Auflistung nach Autor:in "Rieck, Konrad"
1 - 5 von 5
Treffer pro Seite
Sortieroptionen
- Zeitschriftenartikel64-Bit Migration Vulnerabilities(it - Information Technology: Vol. 59, No. 5, 2017) Wressnegger, Christian; Yamaguchi, Fabian; Maier, Alwin; Rieck, KonradThe subtleties of correctly processing integers confronts developers with a multitude of pitfalls that frequently result in severe software vulnerabilities. Unfortunately, even code shown to be secure on one platform can be vulnerable on another, such that also the migration of code itself is a notable security challenge.
- KonferenzbeitragContinuous authentication on mobile devices by analysis of typing motion behavior(Sicherheit 2014 – Sicherheit, Schutz und Zuverlässigkeit, 2014) Gascon, Hugo; Uellenbeck, Sebastian; Wolf, Christopher; Rieck, KonradSmartphones have become the standard personal device to store private or sensitive information. Widely used as every day gadget, however, they are susceptible to get lost or stolen. To protect information on a smartphone from being physically accessed by attackers, a lot of authentication methods have been proposed in recent years. Each one of them suffers from certain drawbacks, either they are easy to circumvent, vulnerable against shoulder surfing attacks, or cumbersome to use. In this paper, we present an alternative approach for user authentication that is based on the smartphone's sensors. By making use of the user's biometrical behavior while entering text into the smartphone, we transparently authenticate the user in an ongoing-fashion. In a field study, we asked more than 300 participants to enter some short sentences into a smartphone while all available sensor events were recorded to determine a typing motion fingerprint of the user. After the proper feature extraction, a machine learning classifier based on Support Vector Machines (SVM) is used to identify the authorized user. The results of our study are twofold: While our approach is able to continuously authenticate some users with high precision, there also exist participants for which no accurate motion fingerprint can be learned. We analyze these difference in detail and provide guidelines for similar problems.
- KonferenzbeitragA malware instruction set for behavior-based analysis(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Trinius, Philipp; Willems, Carsten; Holz, Thorsten; Rieck, KonradWe introduce a new representation for monitored behavior of malicious software called Malware Instruction Set (MIST). The representation is optimized for effective and efficient analysis of behavior using data mining and machine learning techniques. It can be obtained automatically during analysis of malware with a behavior monitoring tool or by converting existing behavior reports. The representation is not restricted to a particular monitoring tool and thus can also be used as a meta language to unify behavior reports of different sources.
- KonferenzbeitragVisualization of anomaly detection using prediction sensitivity(Sicherheit 2005, Sicherheit – Schutz und Zuverlässigkeit, 2005) Laskov, Pavel; Rieck, Konrad; Schäfer, Christin; Müller, Klaus-RobertVisualization of learning-based intrusion detection methods is a challenging problem. In this paper we propose a novel method for visualization of anomaly detection and feature selection, based on prediction sensitivity. The method allows an expert to discover informative features for separation of normal and attack instances. Experiments performed on the KDD Cup dataset show that explanations provided by prediction sensitivity reveal the nature of attacks. Application of prediction sensitivity for feature selection yields a major improvement of detection accuracy.
- ZeitschriftenartikelVulnerability analysis(it - Information Technology: Vol. 59, No. 5, 2017) Rieck, Konrad