Auflistung nach Autor:in "Menz, Nadja"
1 - 3 von 3
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragExploring the Human Factor in IT-security: A mobile lab for Investigating User Behavior(Open Identity Summit 2023, 2023) Fähnrich, Nicolas; Köster, Kevin; Renkel, Patrick; Huber, Richard; Menz, NadjaThe threat of cybersecurity incidents is increasingly challenging for companies and employee interaction plays a crucial role in the majority of cyberattacks. In this paper, we present a mobile, scalable IT-security lab to investigate the human factor in such incidents. The lab enables study participants to experience cyberattacks in an immersive workplace environment. In order to ensure that the target group of small and medium sized company (SME) employees is reached, we have designed the mobile lab in such a way that it can be easily operated in different locations and sizes.
- KonferenzbeitragOpen Identity Summit 2023 - Complete proceedings(Open Identity Summit 2023, 2023) Chadwick, David W.; Kubach, Michael; Sette, Ioram; Johnson Jeyakumar, Isaac Henderson; Bochnia, Ricardo; Richter, Daniel; Anke, Jürgen; Sellung, Rachelle; Kubach, Michael; Otto, Sarah; Meisel, Michael; Fernet, Laouen; Mödersheim, Sebastian; Krauß, Anna-Magdalena; Kostic, Sandra; Sellung, Rachelle A.; Pöhn, Daniela; Grabatin, Michael; Hommel, Wolfgang; Kubach, Michael; Henderson, Isaac; Bithin, Alangot; Dimitrakos, Theo; Vargas, Juan; Winterstetter, Matthias; Krontiris, Ioannis; Schwalm, Steffen; Fuxen, Philipp; Hackenberg, Rudolf; Heinl, Michael P.; Ross, Mirko; Roßnagel, Heiko; Schunck, Christian H.; Yahalom, Raphael; Ruff, Christopher; Benthien, Benedict; Orlowski, Alexander; Astfalk, Stefanie; Schunck, Christian H.; Fritsch, Lothar; Fähnrich, Nicolas; Köster, Kevin; Renkel, Patrick; Huber, Richard; Menz, Nadja
- KonferenzbeitragRisk-based testing of Bluetooth functionality in an automotive environment(Automotive - Safety & Security 2012, 2012) Jakob, Felix; Kremer, Wolfgang; Schulze, Andreas; Großmann, Jürgen; Menz, Nadja; Schneider, Martin; Feudjio, Alain-Georges VouffoThis paper describes an approach for risk-based testing of Bluetooth functionality in an automotive environment, recently studied as part of the ITEA-2 research project DIAMONDS. In the past two decades the functionality of infotainment systems of a modern car increased in complexity. Based on the worldwide evolution towards an information age the driver requests permanently increasing number of functionalities for infotainment systems where the vehicle becomes a connected vehicle which is always on. For instance next generation infotainment systems will provide internet to the cabin and will have integrated of applications like Twitter and Facebook. These additional online services can be realized by integrating the driver's smartphone with the vehicle infotainment system whereby the phone becomes a logical part of the infotainment head unit. This intense integration of consumer mobile devices with the vehicle electronics and network can also have a negative impact on the security of the vehicle electronics. Even the safety level of the entire automotive system can be affected, which recent studies have shown [Ko10, Ko11]. With respect to these increasing security risks for connected vehicles and future telematics applications, efficient and structured methods are required to verify such systems concerning their robustness against security attacks. One important approach is a risk oriented model-based testing concept as developed in the research project DIAMONDS1. Within this project a case study has been defined by Dornier Consulting for the automotive domain focused on connected car applications such as the integration of mobile consumer devices with the in-vehicle network and electronics. Based on risk analysis a security related prioritization of messages is achieved, which enables a smart and efficient generation of the most relevant test scenarios. Using adapted security test generation methods based on known concepts, such as fuzzing of these pre-defined test scenarios, will then be used to generate the final set of test cases. This paper discusses the generation process for risk based security test cases using this model-based testing approach, which pays attention to the analysed security flaws. An approach that refers to the generation of test cases that will cover possible unknown flaws by integrating fuzzing methodologies will also be described. The practical implementation of this generation process will be demonstrated by Dornier Consulting's extended Model-Based Testing (MBT) framework do.ATOMS for industrial and commercial application.