Auflistung nach Autor:in "Ohm, Marc"
1 - 5 von 5
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragMeasuring Resource Efficiency of LATEX Paper Templates(EnviroInfo 2023, 2023) Pohl, Timo; Ohm, MarcScientific work is mostly communicated via scientific papers, which are often published in journals or conference proceedings, either in print or digital form. These journals and conferences usually demand that submitted papers follow a specific formatting style, for which they provide style templates. The choice of a template influences different properties of the generated document, like its file size or the number of pages that it would use in printed form, directly affecting its impact on the environment. We built a system to automatically compare different LATEX templates with regard to different factors relevant to the environmental impact. We test our approach with seven templates used by different conferences and journals, and find that the most efficient templates have roughly one third of the file size, and require about one half of the resources for paper production of the least efficient templates.
- KonferenzbeitragPower Consumption of Common Symmetric Encryption Algorithms on Low-Cost Microchips(EnviroInfo 2023, 2023) Ohm, Marc; Taufenbach, Lars; Weber, Karsten; Pohl, TimoIn the Internet of Things (IoT), many devices are battery-operated, making them particularly susceptible to power-hungry applications. Symmetric encryption is a regularly performed task on such devices, as it ensures the confidentiality of the data they send. While previous work has compared the power consumption of common symmetric encryption algorithms on commodity hardware, no such evaluation exists for low-cost microchips, which are often used in IoT devices. In this paper, we compare the power consumption of an ESP8266 executing common symmetric encryption algorithms with varying parameters such as key size, data authentication, or payload size. We find that the power consumption depends on several factors, but that overall AES-GCM has the lowest power consumption when the encrypted data is also authenticated, while Blowfish-CTR has the lowest power consumption when no authentication is applied.
- TextdokumentTowards Detection of Malicious Software Packages Through Code Reuse by Malevolent Actors(GI SICHERHEIT 2022, 2022) Ohm, Marc; Kempf, Lukas; Boes, Felix; Meier, MichaelTrojanized software packages used in software supply chain attacks constitute an emerging threat. Unfortunately, there is still a lack of scalable approaches that allow automated and timely detection of malicious software packages and thus most detections are based on manual labor and expertise. However, it has been observed that most attack campaigns comprise multiple packages that share the same or similar malicious code. We leverage that fact to automatically reproduce manually identified clusters of known malicious packages that have been used in real world attacks, thus, reducing the need for expert knowledge and manual inspection. Our approach, AST Clustering using MCL to mimic Expertise (ACME), yields promising results with a F1 score of 0.99. Signatures are automatically generated based on characteristic code fragments from clusters and are subsequently used to scan the whole npm registry for unreported malicious packages. We are able to identify and report six malicious packages that have been removed from npm consequentially. Therefore, our approach can support the detection by reducing manual labor and hence may be employed by maintainers of package repositories to detect possible software supply chain attacks through trojanized software packages.
- KonferenzbeitragUsing Pre-trained Transformers to Detect Malicious Source Code Within JavaScript Packages(INFORMATIK 2024, 2024) Ohm, Marc; Götz, AnjaThe proliferation of open source software reuse has led to a significant increase in software supply chain attacks, making it increasingly challenging to identify malicious packages amidst the sheer volume of available packages. Traditional static analysis methods often fall short in detecting these threats due to the complexity and diversity of code semantics. This paper addresses these challenges by leveraging the remarkable success of transformer models in understanding code semantics. We propose a novel approach that utilizes pre-trained transformer models to embed source code, followed by training classifiers on these embeddings. This methodology enables a more nuanced understanding of code semantics, significantly improving the detection of malicious packages. Through extensive experiments, our approach achieves F1-scores as high as 0.98 and an alert rate of 0.09%, demonstrating its effectiveness in detecting malicious code within open source software supply chains.
- KonferenzbeitragYou Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node.js(Sicherheit 2024, 2024) Pohl, Timo; Ohm, Marc; Boes, Felix; Meier, MichaelMalicious software packages are often used in software supply chain attacks. Detecting these packages is a top priority, and there have been many academic and commercial approaches developed for this purpose. In the event of an attack, it is essential to have resilience against malicious code. To address this issue, we introduce a runtime protection for Node.js that automatically limits the capabilities of packages to a minimum level. The implementation and evaluation of the detection and enforcement of necessary capabilities at runtime was conducted against known malicious attacks. Our approach successfully prevented 90 % of historical attacks with a median install-time overhead of less than 0.6 seconds and a median runtime overhead of less than 0.2 seconds.