EICC

Smartphones apps aid humans in plenty of situations. There exists an app for everything. However, without the user’s awareness, some apps contain vulnerabilities or leak private data. Static and dynamic app analysis are ways to find these software ...

Air-gapped networks are disconnected from the Internet due to the sensitive data they store and process. These networks are usually maintained by military organizations, defense industries, critical infrastructures, and more. Malware that is capable of ...

Insiders pose severe threats to the supply chain, the security of infrastructures, and the safety of products and services. "Operation Digital Ant" is a tabletop game that explores insider threats in the food supply chain. Three to four teams compete ...

The COVID-19 pandemic forced a number of companies to place their staff into home office. In terms of security awareness measures, this means that content or training can only be played out remotely. Within this work, we report about a security ...

This paper presents an interdisciplinary approach to improve impact factors on Information Security Behavior (ISB) considering various aspects from human behavior research. According to the Fogg Behavior Model (FBM) human behavior is a product of three ...

Denial of Service (DoS) attacks pose a growing threat to network services. Client puzzles have been proposed to mitigate DoS attacks by requiring a client to prove legitimate intentions. Since its introduction, there have been several constructions of ...

The Controller Area Network standard represents one of the most commonly used communication protocol present in today’s vehicles. While it’s main properties facilitate the communication between different control units, several protocol design ...

The introduction of Information and Communications Technology (ICT) into conventional power grids has resulted in a digitalized smart grid, enabling a more efficient and robust operation. However, it can also lead to increased risk and new threats due ...

The number of Internet of Things (IoT) devices is increasing since they can solve many problems, such as those found in healthcare or power grid. Since they are susceptible to be attacked, solutions must be explored to make them more trustworthy and, ...

Retransmission steganography (RSTEG) is one of the state-of-the-art network steganography techniques which can be used for various network protocols that make use of a retransmission mechanism. Essentially, RSTEG works by intentionally not ...

The Internet of Things (IoT) and the Industrial Internet of Things (IIoT) are fast growing areas. Therefore, several protocols are specifically designed for these domains. CoAP (Constrained Application Protocol) is one of the more common ones. This ...

We present a method to establish a network storage covert channel in a fountain code, which is used to provide reliable communication over lossy network with low overhead and without acknowledgment. As also parts of the secret message get lost when a ...

Information hiding techniques are becoming a major threat in network communication. This paper describes how to modify an intrusion detection system (IDS) to detect certain types of steganography. As a sample IDS we use open-source Zeek software. We ...

The protection of industrial control systems (ICS) is crucial for a robust provision of essential services for the modern society. Stealthy and steganographic attacks are a considerable threat against the reliability and security of such ICS. Several ...

Cryptographic primitives with internal state and bijective state-transition function can be improved by modifying a small number of transitions, achieving larger periodicity without increase of state space. We show how to tweak such a permutation best ...

For almost every online account, people are required to create a password to protect their information online. Since many people have many accounts, they tend to create insecure passwords and re-use passwords. These insecure passwords are often easy to ...

Today's vehicles are typically equipped with dozens of electronic control units that control one or more of the electrical systems or subsystems. Due to the rapid development towards autonomous driving, vehicle functionalities strongly depend on the ...

Attacks on industrial control systems (ICS) have been intensively studied during the last decade. Malicious alternations of ICS can appear in several different ways, e.g. in changed network traffic patterns or in modified data stored on ICS components. ...