This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-09-08
Creation time: 02-21-21
--- Number of references
10
inproceedings
2020_pennekamp_benchmarking
Revisiting the Privacy Needs of Real-World Applicable Company Benchmarking
2020
12
15
31-44
Benchmarking the performance of companies is essential to identify improvement potentials in various industries. Due to a competitive environment, this process imposes strong privacy needs, as leaked business secrets can have devastating effects on participating companies. Consequently, related work proposes to protect sensitive input data of companies using secure multi-party computation or homomorphic encryption. However, related work so far does not consider that also the benchmarking algorithm, used in today's applied real-world scenarios to compute all relevant statistics, itself contains significant intellectual property, and thus needs to be protected. Addressing this issue, we present PCB — a practical design for Privacy-preserving Company Benchmarking that utilizes homomorphic encryption and a privacy proxy — which is specifically tailored for realistic real-world applications in which we protect companies' sensitive input data and the valuable algorithms used to compute underlying key performance indicators. We evaluate PCB's performance using synthetic measurements and showcase its applicability alongside an actual company benchmarking performed in the domain of injection molding, covering 48 distinct key performance indicators calculated out of hundreds of different input values. By protecting the privacy of all participants, we enable them to fully profit from the benefits of company benchmarking.
practical encrypted computing; homomorphic encryption; algorithm confidentiality; benchmarking; key performance indicators; industrial application; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-company-benchmarking.pdf
https://eprint.iacr.org/2020/1512
HomomorphicEncryption.org
Proceedings of the 8th Workshop on Encrypted Computing & Applied Homomorphic Cryptography (WAHC '20), December 15, 2020, Virtual Event
Virtual Event
December 15, 2020
978-3-00-067798-4
10.25835/0072999
1
JanPennekamp
PatrickSapel
Ina BereniceFink
SimonWagner
SebastianReuter
ChristianHopmann
KlausWehrle
MartinHenze
inproceedings
2020_delacadena_trafficsliver
TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting
2020
11
12
1971-1985
Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only.
To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98% to less than 16% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network.
Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf
https://github.com/TrafficSliver
ACM
Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA
Virtual Event, USA
November 9-13, 2020
978-1-4503-7089-9/20/11
10.1145/3372297.3423351
1
WladimirDe la Cadena
AsyaMitseva
JensHiller
JanPennekamp
SebastianReuter
JulianFilter
KlausWehrle
ThomasEngel
AndriyPanchenko
phdthesis
2020-rueth-phd-thesis
Measuring the Evolution of the Internet in the Age of Giants
2020
11
https://www.shaker.de/de/content/catalogue/index.asp?ISBN=978-3-8440-7660-8
Shaker Verlag
Shaker Verlag, Düren, Germany
Reports on Communications and Distributed Systems
20
RWTH Aachen University
Ph.D. Thesis
978-3-8440-7660-8
JanRüth
article
2020-holz-ccr-tls13
Tracking the deployment of TLS 1.3 on the Web: A story of experimentation and centralization
ACM SIGCOMM Computer Communications Review (CCR)
2020
7
50
3
3-15
Selected for the 'Best of CCR' session at SIGCOMM 2021.
https://ccronline.sigcomm.org/wp-content/uploads/2020/08/sigcomm-ccr-paper430-with-open-review.pdf
Association for Computing Machinery
New York, NY, USA
10.1145/3411740.3411742
1
RalphHolz
JensHiller
JohannaAmann
AbbasRazaghpanah
ThomasJost
NarseoVallina-Rodriguez
OliverHohlfeld
inproceedings
2020-schemmel-porse
Symbolic Partial-Order Execution for Testing Multi-Threaded Programs
2020
7
symbiosys
https://arxiv.org/pdf/2005.06688.pdf
https://arxiv.org/abs/2005.06688
Computer Aided Verification (CAV 2020)
32nd International Conference on Computer Aided Verification
10.1007/978-3-030-53288-8_18
1
DanielSchemmel
JulianBüning
CésarRodríguez
DavidLaprell
KlausWehrle
inproceedings
2020-mann-ur-weldseamstudy
Study on weld seam geometry control for connected gas metal arc welding systems
2020
6
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-weld-seam-geometry-control.pdf
Proceedings of the 2020 Internal Conference on Ubiquitous Robots
Internal Conference on Ubiquitous Robots
June 22-26, 2020
10.1109/UR49135.2020.9144839
1
SamuelMann
RenéGlebke
IkeKunze
DominikScheurenberg
RahulSharma
UweReisgen
KlausWehrle
DirkAbel
inproceedings
2020_roepert_opcua
Assessing the Security of OPC UA Deployments
2020
4
2
To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf
en
University of Tübingen
Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, Tübingen, Germany
Tübingen, Germany
April 2-3, 2020
10.15496/publikation-41813
1
LinusRoepert
MarkusDahlmanns
Ina BereniceFink
JanPennekamp
MartinHenze
article
2020_mann_welding_layers
Connected, digitalized welding production — Secure, ubiquitous utilization of data across process layers
Advanced Structured Materials
2020
4
1
125
101-118
A connected, digitalized welding production unlocks vast and dynamic potentials: from improving state of the art welding to new business models in production. For this reason, offering frameworks, which are capable of addressing multiple layers of applications on the one hand and providing means of data security and privacy for ubiquitous dataflows on the other hand, is an important step to enable the envisioned advances. In this context, welding production has been introduced from the perspective of interlaced process layers connecting information sources across various entities. Each layer has its own distinct challenges from both a process view and a data perspective. Besides, investigating each layer promises to reveal insight into (currently unknown) process interconnections. This approach has been substantiated by methods for data security and privacy to draw a line between secure handling of data and the need of trustworthy dealing with sensitive data among different parties and therefore partners. In conclusion, the welding production has to develop itself from an accumulation of local and isolated data sources towards a secure industrial collaboration in an Internet of Production.
Proceedings of the 1st International Conference on Advanced Joining Processes (AJP '19)
Welding Production; Industrie 4.0; Internet of Production; Data Security; Data Privacy
Internet-of-Production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-welding-layers.pdf
Springer
Ponta Delgada, Azores, Portugal
October 24-25, 2019
978-981-15-2956-6
1869-8433
10.1007/978-981-15-2957-3_8
1
SamuelMann
JanPennekamp
TobiasBrockhoff
AnahitaFarhang
MahsaPourbafrani
LukasOster
Merih SeranUysal
RahulSharma
UweReisgen
KlausWehrle
Wilvan der Aalst
inproceedings
2020-kosek-tcp-conformance
MUST, SHOULD, DON'T CARE: TCP Conformance in the Wild
2020
3
30
maki
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-kosek-tcp-conformance-v2.pdf
https://arxiv.org/abs/2002.05400
Springer
Proceedings of the Passive and Active Measurement Conference (PAM '20)
Eugene, Oregon, USA
Passive and Active Measurement Conference (PAM 2020)
30.03.2020 - 31.03.2020
en
https://doi.org/10.1007/978-3-030-44081-7_8
1
MikeKosek
LeoBlöcher
JanRüth
TorstenZimmermann
OliverHohlfeld
article
2020-wehrle-digitalshadows
Mit "Digitalen Schatten" Daten verdichten und darstellen : Der Exzellenzcluster "Internet der Produktion" forscht über die Produktionstechnik hinaus
Der Profilbereich "Information & Communication Technology"
2020
0179-079X
10.18154/RWTH-2021-02496
MatthiasJarke
Wilvan der Aalst
ChristianBrecher
MatthiasBrockmann
IstvánKoren
GerhardLakemeyer
BernhardRumpe
GüntherSchuh
KlausWehrle
MartinaZiefle