Protocols}, event_date = {30 October, 2022}, DOI = {10.1109/ICNP55882.2022.9940379}, reviewed = {1}, author = {Kunze, Ike and Trossen, Dirk and Wehrle, Klaus} } @Inproceedings { 2022-sander-h3-prio-hol, title = {Analyzing the Influence of Resource Prioritization on HTTP/3 HOL Blocking and Performance}, year = {2022}, month = {6}, day = {27}, tags = {legato}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-sander-h3-prio-hol.pdf}, web_url2 = {https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper28.pdf}, publisher = {IFIP}, booktitle = {Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '22)}, event_place = {Enschede}, event_name = {Network Traffic Measurement and Analysis Conference}, event_date = {27.06.22-30.06.22}, ISBN = {978-3-903176-47-8}, reviewed = {1}, author = {Sander, Constantin and Kunze, Ike and Wehrle, Klaus} } @Inproceedings { 2022_kus_iids_generalizability, title = {A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection}, year = {2022}, month = {5}, day = {30}, pages = {73-84}, abstract = {Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 \%. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 \% and 14.7 \% for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks.}, keywords = {anomaly detection; machine learning; industrial control system}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan}, ISBN = {978-1-4503-9176-4/22/05}, DOI = {10.1145/3494107.3522773}, reviewed = {1}, author = {Kus, Dominik and Wagner, Eric and Pennekamp, Jan and Wolsing, Konrad and Fink, Ina Berenice and Dahlmanns, Markus and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_matzutt_redactchain, title = {A Moderation Framework for the Swift and Transparent Removal of Illicit Blockchain Content}, year = {2022}, month = {5}, day = {3}, abstract = {Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads. In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation.}, keywords = {redactable blockchain; illicit content; chameleon hash functions; threshold cryptography}, tags = {mynedata; impact-digital; digital-campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805508}, reviewed = {1}, author = {Matzutt, Roman and Ahlrichs, Vincent and Pennekamp, Jan and Karwacik, Roman and Wehrle, Klaus} } @Article { 2022_brauner_iop, title = {A Computer Science Perspective on Digital Transformation in Production}, journal = {ACM Transactions on Internet of Things}, year = {2022}, month = {5}, day = {1}, volume = {3}, number = {2}, abstract = {The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality.}, keywords = {Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf}, publisher = {ACM}, ISSN = {2691-1914}, DOI = {10.1145/3502265}, reviewed = {1}, author = {Brauner, Philipp and Dalibor, Manuela and Jarke, Matthias and Kunze, Ike and Koren, Istv{\'a}n and Lakemeyer, Gerhard and Liebenberg, Martin and Michael, Judith and Pennekamp, Jan and Quix, Christoph and Rumpe, Bernhard and van der Aalst, Wil and Wehrle, Klaus and Wortmann, Andreas and Ziefle, Martina} } @Techreport { draft-irtf-coinrg-use-cases-02, title = {Use Cases for In-Network Computing}, year = {2022}, month = {3}, number = {draft-irtf-coinrg-use-cases-02}, note = {expires: 8 September 2022 (work in progress)}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/draft-irtf-coinrg-use-cases-02.pdf}, web_url = {https://datatracker.ietf.org/doc/draft-irtf-coinrg-use-cases/}, misc2 = {Online}, publisher = {IETF Trust}, series = {Internet Drafts}, organization = {Internet Engineering Task Force}, institution = {Internet Engineering Task Force}, author = {Kunze, Ike and Wehrle, Klaus and Trossen, Dirk and Montpetit, Marie-Jos{\'e} and de Foy, Xavier and Griffin, David and Rio, Miguel} }