Auflistung nach Schlagwort "network security"
1 - 5 von 5
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragA new Attack Composition for Network Security(10. DFN-Forum Kommunikationstechnologien, 2017) Beer, Frank; Hofer, Tim; Karimi, David; Bühler, UlrichAs the current cyber threat landscape is becorning more depressing, sophisticated intrusion detection systems must evolve to protect network infrastructures efficiently. Building such a detector is highly data-driven and requires quality datasets to evaluate different phases in both the development and deployment process. However, finding publicly available captures with a ground truth is challenging. Most existing datasets focus on very specific subjects such as botnet, flooding, or brute-force traffic rather than providing a broad arsenal of different attack vectors threatening today's networks. This work addresses this gap by introducing a new attack composition comprising a multitude of classic as well as state-of-the-art attacks. The dataset embrace rich and untreated packet traces including payload, collected log events, and a detailed ground truth. lntitial results reveal the proposed captures complement existing traces and provide a sound base for various rnining applications in the field of network security research.
- ZeitschriftenartikelMachine learning and cyber security(it - Information Technology: Vol. 65, No. 4-5, 2023) Karius, Sebastian; Knöchel, Mandy; Heße, Sascha; Reiprich, TimCyber Security has gained a significant amount of perceived importance when talking about the risks and challenges that lie ahead in the field of information technology. A recent increase in high-profile incidents involving any form of cyber criminality have raised the awareness of threats that were formerly often hidden from public perception, e.g., with openly carried out attacks against critical infrastructure to accompany traditional forms of warfare, extending those to the cyberspace. Add to that very personal experience of everyday social engineering attacks, which are cast out like a fishing net on a large scale, e.g., to catch anyone not careful enough to double-check a suspicious email. But as the threat level rises and the attacks become even more sophisticated, so do the methods to mitigate (or at least recognize) them. Of central importance here are methods from the field of machine learning (ML). This article provides a comprehensive overview of applied ML methods in cyber security, illustrates the importance of ML for cyber security, and discusses issues and methods for generating good datasets for the training phase of ML methods used in cyber security. This includes own work on the topics of network traffic classification, the collection of real-world attacks using honeypot systems as well as the use of ML to generate artificial network traffic.
- KonferenzbeitragOn a network forensics model for information security(Information systems technology and its applications, 3rd international conference ISTA'2004, 2004) Wei, ReiThe employment of a patchwork of nonintegrated security products can only provide incomplete coverage, which cannot give the total panorama of the network misuse behavior. Network forensics is a new approach for the incident investigation and emergence response, which also enhance the network security from a different point of view. However, the current network forensics system is confused with the network monitor system or sniffer system. It always is misconstrued to an only network traffic capture system. In this paper, we for the first time discuss the concept model of network forensics system, which can give guidance for the implementation of network forensics system and the formalization of the network forensics procedure, which is a principle element of the recognition between the law enforcement participation. Particularly, some novel approaches for network forensics system are discussed for the first time, such as network forensics server, network forensics protocol and standardization, and so on.
- TextdokumentOn the State of Post-Quantum Cryptography Migration(INFORMATIK 2021, 2021) Alnahawi,Nouri; Wiesmaier, Alexander; Grasmeyer, Tobias; Geißler, Julian; Zeier, Alexander; Bauspieß, Pia; Heinemann, AndreasSafeguarding current and future IT security from quantum computers implies more than the mere development of Post-Quantum Cryptography (PQC) algorithms. Much work in this respect is currently being conducted, making it hard to keep track of the many individual challenges and respective solutions so far identified. In consequence, it is difficult to judge, whether all (known) challenges have been sufficiently addressed, and whether suitable solutions have been provided. We present results of a literature survey and discuss discovered challenges and solutions categorized into different areas and utilize our findings to evaluate the state of readiness for a full scale PQC migration. We use our findings as starting point to initiate an open community project in the form of a website to keep track of the ongoing efforts and the state of the art in PQC research. Thereby, we offer a single entry-point for the community into the subject reflecting the current state in a timely manner.
- KonferenzbeitragA transparent Bridge for forensic sound network traffic data acquisition(Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Kiltz, Stefan; Hildebrandt, Mario; Altschaffel, Robert; Dittmann, JanaIn this paper we introduce a prototype that is designed to produce forensic sound network data recordings using inexpensive hardand software, the Linux Forensic Transparent Bridge (LFTB). It supports the investigation of the network communication parameters and the investigation of the payload of network data. The basis for the LFTB is a self-developed model of the forensic process which also addresses forensically relevant data types and considerations for the design of forensic software using software engineering techniques. LFTB gathers forensic evidence to support cases such as malfunctioning hardand software and for investigating malicious activity. In the latter application the stealthy design of the proposed device is beneficial. Experiments as part of a first evaluation show its usability in a support case and a malicious activity scenario. Effects to latency and throughput were tested and limitations for packet recording analysed. A live monitoring scheme warning about potential packet loss endangering evidence has been implemented.