Logo des Repositoriums

Auflistung nach Schlagwort "network security"

1 - 4 von 4
  • Konferenzbeitrag
    A new Attack Composition for Network Security
    (10. DFN-Forum Kommunikationstechnologien, 2017) Beer, Frank; Hofer, Tim; Karimi, David; Bühler, Ulrich
    As the current cyber threat landscape is becorning more depressing, sophisticated intru­sion detection systems must evolve to protect network infrastructures efficiently. Building such a detector is highly data-driven and requires quality datasets to evaluate different phases in both the development and deployment process. However, finding publicly available captures with a ground truth is challenging. Most existing datasets focus on very specific subjects such as botnet, flooding, or brute-force traffic rather than providing a broad arsenal of different attack vectors threatening today's networks. This work addresses this gap by introducing a new attack composition compris­ing a multitude of classic as well as state-of-the-art attacks. The dataset embrace rich and untreated packet traces including payload, collected log events, and a detailed ground truth. lntitial results re­veal the proposed captures complement existing traces and provide a sound base for various rnining applications in the field of network security research.
  • Konferenzbeitrag
    On a network forensics model for information security
    (Information systems technology and its applications, 3rd international conference ISTA'2004, 2004) Wei, Rei
    The employment of a patchwork of nonintegrated security products can only provide incomplete coverage, which cannot give the total panorama of the network misuse behavior. Network forensics is a new approach for the incident investigation and emergence response, which also enhance the network security from a different point of view. However, the current network forensics system is confused with the network monitor system or sniffer system. It always is misconstrued to an only network traffic capture system. In this paper, we for the first time discuss the concept model of network forensics system, which can give guidance for the implementation of network forensics system and the formalization of the network forensics procedure, which is a principle element of the recognition between the law enforcement participation. Particularly, some novel approaches for network forensics system are discussed for the first time, such as network forensics server, network forensics protocol and standardization, and so on.
  • Textdokument
    On the State of Post-Quantum Cryptography Migration
    (INFORMATIK 2021, 2021) Alnahawi,Nouri; Wiesmaier, Alexander; Grasmeyer, Tobias; Geißler, Julian; Zeier, Alexander; Bauspieß, Pia; Heinemann, Andreas
    Safeguarding current and future IT security from quantum computers implies more than the mere development of Post-Quantum Cryptography (PQC) algorithms. Much work in this respect is currently being conducted, making it hard to keep track of the many individual challenges and respective solutions so far identified. In consequence, it is difficult to judge, whether all (known) challenges have been sufficiently addressed, and whether suitable solutions have been provided. We present results of a literature survey and discuss discovered challenges and solutions categorized into different areas and utilize our findings to evaluate the state of readiness for a full scale PQC migration. We use our findings as starting point to initiate an open community project in the form of a website to keep track of the ongoing efforts and the state of the art in PQC research. Thereby, we offer a single entry-point for the community into the subject reflecting the current state in a timely manner.
  • Konferenzbeitrag
    A transparent Bridge for forensic sound network traffic data acquisition
    (Sicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit, 2010) Kiltz, Stefan; Hildebrandt, Mario; Altschaffel, Robert; Dittmann, Jana
    In this paper we introduce a prototype that is designed to produce forensic sound network data recordings using inexpensive hardand software, the Linux Forensic Transparent Bridge (LFTB). It supports the investigation of the network communication parameters and the investigation of the payload of network data. The basis for the LFTB is a self-developed model of the forensic process which also addresses forensically relevant data types and considerations for the design of forensic software using software engineering techniques. LFTB gathers forensic evidence to support cases such as malfunctioning hardand software and for investigating malicious activity. In the latter application the stealthy design of the proposed device is beneficial. Experiments as part of a first evaluation show its usability in a support case and a malicious activity scenario. Effects to latency and throughput were tested and limitations for packet recording analysed. A live monitoring scheme warning about potential packet loss endangering evidence has been implemented.