This file was created by the TYPO3 extension
bib
--- Timezone: UTC
Creation date: 2025-02-17
Creation time: 21-44-53
--- Number of references
10
inproceedings
2022_pennekamp_cumul
CUMUL & Co: High-Impact Artifacts for Website Fingerprinting Research
2022
12
8
RWTH-2022-10811
Anonymous communication on the Internet is about hiding the relationship between communicating parties. At NDSS '16, we presented a new website fingerprinting approach, CUMUL, that utilizes novel features and a simple yet powerful algorithm to attack anonymization networks such as Tor. Based on pattern observation of data flows, this attack aims at identifying the content of encrypted and anonymized connections. Apart from the feature generation and the used classifier, we also provided a large dataset to the research community to study the attack at Internet scale. In this paper, we emphasize the impact of our artifacts by analyzing publications referring to our work with respect to the dataset, feature extraction method, and source code of the implementation. Based on this data, we draw conclusions about the impact of our artifacts on the research field and discuss their influence on related cybersecurity topics. Overall, from 393 unique citations, we discover more than 130 academic references that utilize our artifacts, 61 among them are highly influential (according to SemanticScholar), and at least 35 are from top-ranked security venues. This data underlines the significant relevance and impact of our work as well as of our artifacts in the community and beyond.
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-pennekamp-cumul-artifacts.pdf
https://www.acsac.org/2022/program/artifacts_competition/
ACSA
Cybersecurity Artifacts Competition and Impact Award at 38th Annual Computer Security Applications Conference (ACSAC '22), December 5-9, 2022, Austin, TX, USA
Austin, TX, USA
38th Annual Computer Security Applications Conference (ACSAC '22)
December 5-9, 2022
10.18154/RWTH-2022-10811
1
JanPennekamp
MartinHenze
AndreasZinnen
FabianLanze
KlausWehrle
AndriyPanchenko
inproceedings
2022_kus_ensemble
Poster: Ensemble Learning for Industrial Intrusion Detection
2022
12
8
RWTH-2022-10809
Industrial intrusion detection promises to protect networked industrial control systems by monitoring them and raising an alarm in case of suspicious behavior. Many monolithic intrusion detection systems are proposed in literature. These detectors are often specialized and, thus, work particularly well on certain types of attacks or monitor different parts of the system, e.g., the network or the physical process. Combining multiple such systems promises to leverage their joint strengths, allowing the detection of a wider range of attacks due to their diverse specializations and reducing false positives. We study this concept's feasibility with initial results of various methods to combine detectors.
rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-ensemble-poster.pdf
RWTH Aachen University
38th Annual Computer Security Applications Conference (ACSAC '22), December 5-9, 2022, Austin, TX, USA
RWTH Aachen University
Austin, TX, USA
38th Annual Computer Security Applications Conference (ACSAC '22)
December 5-9, 2022
10.18154/RWTH-2022-10809
1
DominikKus
KonradWolsing
JanPennekamp
EricWagner
MartinHenze
KlausWehrle
inproceedings
2022-rechenberg-cim
Guiding Ship Navigators through the Heavy Seas of Cyberattacks
2022
10
Maritime Cybersecurity, Intrusion Detection System, Integrated Bridge System, IEC 61162-450, NMEA 0183
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-rechenberg-guiding.pdf
https://zenodo.org/record/7148794
Zenodo
European Workshop on Maritime Systems Resilience and Security (MARESEC 2022)
Bremerhaven, Germany
10.5281/zenodo.7148794
1
Merlinvon Rechenberg
NinaRößler
MariSchmidt
KonradWolsing
FlorianMotz
MichaelBergmann
ElmarPadilla
JanBauer
inproceedings
2022_lohmoeller_sovereignty
On the Need for Strong Sovereignty in Data Ecosystems
2022
9
5
3306
51-63
Data ecosystems are the foundation of emerging data-driven business models as they (i) enable an automated exchange between their participants and (ii) provide them with access to huge and heterogeneous data sources. However, the corresponding benefits come with unforeseen risks as also sensitive information is potentially exposed. Consequently, data security is of utmost importance and, thus, a central requirement for the successful implementation of these ecosystems. Current initiatives, such as IDS and GAIA-X, hence foster sovereign participation via a federated infrastructure where participants retain local control. However, these designs place significant trust in remote infrastructure by mostly implementing organizational security measures such as certification processes prior to admission of a participant. At the same time, due to the sensitive nature of involved data, participants are incentivized to bypass security measures to maximize their own benefit: In practice, this issue significantly weakens sovereignty guarantees. In this paper, we hence claim that data ecosystems must be extended with technical means to reestablish such guarantees. To underpin our position, we analyze promising building blocks and identify three core research directions toward stronger data sovereignty, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. We conclude that these directions are critical to securely implement data ecosystems in data-sensitive contexts.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-lohmoeller-deco.pdf
CEUR Workshop Proceedings
Proceedings of the 1st International Workshop on Data Ecosystems (DEco '22), co-located with the 48th International Conference on Very Large Databases (VLDB '22), September 5-9, 2022, Sydney, Australia,
Sydney, Australia
International Workshop on Data Ecosystems (DEco '22)
September 5, 2022
1613-0073
1
JohannesLohmöller
JanPennekamp
RomanMatzutt
KlausWehrle
inproceedings
2022_dahlmanns_tlsiiot
Missed Opportunities: Measuring the Untapped TLS Support in the Industrial Internet of Things
2022
5
31
252-266
The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and authentication, (i) traditional industrial protocols, e.g., Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g., MQTT, are directly designed to use TLS. To understand whether these changes indeed lead to secure Industrial Internet of Things deployments, i.e., using TLS-based protocols, which are configured according to security best practices, we perform an Internet-wide security assessment of ten industrial protocols covering the complete IPv4 address space.
Our results show that both, retrofitted existing protocols and newly developed secure alternatives, are barely noticeable in the wild. While we find that new protocols have a higher TLS adoption rate than traditional protocols (7.2 % vs. 0.4 %), the overall adoption of TLS is comparably low (6.5 % of hosts). Thus, most industrial deployments (934,736 hosts) are insecurely connected to the Internet. Furthermore, we identify that 42 % of hosts with TLS support (26,665 hosts) show security deficits, e.g., missing access control. Finally, we show that support in configuring systems securely, e.g., via configuration templates, is promising to strengthen security.
industrial communication; network security; security configuration
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-dahlmanns-asiaccs.pdf
ACM
Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan
Nagasaki, Japan
ASIACCS '22
May 30-June 3, 2022
978-1-4503-9140-5/22/05
10.1145/3488932.3497762
1
MarkusDahlmanns
JohannesLohmöller
JanPennekamp
JörnBodenhausen
KlausWehrle
MartinHenze
inproceedings
2022_kus_iids_generalizability
A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection
2022
5
30
73-84
Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 %. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 % and 14.7 % for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks.
anomaly detection; machine learning; industrial control system
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf
ACM
Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan
978-1-4503-9176-4/22/05
10.1145/3494107.3522773
1
DominikKus
EricWagner
JanPennekamp
KonradWolsing
Ina BereniceFink
MarkusDahlmanns
KlausWehrle
MartinHenze
inproceedings
2022_wagner_ccchain
Scalable and Privacy-Focused Company-Centric Supply Chain Management
2022
5
4
Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.
supply chain management; blockchain; permissionless; deployment; tracing and tracking; privacy
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wagner-ccchain.pdf
IEEE
Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China
Shanghai, China
May 2-5, 2022
978-1-6654-9538-7/22
10.1109/ICBC54727.2022.9805503
1
EricWagner
RomanMatzutt
JanPennekamp
LennartBader
IrakliBajelidze
KlausWehrle
MartinHenze
inproceedings
2022_matzutt_redactchain
A Moderation Framework for the Swift and Transparent Removal of Illicit Blockchain Content
2022
5
3
Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads.
In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation.
redactable blockchain; illicit content; chameleon hash functions; threshold cryptography
mynedata; impact-digital; digital-campus
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf
IEEE
Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China
Shanghai, China
May 2-5, 2022
978-1-6654-9538-7/22
10.1109/ICBC54727.2022.9805508
1
RomanMatzutt
VincentAhlrichs
JanPennekamp
RomanKarwacik
KlausWehrle
article
2022_brauner_iop
A Computer Science Perspective on Digital Transformation in Production
ACM Transactions on Internet of Things
2022
5
1
3
2
The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality.
Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf
ACM
2691-1914
10.1145/3502265
1
PhilippBrauner
ManuelaDalibor
MatthiasJarke
IkeKunze
IstvánKoren
GerhardLakemeyer
MartinLiebenberg
JudithMichael
JanPennekamp
ChristophQuix
BernhardRumpe
Wilvan der Aalst
KlausWehrle
AndreasWortmann
MartinaZiefle
inproceedings
2022-lorenz-ven2us
Interconnected network protection systems - the basis for the reliable and safe operation of distribution grids with a high penetration of renewable energies and electric vehicle
2022
Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development.
In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests.
ven2us
Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal
Porto
CIRED workshop on E-mobility and power distribution systems 2022
June 2-3, 2022
10.1049/icp.2022.0768
1
MatthiasLorenz
Tobias MarkusPletzer
MalteSchuhmacher
TorstenSowa
MichaelDahms
SimonStock
DavoodBabazadeh
ChristianBecker
JohannJaeger
TobiasLorz
MarkusDahlmanns
Ina BereniceFink
KlausWehrle
AndreasUlbig
PhilippLinnartz
AntigonaSelimaj
ThomasOffergeld