Logo des Repositoriums

P256 - Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit

https://dl.gi.de/handle/20.500.12116/20073
Auflistung nach:

Auflistung P256 - Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit nach Erscheinungsdatum

Zu einem Punkt im Index springen:
1 - 10 von 27
  • Konferenzbeitrag
    Comparative evaluation of machine learning-based malware detection on android.
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Hahn, Sebastian; Protsenko, Mykola; Müller, Tilo
    The Android platform is known as the market leader for mobile devices, but it also has gained much attention among malware authors in recent years. The widespread of malware, a consequence of its popularity and the design features of the Android ecosystem, constitutes a major security threat currently targeted by the research community. Among all counter methods proposed in previous publications, many rely on machine learning algorithms based on statically extracted attributes from an app. Machine learning, which is also inspired by the developed field of desktop malware detection, has proven to be a promising approach for fighting Android malware. Many publications, however, rely on different data sets for different application attributes, rendering the comparison of them difficult. Furthermore, there exist attribute sets known from the desktop world which have not been ported to Android yet. In this paper, we aim to step towards filling this gap by assessing the effectiveness of the total number of 11 attribute sets, including those never evaluated on Android before, using a consistent data set of 10,000 apps. Our comparative evaluation provides a ranking for the single attribute sets according the detection performance they can reach, and suggests the most effective combination of all attributes.
  • Konferenzbeitrag
    Correlation-resistant fuzzy vault for fingerprints
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Butt, Moazzam; Merkle, Johannes; Korte, Ulrike; Busch, Christoph
    The fuzzy vault is one of the most popular biometric encryption schemes for protecting fingerprint data. However, its implementation faces two challenges: First, the fingerprints need to be aligned. Some publications have proposed the storage of auxiliary data to assist alignment, but these data may leak information about the biometric features. Secondly, the fuzzy vault is susceptible to attacks that correlate the data from two protected templates, which does not only violate the requirement of unlinkability but also allows the recovery of the biometric data. In this work, we present a fuzzy vault construction for fingerprint data (minutiae) that addresses both issues. We do so by applying an absolute alignment method to the fingerprints, performing a quantization of the minutiae positions to a grid, and using all grid points unoccupied by minutiae as chaff. This approach results in all vaults containing the same set of points. In order to improve recognition performance, we also use the minutiae's angles and types. We present experimental evaluations and compare the results with the existing works on fuzzy fingerprint vault.
  • Konferenzbeitrag
    Increasing security and availability in KNX networks
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Glanzer, Harald; Krammer, Lukas; Kastner, Wolfgang
    Buildings contain a number of technical systems in order to be able to fulfill their task of providing a comfortable, secure and safe environment. Apart from heating, ventilation and airconditioning as well as lighting and shading, critical services such as fire alarm or access control systems are added to building automation. The latter services require secure communication and high availability and are currently implemented by isolated subsystems. However, a tighter integration into an overall building automation network can raise synergies such as cost reduction, improvements in building control as well as easier management. For this purpose, the underlying communication system has to be robust and reliable against malicious manipulations. This paper proposes an extension for KNX paving the way for its deployment even in critical environments. For this purpose, it is necessary to detect and guard against malicious attacks as well as to cope with randomly occurring hardware faults. The former can be achieved through cryptography, whereas the latter by implementing structural redundancy. The proposal divides KNX installations into insecure and secure parts. While insecure parts allow to use standard KNX devices, secure parts are protected against malicious attacks and are realized in a redundant way. This allows to partially resist against transient hardware faults.
  • Konferenzbeitrag
    Order preserving encryption for wide column stores
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Waage, Tim
    Order-preserving encryption (OPE) allows encrypting without losing information about the order relation between the encrypted data items. Thus, the execution of compare, order and grouping operations can be done like on plaintext data. In particular it allows databases to do range queries over encrypted data, which is a useful feature especially for cloud databases that usually run in untrusted environments. Several OPE schemes have been proposed in the last years, but almost none of them are used in real world scenarios. While OPE was at least implemented for some SQL- based prototype systems before (e.g. [Po11, Tu13], our work identifies the practical requirements for utilizing OPE in existing NoSQL cloud database technologies. It also provides runtime analyses of two popular OPE schemes combined with two popular NoSQL wide column store databases.
  • Konferenzbeitrag
    SDN malware: problems of current protection systems and potential countermeasures
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Röpke, Christian
    Software-Defined Networking (SDN) is an emerging topic and securing its data and control plane is of great importance. The main goal of malicious SDN applications would be to compromise the SDN controller which is responsible for managing the SDN-based network. In this paper, we discuss two existent mechanisms aiming at protecting aforementioned planes: (i) sandboxing of SDN applications and (ii) checking for network invariants. We argue that both fail in case of sophisticated malicious SDN applications such as a SDN rootkit. To fill the corresponding security gaps, we propose two security improvements. The first one aims at protecting the control plane by isolating SDN applications by means of virtualization techniques. Compared to recent efforts, we thereby allow a more stringent separation of malicious SDN applications. The goal of the second proposal is to allow policy checking mechanisms to run independently from SDN controllers while minimizing hardware costs. Thereby, we improve SDN security while taking into account that correct functioning of policy checking can be manipulated by a compromised SDN controller.
  • Konferenzbeitrag
    Attacks on fitness trackers revisited: a case-study of unfit firmware security
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Rieck, Jakob
    Fitness trackers - wearables that continuously record a wearer's step count and related activity data - are quickly gaining in popularity. Apart from being useful for individuals seeking a more healthy lifestyle, their data is also being used in court and by insurance companies to adjust premiums. For these use cases, it is essential to ensure authenticity and integrity of data. Here we demonstrate a flaw in the way firmware for Withings' Activité is verified, allowing an adversary to compromise the tracker itself. This type of attack has so far not been applied to fitness trackers. Vendors have started mitigating previous attacks, which manipulated data by interfering with wireless channels, or by physically moving the tracker to fool sensors. Hardware similarities amongst different trackers suggest findings can be transferred to other tracker as well.
  • Konferenzbeitrag
    Automotive Ethernet: security opportunity or challenge?
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Corbett, Christopher; Schoch, Elmar; Kargl, Frank; Preussner, Felix
    The automotive industry's future trends, such as automated driving or advanced driver assistance, require large bandwidths to handle massive data streams and strongly depend on well timed communication. The Ethernet technology is seen as a suitable candidate to cover those needs for vehicle-internal networks; however, Ethernet involves security issues. Thus, by discussing automotive Ethernet attributes with regard to the adaption of existing security mechanisms in contrast to the potential of creating new ones, several challenges and opportunities emerge in consideration of comparatively fewer available resources and the integration into a vehicle environment. Based on these results we derive and propose ideas for manipulation and misuse detection mechanisms.
  • Konferenzbeitrag
    Towards adaptive event prioritization for network security - ideas and challenges
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Renners, Leonard
    In the network security domain Intrusion detection systems (IDS) are known for their problems in creating huge amounts of data and especially false positives. Several approaches, originating in the machine learning domain, have been proposed for a better classification. However, threat prioritization has also shown, that a distinction in true and false positives is not always sufficient for a profound security analysis. We therefore propose an approach to combine several aspects from those two areas. On the one hand, threat and event prioritization approaches are rather static with fixed calculation rules, whereas rule learning in alert verification focuses mostly on a binary
  • Konferenzbeitrag
    A framework for encrypted computation on shared data
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Kasem-Madani, Saffija
    In times of surveillance and data retention, sharing information often comes together with privacy concerns. However, information sharing has benefits, e.g. sharing log files for including the knowledge gained from a broader view for security analysis, or sharing healthcare data for the use in studies for improving medical treatments. We present an information sharing framework design that meets both privacy and utility requirements of the information sharing parties. We utilize homomorphic encryption and show how it can be used for offline data analysis.
  • Konferenzbeitrag
    Distributed evolutionary fuzzing with evofuzz
    (Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016) Beterke, Fabian
    This paper describes the design of a tool (called Evofuzz) that implements the technique of evolutionary (or coverage-guided) fuzzing in a scalable, distributed manner. The architecture, design-choices and implementation specifics of this tool are examined, explained and criticized. After outlining possible improvements and future work that is not yet completed, the paper finishes by presenting the results from fuzzing real-world programs and explains how to recreate them using the provided tool.