TY - THES AB - Wettstreit zwischen der Entwicklung neuer Hardwaretrojaner und entsprechender Gegenmaßnahmen beschreiten Widersacher immer raffiniertere Wege um Schaltungsentwürfe zu infizieren und dabei selbst fortgeschrittene Test- und Verifikationsmethoden zu überlisten. Abgesehen von den konventionellen Methoden um einen Trojaner in eine Schaltung für ein Field-programmable Gate Array (FPGA) einzuschleusen, können auch die Entwurfswerkzeuge heimlich kompromittiert werden um einen Angreifer dabei zu unterstützen einen erfolgreichen Angriff durchzuführen, der zum Beispiel Fehlfunktionen oder ungewollte Informationsabflüsse bewirken kann. Diese Dissertation beschäftigt sich hauptsächlich mit den beiden Blickwinkeln auf Hardwaretrojaner in rekonfigurierbaren Systemen, einerseits der Perspektive des Verteidigers mit einer Methode zur Erkennung von Trojanern auf der Bitstromebene, und andererseits derjenigen des Angreifers mit einer neuartigen Angriffsmethode für FPGA Trojaner. Für die Verteidigung gegen den Trojaner ``Heimtückische LUT'' stellen wir die allererste erfolgreiche Gegenmaßnahme vor, die durch Verifikation mittels Proof-carrying Hardware (PCH) auf der Bitstromebene direkt vor der Konfiguration der Hardware angewendet werden kann, und präsentieren ein vollständiges Schema für den Entwurf und die Verifikation von Schaltungen für iCE40 FPGAs. Für die Gegenseite führen wir einen neuen Angriff ein, welcher bösartiges Routing im eingefügten Trojaner ausnutzt um selbst im fertigen Bitstrom in einem inaktiven Zustand zu verbleiben: Hierdurch kann dieser neuartige Angriff zur Zeit weder von herkömmlichen Test- und Verifikationsmethoden, noch von unserer vorher vorgestellten Verifikation auf der Bitstromebene entdeckt werden. AU - Ahmed, Qazi Arbab ID - 29769 KW - FPGA Security KW - Hardware Trojans KW - Bitstream-level Trojans KW - Bitstream Verification TI - Hardware Trojans in Reconfigurable Computing ER - TY - CONF AU - Eyilmez, Kaan AU - Basyurt, Ali Sercan AU - Stieglitz, Stefan AU - Fuchss, Christoph AU - Kaufhold, Marc-André AU - Reuter, Christian AU - Mirbabaie, Milad ID - 37157 KW - Student KW - Security KW - Projekt-CYWARN T2 - Australasian Conference on Information Systems (ACIS) TI - A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication ER - TY - CHAP AB - Verifiable random functions (VRFs) are essentially digital signatures with additional properties, namely verifiable uniqueness and pseudorandomness, which make VRFs a useful tool, e.g., to prevent enumeration in DNSSEC Authenticated Denial of Existence and the CONIKS key management system, or in the random committee selection of the Algorand blockchain. Most standard-model VRFs rely on admissible hash functions (AHFs) to achieve security against adaptive attacks in the standard model. Known AHF constructions are based on error-correcting codes, which yield asymptotically efficient constructions. However, previous works do not clarify how the code should be instantiated concretely in the real world. The rate and the minimal distance of the selected code have significant impact on the efficiency of the resulting cryptosystem, therefore it is unclear if and how the aforementioned constructions can be used in practice. First, we explain inherent limitations of code-based AHFs. Concretely, we assume that even if we were given codes that achieve the well-known Gilbert-Varshamov or McEliece-Rodemich-Rumsey-Welch bounds, existing AHF-based constructions of verifiable random functions (VRFs) can only be instantiated quite inefficiently. Then we introduce and construct computational AHFs (cAHFs). While classical AHFs are information-theoretic, and therefore work even in presence of computationally unbounded adversaries, cAHFs provide only security against computationally bounded adversaries. However, we show that cAHFs can be instantiated significantly more efficiently. Finally, we use our cAHF to construct the currently most efficient verifiable random function with full adaptive security in the standard model. AU - Jager, Tibor AU - Niehues, David ID - 21396 KW - Admissible hash functions KW - Verifiable random functions KW - Error-correcting codes KW - Provable security SN - 0302-9743 T2 - Lecture Notes in Computer Science TI - On the Real-World Instantiability of Admissible Hash Functions and Efficient Verifiable Random Functions ER - TY - JOUR AB - Timing plays a crucial role in the context of information security investments. We regard timing in two dimensions, namely the time of announcement in relation to the time of investment and the time of announcement in relation to the time of a fundamental security incident. The financial value of information security investments is assessed by examining the relationship between the investment announcements and their stock market reaction focusing on the two time dimensions. Using an event study methodology, we found that both dimensions influence the stock market return of the investing organization. Our results indicate that (1) after fundamental security incidents in a given industry, the stock price will react more positively to a firm’s announcement of actual information security investments than to announcements of the intention to invest; (2) the stock price will react more positively to a firm’s announcements of the intention to invest after the fundamental security incident compared to before; and (3) the stock price will react more positively to a firm’s announcements of actual information security investments after the fundamental security incident compared to before. Overall, the lowest abnormal return can be expected when the intention to invest is announced before a fundamental information security incident and the highest return when actual investing after a fundamental information security incident in the respective industry. AU - Szubartowicz, Eva AU - Schryen, Guido ID - 16249 IS - 1 JF - Journal of Information System Security KW - Event Study KW - Information Security KW - Investment Announcements KW - Stock Price Reaction KW - Value of Information Security Investments TI - Timing in Information Security: An Event Study on the Impact of Information Security Investment Announcements VL - 16 ER - TY - CONF AB - Resolving distributed attacks benefits from collaboration between networks. We present three approaches for the same multi-domain defensive action that can be applied in such an alliance: 1) Counteract Everywhere, 2) Minimize Countermeasures, and 3) Minimize Propagation. First, we provide a formula to compute efficiency of a defense; then we use this formula to compute the efficiency of the approaches under various circumstances. Finally, we discuss how task execution order and timing influence defense efficiency. Our results show that the Minimize Propagation approach is the most efficient method when defending against the chosen attack. AU - Koning, Ralph AU - Polevoy, Gleb AU - Meijer, Lydia AU - de Laat, Cees AU - Grosso, Paola ID - 17667 KW - computer network security KW - multinetwork environments KW - multidomain defensive action KW - task execution order KW - timing influence defense efficiency KW - distributed attacks KW - collaborative security defence approach KW - minimize propagation approach KW - minimize countermeasure approach KW - counteract everywhere approach KW - Conferences KW - Cloud computing KW - Computer crime KW - Edge computing KW - Security KW - Defense Approaches KW - Multi-Domain Defense KW - Collaborative Defense KW - Defense Algorithms KW - Computer Networks SN - null T2 - 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom) TI - Approaches for Collaborative Security Defences in Multi Network Environments ER - TY - JOUR AB - Software Defined Networks (SDN) and Network Function Virtualisation (NFV) provide the basis for autonomous response and mitigation against attacks on networked computer infrastructures. We propose a new framework that uses SDNs and NFV to achieve this goal: Secure Autonomous Response Network (SARNET). In a SARNET, an agent running a control loop constantly assesses the security state of the network by means of observables. The agent reacts to and resolves security problems, while learning from its previous decisions. Two main metrics govern the decision process in a SARNET: impact and efficiency; these metrics can be used to compare and evaluate countermeasures and are the building blocks for self-learning SARNETs that exhibit autonomous response. In this paper we present the software implementation of the SARNET framework, evaluate it in a real-life network and discuss the tradeoffs between parameters used by the SARNET agent and the efficiency of its actions. AU - Koning, R. AU - de Graaff, B. AU - Polevoy, Gleb AU - Meijer, R. AU - de Laat, C. AU - Grosso, P. ID - 17666 JF - Future Generation Computer Systems KW - Software defined networks KW - Network function virtualization KW - Cyber attacks KW - Cyber security KW - Defense efficiency KW - Overlay networks SN - 0167-739X TI - Measuring the efficiency of SDN mitigations against attacks on computer infrastructures ER - TY - JOUR AB - The need to protect resources against attackers is reflected by huge information security investments of firms worldwide. In the presence of budget constraints and a diverse set of assets to protect, organizations have to decide in which IT security measures to invest, how to evaluate those investment decisions, and how to learn from past decisions to optimize future security investment actions. While the academic literature has provided valuable insights into these issues, there is a lack of empirical contributions. To address this lack, we conduct a theory-based exploratory multiple case study. Our case study reveals that (1) firms? investments in information security are largely driven by external environmental and industry-related factors, (2) firms do not implement standardized decision processes, (3) the security process is perceived to impact the business process in a disturbing way, (4) both the implementation of evaluation processes and the application of metrics are hardly existent and (5) learning activities mainly occur at an ad-hoc basis. AU - Weishäupl, Eva AU - Yasasin, Emrah AU - Schryen, Guido ID - 5586 JF - Computers & Security KW - Information Security Investments KW - Multiple Case Study KW - Organizations KW - Single Loop Learning KW - Double Loop Learning TI - Information Security Investments: An Exploratory Multiple Case Study on Decision-Making, Evaluation and Learning VL - 77 ER - TY - CONF AU - Holzinger, Philipp AU - Triller, Stefan AU - Bartel, Alexandre AU - Bodden, Eric ID - 20719 KW - ATTRACT KW - access control KW - exploits KW - java security KW - security analysis KW - ITSECWEBSITE SN - 978-1-4503-4139-4 T2 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security TI - An In-Depth Study of More Than Ten Years of Java Exploitation ER - TY - CONF AB - The protection of information technology (IT) has become and is predicted to remain a key economic challenge for organizations. While research on IT security investment is fast growing, it lacks a theoretical basis for structuring research, explaining economic-technological phenomena and guide future research. We address this shortcoming by suggesting a new theoretical model emerging from a multi-theoretical perspective adopt-ing the Resource-Based View and the Organizational Learning Theory. The joint appli-cation of these theories allows to conceptualize in one theoretical model the organiza-tional learning effects that occur when the protection of organizational resources through IT security countermeasures develops over time. We use this model of IT security invest-ments to synthesize findings of a large body of literature and to derive research gaps. We also discuss managerial implications of (closing) these gaps by providing practical ex-amples. AU - Weishäupl, Eva AU - Yasasin, Emrah AU - Schryen, Guido ID - 5588 KW - Information Security KW - Investment KW - Literature review KW - Resource-based View KW - Organi-zational Learning Theory KW - Multi-theoretical Perspective T2 - International Conference on Information Systems TI - A Multi-Theoretical Literature Review on Information Security Investments using the Resource-Based View and the Organizational Learning Theory ER - TY - CONF AB - Nowadays, providing employees with failure-free access to various systems, applications and services is a crucial factor for organizations? success as disturbances potentially inhibit smooth workflows and thereby harm productivity. However, it is a challenging task to assign access rights to employees? accounts within a satisfying time frame. In addition, the management of multiple accounts and identities can be very onerous and time consuming for the responsible administrator and therefore expensive for the organization. In order to meet these challenges, firms decide to invest in introducing an Identity and Access Management System (IAMS) that supports the organization by using policies to assign permissions to accounts, groups, and roles. In practice, since various versions of IAMSs exist, it is a challenging task to decide upon introduction of an IAMS. The following study proposes a first attempt of a decision support model for practitioners which considers four alternatives: Introduction of an IAMS with Role-based Access Control RBAC) or without and no introduction of IAMS again with or without RBAC. To underpin the practical applicability of the proposed model, we parametrize and operationalize it based on a real world use case using input from an expert interview. AU - Weishäupl, Eva AU - Kunz, Michael AU - Yasasin, Emrah AU - Wagner, Gerit AU - Prester, Julian AU - Schryen, Guido AU - Pernul, Günther ID - 5590 KW - Identity and Access Management KW - Economic Decision Making KW - Information Systems KW - Information Security Investment KW - Decision Theory T2 - 2nd International Workshop on Security in highly connected IT Systems (SHCIS?15) TI - Towards an Economic Approach to Identity and Access Management Systems Using Decision Theory ER - TY - JOUR AB - Remote voting through the Internet provides convenience and access to the electorate. At the same time, the security concerns facing any distributed application are magnified when the task is so crucial to democratic society. In addition, some of the electoral process loses transparency when it is encapsulated in information technology. In this paper, we examine the public record of three recent elections that used Internet voting. Our specific goal is to identify any potential flaws that security experts would recognize, but may have not been identified in the rush to implement technology. To do this, we present a multiple exploratory case study, looking at elections conducted between 2006 and 2007 in Estonia, Netherlands, and Switzerland. These elections were selected as particularly interesting and accessible, and each presents its own technical and security challenges. The electoral environment, technical design and process for each election are described, including reconstruction of details which are implied but not specified within the source material. We found that all three elections warrant significant concern about voter security, verifiability, and transparency. Usability, our fourth area of focus, seems to have been well-addressed in these elections. While our analysis is based on public documents and previously published reports, and therefore lacking access to any confidential materials held by electoral officials, this comparative analysis provides interesting insight and consistent questions across all these cases. Effective review of Internet voting requires an aggressive stance towards identifying potential security and operational flaws, and we encourage the use of third party reviews with critical technology skills during design, programming, and voting to reduce the changes of failure or fraud that would undermine public confidence. AU - Schryen, Guido AU - Rich, Eliot ID - 5621 IS - 4 Part JF - IEEE Transactions on Information Forensics \& Security KW - e-voting KW - Internet voting KW - Internet election KW - security KW - verifiability KW - RIES KW - Estonia KW - Neuch{\^a}tel TI - Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland VL - 4 ER - TY - CONF AB - The increasing availability and deployment of open source software in personal and commercial environments makes open source software highly appealing for hackers, and others who are interested in exploiting software vulnerabilities. This deployment has resulted in a debate ?full of religion? on the security of open source software compared to that of closed source software. However, beyond such arguments, only little quantitative analysis on this research issue has taken place. We discuss the state-of-the-art of the security debate and identify shortcomings. Based on these, we propose new metrics, which allows to answer the question to what extent the review process of open source and closed source development has helped to fix vulnerabilities. We illustrate the application of some of these metrics in a case study on OpenOffice (open source software) vs. Microsoft Office (closed source software). AU - Schryen, Guido AU - Kadura, Rouven ID - 5625 KW - Open source software KW - Closed source software KW - Security KW - Metrics T2 - 24th Annual ACM Symposium on Applied Computing TI - Open Source vs. Closed Source Software: Towards Measuring Security ER - TY - CONF AB - Reviewing literature on open source and closed source security reveals that the discussion is often determined by biased attitudes toward one of these development styles. The discussion specifically lacks appropriate metrics, methodology and hard data. This paper contributes to solving this problem by analyzing and comparing published vulnerabilities of eight open source software and nine closed source software packages, all of which are widely deployed. Thereby, it provides an extensive empirical analysis of vulnerabilities in terms of mean time between vulnerability disclosures, the development of disclosure over time, and the severity of vulnerabilities, and allows for validating models provided in the literature. The investigation reveals that (a) the mean time between vulnerability disclosures was lower for open source software in half of the cases, while the other cases show no differences, (b) in contrast to literature assumption, 14 out of 17 software packages showed a significant linear or piecewise linear correlation between time and the number of published vulnerabilities, and (c) regarding the severity of vulnerabilities, no significant differences were found between open source and closed source. AU - Schryen, Guido ID - 5647 KW - Vulnerabilities KW - security KW - open source software KW - closed source software KW - empirical comparison T2 - 15th Americas Conference on Information Systems TI - Security of open source and closed source software: An empirical comparison of published vulnerabilities ER - TY - CONF AB - The Estonian parliamentary election in 2007 is regarded as a success story of large-scale Internet elections. I use this election in a single case study on practical security to show that low quality of security and its management does not necessarily prevent large-scale Internet elections from being conducted. I also provide research propositions with regard to future challenges for large-scale Internet elections. AU - Schryen, Guido ID - 5649 KW - Internet voting KW - large-scale election KW - Estonian parliamen- tary election KW - security KW - security management T2 - 7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business) TI - Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia ER - TY - JOUR AB - Email communication is encumbered with a mass of email messages which their recipients have neither requested nor require. Even worse, the impacts of these messages are far from being simply an annoyance, as they also involve economic damage. This manuscript examines the resource ?email addresses?, which is vital for any potential bulk mailer and spammer. Both a methodology and a honeypot conceptualization for implementing an empirical analysis of the usage of email addresses placed on the Internet are proposed here. Their objective is to assess, on a quantitative basis, the extent of the current harassment and its development over time. This ?framework? is intended to be extensible to measuring the effectiveness of address-obscuring techniques. The implementation of a pilot honeypot is described, which led to key findings, some of them being: (1) Web placements attract more than two-thirds (70\%) of all honeypot spam emails, followed by newsgroup placements (28.6\%) and newsletter subscriptions (1.4\%), (2) the proportions of spam relating to the email addresses? top-level domain can be statistically assumed to be uniformly distributed, (3) More than 43\% of addresses on the web have been abused, whereas about 27\% was the case for addresses on newsgroups and only about 4\% was the case for addresses used for a newsletter subscription, (4) Regarding the development of email addresses? attractiveness for spammers over time, the service ?web sites? features a negative linear relationship, whereas the service ?Usenet? hows a negative exponential relationship. (5) Only 1.54\% of the spam emails showed an interrelation between the topic of the spam email and that of the location where the recipient?s address was placed, so that spammers are assumed to send their emails in a ?context insensitive? manner. The results of the empirical analysis motivate the need for the protection of email addresses through obscuration. We analyze this need by formulating requirements for address obscuring techniques and we reveal to which extent today?s most relevant approaches fulfill these requirements. AU - Schryen, Guido ID - 5658 IS - 5 JF - Computers & Security KW - Address-obfuscating techniques KW - email KW - empirical analysis KW - honeypot KW - security by design KW - security by obscurity KW - spam TI - The Impact that Placing Email Addresses on the Internet has on the Receipt of Spam ? An Empirical Analysis VL - 2 ER - TY - CONF AB - Currently, middleware for smart home networks with embedded and mobile devices are in the focus of several investigations. In this paper, we propose a middleware for secure management of device and user profiles by integrating a profile database with a generic authentication scheme for an X.509 enabled ticket management in the context of the OSGi framework. After the introduction of the individual system components and their interaction, we also discuss potential system attacks. AU - Ziegler, Max AU - Müller, Wolfgang AU - Schäfer, Robbie AU - Loeser, Chris ID - 39050 KW - Intelligent networks KW - Smart homes KW - Middleware KW - Project management KW - Data security KW - Ubiquitous computing KW - Context-aware services KW - Computer architecture KW - Home automation KW - Environmental management SN - 0-7695-2424-9 T2 - Proceedings of the 1st International Workshop on Secure and Ubiquitous Networks (SUN-2005) TI - Secure Profile Management in Smart Home Networks ER - TY - CHAP AB - Voting via the Internet is part of electronic government and electronic democracy. However, there are many obstacles which have to be overcome, especially legal restrictions have to be transformed into technical and security solutions. In the first part the article discusses advantages and disadvantages of Internet elections, shows different application fields, and presents important international pilot schemes (political and business ones). in the second part, due to democratic basic principles, technological security aspects are worked out. AU - Schryen, Guido ID - 5667 KW - Internet Voting KW - Online polls KW - E-Democracy KW - Security T2 - Proceedings of the IADIS International Conference WWW Internet 2003. vol. 2 TI - E-Democracy: Internet Voting ER -