This file was created by the TYPO3 extension
bib
--- Timezone: UTC
Creation date: 2024-10-06
Creation time: 17-26-07
--- Number of references
23
inproceedings
2024_lohmoeller_tee_datasharing
Complementing Organizational Security in Data Ecosystems with Technical Guarantees
2024
12
internet-of-production
IEEE
Proceedings of the 1st Conference on Building a Secure and Empowered Cyberspace (BuildSEC '24), December 19-21, 2024, New Delhi, India
New Delhi, India
Building a Secure & Empowered Cyberspace
December 19-21, 2024
accepted
1
JohannesLohmöller
RomanMatzutt
JoschaLoos
EduardVlad
JanPennekamp
KlausWehrle
inproceedings
2024-fink-cired
Resilient Control Center to Substation Device Communication
2024
11
7
Resilient communication is essential for reliably exchanging parameters and measurements in distribution systems. Thus, deploying redundant hardware for both local and wide area communication, along with protocols that leverage these redundancies for automatic and timely failovers, is fundamental. This paper presents a comprehensive overview of key protocols (PRP/HSR, MPLS-TP, and MPTCP) which offer robust recovery mechanisms. Additionally, it provides a specific concept and topology that effectively combine the presented protocols to ensure resilient communication from the control center to substation devices.
ven2us
Proceedings of the CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems, November 7-8, 2024, Chicago, USA
Chicago
CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems
November 7-8, 2024
accepted
1
Ina BereniceFink
MarkusDahlmanns
GerritErichsen
KlausWehrle
inproceedings
2024-wolsing-deployment
Deployment Challenges of Industrial Intrusion Detection Systems
2024
9
With the escalating threats posed by cyberattacks on Industrial Control Systems (ICSs), the development of customized Industrial Intrusion Detection Systems (IIDSs) received significant attention in research. While existing literature proposes effective IIDS solutions evaluated in controlled environments, their deployment in real-world industrial settings poses several challenges. This paper highlights two critical yet often overlooked aspects that significantly impact their practical deployment, i.e., the need for sufficient amounts of data to train the IIDS models and the challenges associated with finding suitable hyperparameters, especially for IIDSs training only on genuine ICS data. Through empirical experiments conducted on multiple state-of-the-art IIDSs and diverse datasets, we establish the criticality of these issues in deploying IIDSs. Our findings show the necessity of extensive malicious training data for supervised IIDSs, which can be impractical considering the complexity of recording and labeling attacks in actual industrial environments. Furthermore, while other IIDSs circumvent the previous issue by requiring only benign training data, these can suffer from the difficulty of setting appropriate hyperparameters, which likewise can diminish their performance. By shedding light on these challenges, we aim to enhance the understanding of the limitations and considerations necessary for deploying effective cybersecurity solutions in ICSs, which might be one reason why IIDSs see few deployments.
Industrial Intrusion Detection Systems, Cyber-Physical
Systems, Industrial Control Systems, Deployment
https://arxiv.org/pdf/2403.01809
Springer
Proceedings of the 10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems
(CyberICPS '24), co-located with the the 29th European Symposium on Research in Computer Security (ESORICS '24)
Bydgoszcz, Poland
10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2024)
September 16-20, 2024
accepted
English
1
KonradWolsing
EricWagner
FrederikBasels
PatrickWagner
KlausWehrle
inproceedings
2024-saillard-exploring
Exploring Anomaly Detection for Marine Radar Systems
2024
9
Marine radar systems are a core technical instrument for collision avoidance in shipping and an indispensable decision-making aid for navigators on the ship’s bridge in limited visibility conditions at sea, in straits, and harbors. While electromagnetic attacks against radars can be carried out externally, primarily by military actors, research has recently shown that marine radar is also vulnerable to attacks from cyberspace. These can be carried out internally, less “loudly”, and with significantly less effort and know-how, thus posing a general threat to the shipping industry, the global maritime transport system, and world trade.
Based on cyberattacks discussed in the scientific community and a simulation environment for marine radar systems, we investigate in this work to which extent existing Intrusion Detection System (IDS) solutions can secure vessels’ radar systems, how effective their detection capability is, and where their limits lie. From this, we derive a research gap for radar-specific methods and present the first two approaches in that direction. Thus, we pave the way for necessary future developments of anomaly detection specific for marine navigation radars.
Marine Radar Systems, Maritime Cyber Security, Intrusion Detection Systems, Anomaly Detection, Navico BR24
Springer
Proceedings of the 10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems
(CyberICPS '24), co-located with the the 29th European Symposium on Research in Computer Security (ESORICS '24)
Bydgoszcz, Poland
10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2024)
September 16-20, 2024
accepted
English
1
AntoineSaillard
KonradWolsing
KlausWehrle
JanBauer
inproceedings
2024-wagner-madtls
Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication
2024
7
1
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-madtls.pdf
ACM
19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS '24), Singapur
Singapur
ACM ASIA Conference on Computer and Communications Security (AsiaCCS)
July 1-5, 2024
10.1145/3634737.3637640
1
EricWagner
DavidHeye
MartinSerror
IkeKunze
KlausWehrle
MartinHenze
inproceedings
2024-dahlmanns-cired
Reliable and Secure Control Center to Station Device Communication
2024
6
19
The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems.
In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy.
ven2us
Proceedings of the CIRED workshop on Increasing Distribution Network Hosting Capacity 2024, June 19-20, 2024, Vienna, Austria
Vienna
CIRED workshop on Increasing Distribution Network Hosting Capacity 2024
June 19-20, 2024
1
MarkusDahlmanns
Ina BereniceFink
GerritErichsen
GuosongLin
ThomasHammer
BurkhardBorkenhagen
SebastianSchneider
ChristofMaahsen
KlausWehrle
inproceedings
2024_dahlmanns_ipv6-deployments
Unconsidered Installations: Discovering IoT Deployments in the IPv6 Internet
2024
5
10
Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data.
Internet of Things, security, Internet measurements, IPv6, address generators
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-ipv6.pdf
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
10.1109/NOMS59830.2024.10574963
1
MarkusDahlmanns
FelixHeidenreich
JohannesLohmöller
JanPennekamp
KlausWehrle
MartinHenze
inproceedings
2024-dahlmanns-doctoralsym
Protocol Security in the Industrial Internet of Things
2024
5
10
Advances like Industry 4.0 lead to a rising number of Internet-connected industrial deployments and thus an Industrial Internet of Things with growing attack vectors. To uphold a secure and safe operation of these deployments, industrial protocols nowadays include security features, e.g., end-to-end secure communication. However, so far, it is unclear how well these features are used in practice and which obstacles might prevent operators from securely running their deployments. In this research description paper, we summarize our recent research activities to close this gap. Specifically, we show that even secure-by-design protocols are by far no guarantee for secure deployments. Instead, many deployments still open the doors for eavesdropping attacks or malicious takeovers. Additionally, we give an outlook on how to overcome identified obstacles allowing operators to configure their deployments more securely.
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-disssymposium.pdf
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
10.1109/NOMS59830.2024.10575096
1
MarkusDahlmanns
KlausWehrle
inproceedings
2024_pennekamp_dissertation-digest
Evolving the Industrial Internet of Things: The Advent of Secure Collaborations
2024
5
9
The Industrial Internet of Things (IIoT) leads to increasingly-interconnected industrial processes and environments, which, in turn, result in stakeholders collecting a plethora of information. Even though the global sharing of information and industrial collaborations in the IIoT promise significant improvements concerning productivity, sustainability, and product quality, among others, the majority of stakeholders is hesitant to implement them due to confidentiality and reliability concerns. However, strong technical guarantees could convince them of the contrary. Thus, to address these concerns, our interdisciplinary efforts focus on establishing and realizing secure industrial collaborations in the IIoT. By applying private computing, we are indeed able to reliably secure collaborations that not only scale to industry-sized applications but also allow for use case-specific confidentiality guarantees. Hence, improvements that follow from industrial collaborations with (strong) technical guarantees are within reach, even when dealing with cautious stakeholders. Still, until we can fully exploit these benefits, several challenges remain, primarily regarding collaboration management, introduced overhead, interoperability, and universality of proposed protocols.
security; privacy; private computing; reliability
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-noms-dissertation-digest.pdf
IEEE
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea
Seoul, Korea
2024 IEEE Network Operations and Management Symposium
May 6-10, 2024
10.1109/NOMS59830.2024.10575325
1
JanPennekamp
inproceedings
2024-kunze-spintrap
SpinTrap: Catching Speeding QUIC Flows
2024
5
7
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-spintrap.pdf
IEEE/IFIP
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24)
2024 IEEE/IFIP Network Operations and Management Symposium
10.1109/NOMS59830.2024.10575719
1
IkeKunze
ConstantinSander
LarsTissen
BenediktBode
KlausWehrle
article
2024_lohmoeller_sovereignty-survey
The Unresolved Need for Dependable Guarantees on Security, Sovereignty, and Trust in Data Ecosystems
Data & Knowledge Engineering
2024
5
1
151
Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning their reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts.
Data sharing; Confidentiality; Integrity protection; Data Markets; Distributed databases
internet-of-production; coat-ers; vesitrust
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-data-sovereignty-survey.pdf
Elsevier
0169-023X
10.1016/j.datak.2024.102301
1
JohannesLohmöller
JanPennekamp
RomanMatzutt
Carolin VictoriaSchneider
EduardVlad
ChristianTrautwein
KlausWehrle
inproceedings
2024-kunze-civic
In-Situ Model Validation for Continuous Processes Using In-Network Computing
2024
5
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-civic.pdf
IEEE
Proceedings of the 7th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '24)
10.1109/ICPS59941.2024.10639999
1
IkeKunze
DominikScheurenberg
LiamTirpitz
SandraGeisler
KlausWehrle
phdthesis
2024_pennekamp_phd-thesis
Secure Collaborations for the Industrial Internet of Things
2024
4
15
The Industrial Internet of Things (IIoT) is leading to increasingly-interconnected and networked industrial processes and environments, which, in turn, results in stakeholders gathering vast amounts of information. Although the global sharing of information and industrial collaborations in the IIoT promise to enhance productivity, sustainability, and product quality, among other benefits, most information is still commonly encapsulated in local information silos. In addition to interoperability issues, confidentiality concerns of involved stakeholders remain the main obstacle to fully realizing these improvements in practice as they largely hinder real-world industrial collaborations today. Therefore, this dissertation addresses this mission-critical research gap. Since existing approaches to privacy-preserving information sharing are not scalable to industry-sized applications in the IIoT, we present solutions that enable secure collaborations in the IIoT while providing technical (confidentiality) guarantees to the involved stakeholders. Our research is crucial (i) for demonstrating the potential and added value of (secure) collaborations and (ii) for convincing cautious stakeholders of the usefulness and benefits of technical building blocks, enabling reliable sharing of confidential information, even among direct competitors.
Our interdisciplinary research thus focuses on establishing and realizing secure industrial collaborations in the IIoT. In this regard, we study two overarching angles of collaborations in detail. First, we distinguish between collaborations along and across supply chains, with the former type entailing more relaxed confidentiality requirements. Second, whether or not collaborators know each other in advance implies different levels of trust and requires different technical guarantees. We rely on well-established building blocks from private computing (i.e., privacy-preserving computation and confidential computing) to reliably realize secure collaborations. We thoroughly evaluate each of our designs, using multiple real-world use cases from production technology, to prove their practical feasibility for the IIoT.
By applying private computing, we are indeed able to secure collaborations that not only scale to industry-sized applications but also allow for use case-specific configurations of confidentiality guarantees. In this dissertation, we use well-established building blocks to assemble novel solutions with technical guarantees for all types of collaborations (along and across supply chains as well as with known or unknown collaborators). Finally, on the basis of our experience with engineers, we have derived a research methodology for future use that structures the process of interdisciplinary development and evaluation of secure collaborations in the evolving IIoT.
Overall, given the aforementioned improvements, our research should greatly contribute to convincing even cautious stakeholders to participate in (reliably-secured) industrial collaborations. Our work is an essential first step toward establishing widespread information sharing among stakeholders in the IIoT. We further conclude: (i) collaborations can be reliably secured, and we can even provide technical guarantees while doing so; (ii) building blocks from private computing scale to industrial applications and satisfy the outlined confidentiality needs; (iii) improvements resulting from industrial collaborations are within reach, even when dealing with cautious stakeholders; and (iv) the interdisciplinary development of sophisticated yet appropriate designs for use case-driven secure collaborations can succeed in practice.
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-phd-thesis.pdf
Shaker Verlag
Germany
Reports on Communications and Distributed Systems
23
RWTH Aachen University
Ph.D. Thesis
978-3-8440-9467-1
2191-0863
1
JanPennekamp
incollection
2024_pennekamp_blockchain-industry
Blockchain Technology Accelerating Industry 4.0
2024
3
7
105
531-564
Competitive industrial environments impose significant requirements on data sharing as well as the accountability and verifiability of related processes. Here, blockchain technology emerges as a possible driver that satisfies demands even in settings with mutually distrustful stakeholders. We identify significant benefits achieved by blockchain technology for Industry 4.0 but also point out challenges and corresponding design options when applying blockchain technology in the industrial domain. Furthermore, we survey diverse industrial sectors to shed light on the current intersection between blockchain technology and industry, which provides the foundation for ongoing as well as upcoming research. As industrial blockchain applications are still in their infancy, we expect that new designs and concepts will develop gradually, creating both supporting tools and groundbreaking innovations.
internet-of-production
Springer
Advances in Information Security
17
Blockchains – A Handbook on Fundamentals, Platforms and Applications
978-3-031-32145-0
10.1007/978-3-031-32146-7_17
1
JanPennekamp
LennartBader
EricWagner
JensHiller
RomanMatzutt
KlausWehrle
incollection
2024_matzutt_blockchain-content
Illicit Blockchain Content – Its Different Shapes, Consequences, and Remedies
2024
3
7
105
301-336
Augmenting public blockchains with arbitrary, nonfinancial content fuels novel applications that facilitate the interactions between mutually distrusting parties. However, new risks emerge at the same time when illegal content is added. This chapter thus provides a holistic overview of the risks of content insertion as well as proposed countermeasures. We first establish a simple framework for how content is added to the blockchain and subsequently distributed across the blockchain’s underlying peer-to-peer network. We then discuss technical as well as legal implications of this form of content distribution and give a systematic overview of basic methods and high-level services for inserting arbitrary blockchain content. Afterward, we assess to which extent these methods and services have been used in the past on the blockchains of Bitcoin Core, Bitcoin Cash, and Bitcoin SV, respectively. Based on this assessment of the current state of (unwanted) blockchain content, we discuss (a) countermeasures to mitigate its insertion, (b) how pruning blockchains relates to this issue, and (c) how strategically weakening the otherwise desired immutability of a blockchain allows for redacting objectionable content. We conclude this chapter by identifying future research directions in the domain of blockchain content insertion.
Blockchain content insertion; Illicit content; Pruning; Redaction
Springer
Advances in Information Security
10
Blockchains – A Handbook on Fundamentals, Platforms and Applications
978-3-031-32145-0
10.1007/978-3-031-32146-7_10
1
RomanMatzutt
MartinHenze
DirkMüllmann
KlausWehrle
inproceedings
2024-wagner-acns-aggregate
When and How to Aggregate Message Authentication Codes on Lossy Channels?
2024
3
5
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-mac-aggregation.pdf
22nd International Conference on Applied Cryptography and Network Security (ACNS '24), Abu Dhabi, UAE
Abu Dhabi, UAE
International Conference on Applied Cryptography and Network Security (ACNS)
March 5-9, 2024
accepted
1
EricWagner
MartinSerror
KlausWehrle
MartinHenze
poster
2024-dahlmanns-sul
Poster: Trusted Execution Environment-basierte Sicherheit für digitale Umspannwerke
2024
3
5
19
ven2us
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-slt.pdf
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany
Leipzig, Germany
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik
March 05-06, 2024
1
MarkusDahlmanns
AndreasWark
Carl-HeinzGenzel
KlausWehrle
poster
2024-fink-sul
Poster: Resiliente Kommunikation für die Fernwirktechnik in digitalen Umspannwerken
2024
3
5
19
ven2us
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany
Leipzig, Germany
VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik
March 05-06, 2024
1
Ina BereniceFink
MarkusDahlmanns
KlausWehrle
article
2024_pennekamp_supply-chain-survey
An Interdisciplinary Survey on Information Flows in Supply Chains
ACM Computing Surveys
2024
2
1
56
2
Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.
information flows; data communication; supply chain management; data security; data sharing; systematic literature review
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf
ACM
0360-0300
10.1145/3606693
1
JanPennekamp
RomanMatzutt
ChristopherKlinkmüller
LennartBader
MartinSerror
EricWagner
SidraMalik
MariaSpiß
JessicaRahn
TanGürpinar
EduardVlad
Sander J. J.Leemans
Salil S.Kanhere
VolkerStich
KlausWehrle
inproceedings
Jakobs_2024_1
Responsible Standardisation for Smart Systems - Whose Expertise Do We Need?
2024
2
Proc. IRI§24 – International Legal Informatics Symposium
accepted
1
KaiJakobs
article
2024_pennekamp_supply-chain-sensing
Securing Sensing in Supply Chains: Opportunities, Building Blocks, and Designs
IEEE Access
2024
1
8
12
9350-9368
Supply chains increasingly develop toward complex networks, both technically in terms of devices and connectivity, and also anthropogenic with a growing number of actors. The lack of mutual trust in such networks results in challenges that are exacerbated by stringent requirements for shipping conditions or quality, and where actors may attempt to reduce costs or cover up incidents. In this paper, we develop and comprehensively study four scenarios that eventually lead to end-to-end-secured sensing in complex IoT-based supply chains with many mutually distrusting actors, while highlighting relevant pitfalls and challenges—details that are still missing in related work. Our designs ensure that sensed data is securely transmitted and stored, and can be verified by all parties. To prove practical feasibility, we evaluate the most elaborate design with regard to performance, cost, deployment, and also trust implications on the basis of prevalent (mis)use cases. Our work enables a notion of secure end-to-end sensing with minimal trust across the system stack, even for complex and opaque supply chain networks.
blockchain technology; reliability; security; trust management; trusted computing; trusted execution environments
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-secure-sensing.pdf
2169-3536
10.1109/ACCESS.2024.3350778
1
JanPennekamp
FritzAlder
LennartBader
GianlucaScopelliti
KlausWehrle
Jan TobiasMühlberg
inproceedings
2024-dahlmanns-fps
Collectively Enhancing IoT Security: A Privacy-Aware Crowd-Sourcing Approach
2024
14551
Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario.
Mohamed Mosbah, Florence Sèdes, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens, Joaquin Garcia-Alfaro
Springer Cham
Lecture Notes in Computer Science
Proceedings of the 16th International Symposium on Foundations and Practice of Security (FPS '23), December 11-13, 2023, Bordeaux, France
Bordeaux, France
International Symposium on Foundations and Practice of Security 2023 (FPS 23)
December 11-13, 2023
10.1007/978-3-031-57540-2_2
1
MarkusDahlmanns
RomanMatzutt
ChrisDax
KlausWehrle
inproceedings
2024-basels-demo
Demo: Maritime Radar Systems under Attack. Help is on the Way!
2024
For a long time, attacks on radar systems were limited to military targets. With increasing interconnection, cyber attacks have nowadays become a serious complementary threat also affecting civil radar systems for aviation traffic control or maritime navigation. Hence, operators need to be enabled to detect and respond to cyber attacks and must be supported by defense capabilities. However, security research in this domain is only just beginning and is hampered by a lack of adequate test and development environments. In this demo, we thus present a maritime Radar Cyber Security Lab (RCSL) as a holistic framework to identify vulnerabilities of navigation radars and to support the development of defensive solutions. RCSL offers an offensive tool for attacking navigation radars and a defensive module leveraging network-based anomaly detection. In our demonstration, we will showcase the radars’ vulnerabilities in a simulative environment and demonstrate the benefit of an application-specific Intrusion Detection System.
IEEE
Proceedings of the 2023 IEEE 48th Conference on Local Computer Networks (LCN)
Caen, Normandy, France
October 8-10, 2024
accepted
1
FrederikBasels
KonradWolsing
ElmarPadilla
JanBauer