Logo des Repositoriums

Auflistung nach Schlagwort "Cybersecurity"

1 - 10 von 19
  • Konferenzbeitrag
    AI Defenders: Machine learning driven anomaly detection in critical infrastructures
    (INFORMATIK 2024, 2024) Nebebe, Betelhem; Kröckel, Pavlina; Yatagha, Romarick; Edeh, Natasha; Waedt, Karl
    Previous studies have evaluated the suitability of different machine learning (ML) models for anomaly detection in critical infrastructures, which are pivotal due to the potential consequences of disruptions that can lead to safety risks, operational downtime, and financial losses. Ensuring robust anomaly detection for these systems within a company is vital to mitigate risks and maintain continuous operation. In this paper, we utilize a time-series labeled dataset obtained from a hydraulic model simulator (ELVEES simulator) to conduct a comprehensive and comparative analysis of various ML models. The study aims to demonstrate how different models effectively identify and respond to anomalies, underscoring the potential artificial intelligence (AI) driven systems to mitigate attacks. With the chosen approach, we expect to achieve the best performance in detecting two types of anomalies: point anomaly and contextual anomaly.
  • Konferenzbeitrag
    The application of Articial Intelligence for Cyber Security in Industry 4.0
    (INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Ben Zid, Ines; Parekh, Mithil; Waedt, Karl; Lou, Xinxin
    The use of Artificial Intelligence (AI) in different domains is continuously growing. In particular for cybersecurity, we can see the implementations of AI solutions, e.g. machine learning, in a wide range of applications from various domains. While some consider this step as risk for cybersecurity, others agree that it is in fact a solution to many issues as well. This leads to a higher necessity of having a right understanding as well as handling of cybersecurity controls that enforce meeting domain, project and application specific security targets. This implies that more efforts and resources have to be focused and invested towards cybersecurity. One reason for this is that attackers (threat agents) may integrate AI based algorithms and AI based evaluation of data, which forces the security staff to respond at a similar level. Thus, we are considering AI as a potential solution for satisfying a set of rising needs and objectives. In this paper, we present the concept for merging and integration of these three major domains and applications. Also, we detail the relevant motivations, requirements and challenges to be considered when coming to such combination.
  • Konferenzbeitrag
    Comparison of Aviation and Automotive Standards and Methods in Terms of Safety and Cybersecurity
    (Software Engineering 2022 Workshops, 2022) Akkus, Yusuf; Annighoefer, Bjoern
    Safety and security methods from the aviation and automotive are compared. Current safety and security standards and regulations for both product development aspects like systems engineering, hardware/software development and their management are considered. Methods and processes are investigated. The main purpose is to figure out and understand the backgrounds and to characterize the similarities and differences. Moreover, potential opportunities for transferring methods from one industry to another are identified. Aviation has more systematic development and involves authorities throughout the complete development lifecycle. Huge volumes in automotive leads to quality-driven development. Assessment structure and process activities provide potential transfer. For security both areas face same challenges and standardization activities and development run parallel. Methods are being mainly taken over from safety and assessment is incorporated into the safety assessment lifecycle today. For certification process, authorities must take action in both areas since the security ecosystem includes a bigger scope like infrastructure, communication devices, traffic control.
  • Konferenzbeitrag
    Considering the Regulatory Framework of the AI Act: Cybersecurity in the Technical and Legal Integration of Dialogue Systems
    (INFORMATIK 2024, 2024) Reckziegel Weschenfelder, Lucas
    In this paper we aim to provide a concise commentary on the possibilities of technical integration within the regulatory framework established by the AI Act. It will focus on the conception of dialogue systems and their interoperable functionalities, highlighting their interactions as and with other AI systems deployed as cybersecurity products or services. The analysis advocates for and acknowledges the need for a broader contextual dialogue between regulations that may influence this technological environment.
  • Zeitschriftenartikel
    Cybersecurity im medialen Diskurs
    (HMD Praxis der Wirtschaftsinformatik: Vol. 57, No. 3, 2020) Griesbacher, Eva-Maria; Griesbacher, Martin
    Die Digitalisierung hat in den letzten Jahren ein komplexes, sich scheinbar ständig veränderndes Feld möglicher Risiken hervorgebracht, dessen Ausmaße für Unternehmen zunehmend schwer erkennbar sind. Entsprechend wichtig wird die Frage, wie EntscheidungsträgerInnen und MitarbeiterInnen Gefahren im digitalen Raum besser erkennen, adäquat einschätzen und auf diese reagieren können. Da sich EntscheidungsträgerInnen in kleineren KMU meist über Internetrecherchen oder in der Tagespresse über Cybersecurity informieren, hängt ihre Risikoeinschätzung und Maßnahmensetzung davon ab, wie Cybersecurity-Themen in diversen Medien dargestellt und diskutiert werden. Basierend auf einer Diskursanalyse von 504 Medienberichten zum Thema Cybersecurity in Unternehmen zwischen 2010 und 2019 kommt der Beitrag zu dem Ergebnis, dass sich die Medien weniger an langfristig bestehenden Bedrohungslagen orientiert haben, sondern vielmehr an den spektakulärsten Zwischenfällen und typischen Rollenverteilungen zwischen „Gut“ und „Böse“. Insgesamt wurde der Cyberspace als ein unsicherer Raum für Unternehmen dargestellt – teilweise aufgrund des Verhaltens ihrer eigenen MitarbeiterInnen. Für IT-Unternehmen, Polizeibehörden und die Forschung bedeutet der Nachvollzug des medialen Cybersecurity-Diskurses eine verbesserte Einsicht in die selektive und situative Behandlung von Bedrohungslagen durch Medien und die damit verbundenen Verzerrungen unternehmerischer Risikoeinschätzungen. Zentral für die unternehmerische Cybersecurity ist zudem die Kompetenz der MitarbeiterInnen, die Gefahren akkurat erkennen zu können. In recent years, digitization has created a complex, seemingly ever-changing field of possible risks. The extent of these risks is increasingly difficult for companies to identify. Accordingly, the question of how decision-makers and employees can recognize, assess and react to dangers from cyberspace becomes increasingly important. Since decision-makers in smaller SMEs usually obtain information about cybersecurity through Internet research or through daily press, their risk assessment and measures depend on how cybersecurity issues are presented and discussed in various media. Based on a discourse analysis of 504 media reports on the topic of cyber security in companies between 2010 and 2019, the article comes to the following conclusion: The media has focused less on long-term existing threats and more on the most spectacular incidents and typical role distribution between “good” and “evil”. All in all, cyberspace was portrayed as an insecure space for companies—partly due to the behaviour of their own employees. For IT companies, police authorities and research, the understanding of the media cybersecurity discourse means an improved insight into the selective and situational treatment of threat situations by the media and the associated distortions in corporate risk assessments. Finally, the competence of the employees to accurately recognize the risks is central to corporate cybersecurity.
  • Konferenzbeitrag
    Cybersecurity Testing for Industry 4.0: Enhancing Deployments in operational I&C systems Through Adversarial Testing and Explainable AI
    (INFORMATIK 2024, 2024) Ndiaye, Ndeye Gagnessiry; Kirdan, Erkin; Waedt, Karl
    Several emerging technologies have substantially affected the scope and implementation of security testing. This includes the testing of cryptographic algorithm implementation, the security of Machine Learning (ML) and Artificial Intelligence (AI) algorithms, joint functional safety and security-related (IEC TR 63069) testing, security and privacy-related testing of big data and cloud computing, e.g. with regard to de-identification. This paper focuses on the security ML and AI implementations, examining their integration in industrial control and nuclear systems (IEC 62443). Special attention is given to security threats considered throughout the AI system life cycle specifically at design phase. We assess the entirety of the secure development lifecycle, which includes stages such as data and model management, risk assessment, and the enhancement of system robustness and resilience as specified by ISO/IEC 42001. To highlight the critical role of verification and validation (V&V), we conduct a proof-of-concept exploit targeted and gradual feature poisoning attack on a water treatment and distribution simulator fault detector. We achieve to demonstrate the impact of the attack on model robustness and performance through explainable metrics and pave the way for the development of a secure lifecycle framework, thereby increasing the chances of successful deployment.
  • Konferenzbeitrag
    Determining the Efficiency of Mitigations Based on Covered Threats
    (Open Identity Summit 2024, 2024) Winterstetter, Matthias
    Prioritization of threats is an important skill for experts working in the cybersecurity field. With daily new discovered threats and a variety of tools providing information, warnings, and alerts, it is essential for experts working in cybersecurity to identify the most important warnings and threats and handle them efficiently to stay ahead of the growing competence, organization, and size of threat groups. To assist cybersecurity experts with these tasks, this paper provides an approach covering six steps that can be used to determine the efficiency of mitigations for a system under consideration. To this end, this paper describes a straightforward approach and provides an example in which it has already been used.
  • Konferenzbeitrag
    Generative AI and Gametheory for the development and deployment of Honeypots to enhance the Security of Industrial Automation and Control Systems
    (INFORMATIK 2024, 2024) Peters, Ludger; Gkoktsis, Georgios
    The computing hardware and software of modern Industrial automation and control system has evolved to be like traditional IT hardware in the first decade of this century. Due to the specialized demands on these systems introduced, e.g., by specialized measurement equipment or additional safety requirements, typical IT update and security procedures cannot be followed. This paper explores the use of generative AI models in honeypots for enhancing the cybersecurity in industrial automation and control systems. As honeypots are used as traps for system attackers, the deployment of generative AI models enables the creation of more convincing and sophisticated decoy environments. This increases the likelihood of an attacker’s engagement with the environment, improving the detection and analysis of malicious activities. Through a brief summary, this paper quantifies the existing research on generative AI in honeypots. The findings highlight the significant potential of generative AI models in enhancing the security of IACS through their integration into honeypot systems. This can ultimately lead to organizations being able to gain more in-depth insights into emerging cyber threats, improve their incident response capabilities, and enhance the resilience of their industrial control systems. To quantify the impact of employing such advanced deception technologies on the behavior of the attacker, this paper proposes a novel approach using a non-cooperative game-theoretic framework for deploying honeypots in OT systems. This methodology enables strategic analysis that balances limited resources with the need to predict and counter sophisticated cyber adversaries’ actions.
  • Konferenzbeitrag
    Identity Management as a target in cyberwar
    (Open Identity Summit 2020, 2020) Fritsch, Lothar
    This article will discuss Identity Management (IdM) and digital identities in the context of cyberwar. Cyberattacks that target or exploit digital identities in this context gain leverage through the central position of IdM digital infrastructures. Such attacks will compromize service operations, reduce the security of citizens and will expose personal data - those of military personell included. The article defines the issue, summarizes its background and then discusses the implications of cyberwar for vendors and applicants digital identity management infrastructures where IdM is positioned as a critical infrastructure in society.
  • Textdokument
    Interactive graphical modeling of security artefacts for abstracted Industry 4.0 automation systems
    (INFORMATIK 2022, 2022) Tchuegoue Djeukoua,Louis Roger; Kreho,Edin; Belaidi,Siwar; Waedt,Karl
    The frontend and backend are found in all software and therefore also on all websites. These two terms describe two different layers that make up programs or pages. About two thirds of all companies have their own website, and most employees use computers.Globally, cyberattacks are becoming more prominent and spreading to multiple areas, and the move to Industry 4.0 requires increased security measures. Important security precautions must be taken from the development of industrial devices that use the Industrial Internet of Things, with IEC 62443, ISO/IEC 27001, and their integration into the architecture of existing information and automation systems must be secure. IEC 62443 focuses on the IT security of so-called industrial automation and control systems (IACS), which are necessary for the safe and reliable operation of automated factories or infrastructures. ] Since security breaches are inevitable, it is also important to implement detection and response mechanisms in industrial automation and control systems (IACS). Together, these measures will enable various organizations to achieve an appropriate level of resilience. This paper discusses the interactive graphical representation of large-scale industrial automation systems for the purpose of modeling and evaluating cybersecurity during all phases of the industrial equipment life cycle. In addition, it addresses the expressiveness and scalability of front-end graphical problems by assuming that a multi-user back-end server with a semi-formal representation of cybersecurity-related artifacts is available, at least in software prototype form.