Now showing 1 - 10 of 426
  • Publication
    Double-Adversarial Activation Anomaly Detection
    Anomaly detection is a challenging task for machine learning methods due to the inherent class imbalance. It is costly and time-demanding to manually analyse the observed data, thus usually only few known anomalies if any are available. Inspired by generative models and the analysis of the hidden activations of neural networks, we introduce a novel unsupervised anomaly detection method called DA3D. Here, we use adversarial autoencoders to generate anomalous counterexamples based on the normal data only. These artificial anomalies used during training allow the detection of real, yet unseen anomalies. With our novel generative approach, we transform the unsupervised task of anomaly detection to a supervised one, which is more tractable by machine learning and especially deep learning methods. DA3D surpasses the performance of state-of-the-art anomaly detection methods in a purely data-driven way, where no domain knowledge is required.
  • Publication
    Anomaly Detection by Recombining Gated Unsupervised Experts
    Anomaly detection has been considered under several extents of prior knowledge. Unsupervised methods do not require any labelled data, whereas semi-supervised methods leverage some known anomalies. Inspired by mixture-of-experts models and the analysis of the hidden activations of neural networks, we introduce a novel data-driven anomaly detection method called ARGUE. Our method is not only applicable to unsupervised and semi-supervised environments, but also profits from prior knowledge of self-supervised settings. We designed ARGUE as a combination of dedicated expert networks, which specialise on parts of the input data. For its final decision, ARGUE fuses the distributed knowledge across the expert systems using a gated mixture-of-experts architecture. Our evaluation motivates that prior knowledge about the normal data distribution may be as valuable as known anomalies.
  • Publication
    A Continuous Risk Assessment Methodology for Cloud Infrastructures
    ( 2022)
    Kunz, Immanuel
    ;
    Schneider, Angelika
    ;
    Cloud systems are dynamic environments which make it difficult to keep track of security risks that resources are exposed to. Traditionally, risk assessment is conducted for individual assets to evaluate existing threats-their results, however, are quickly outdated in such a dynamic environment. In this paper, we propose an adaptation of the traditional risk assessment methodology for cloud infrastructures which loosely couples manual, in-depth analyses with continuous, automatic application of their results. These two parts are linked by a novel threat profile definition that allows to reusably describe configuration weaknesses based on properties that are common across assets and cloud providers. This way, threats can be identified automatically for all resources that exhibit the same properties, including new and modified ones. We also present a prototype implementation which automatically evaluates an infrastructure as code template of a cloud system against a set of threat profiles, and we evaluate its performance. Our methodology not only enables organizations to reuse their threat analysis results, but also to collaborate on their development, e.g. with the public community. To that end, we propose an initial open-source repository of threat profiles.
  • Publication
    Hardware Accelerated FrodoKEM on RISC-V
    ( 2022)
    Karl, P.
    ;
    Fritzmann, T.
    ;
    FrodoKEM is an alternative finalist in the currently running standardization process for post-quantum secure cryptography, initiated by the National Institute of Standards and Technology (NIST). It is based on the well studied plain Learning With Errors (LWE) problem, leading to a high confidence in security. Its conservative design approach, however, makes it less performant when compared to other lattice-based candidates. In this work, we assemble a RISC-V based HW/SW codesign of FrodoKEM to speed up its computation. Our design supports all three parameter sets of the NIST submission. Compared to plain SW implementations on RISC-V, our accelerated design achieves speedup factors of up to 8.13.
  • Publication
    Application-Oriented Selection of Privacy Enhancing Technologies
    ( 2022)
    Kunz, Immanuel
    ;
    Binder, Andreas Maria
    To create privacy-friendly software designs, architects need comprehensive knowledge of privacy-enhancing technologies (PETs) and their properties. Existing works that systemize PETs, however, are outdated or focus on comparison criteria rather than providing guidance for their practical selection. In this short paper we present an enhanced classification of PETs that is more application-oriented than previous proposals. It integrates existing criteria like the privacy protection goal, and also considers practical criteria like the functional context, a technology’s maturity, and its impact on various non-functional requirements.
  • Publication
    Quanten-IKT
    Die Begriffe Quantencomputing und Quantenkommunikation treten mittlerweile immer häufiger in den Medien auf und wecken große Erwartungen. Ihren Ursprung hat diese auf quantenphysikalischen Eigenschaften basierende Form von Informations- und Kommunikationstechnologie in den 1980er Jahren. Tatsächlich hat sich seitdem einiges getan und die Quanten-IKT nähert sich zunehmend einer möglichen Praxistauglichkeit an. Allerdings existieren auch noch erhebliche Hürden und Unsicherheiten. Neben technischen Herausforderungen und Ungewissheiten ist insbesondere die zukünftige Rolle Deutschlands und Europas bei der Gestaltung dieser Technologie noch offen. In diesem White Paper beschreiben wir Einsatzgebiete von Quanten-IKT und geben Handlungsempfehlungen, wie Wettbewerbsfähigkeit und digitale Souveränität Deutschlands und Europas im Zeitalter praxisreifer Quanten-IKT gewährleistet werden kann.
  • Publication
    Sovereignly Donating Medical Data as a Patient: A Technical Approach
    Data is the new asset of the 21st century, and many new business models are based on data. However, data is also needed in the medical research domain, such as in the procedure of applying new machine learning methods for gaining new medical findings. Furthermore, the hurdle arises that medical data comprises personal data, and thus, it requires particular care and protection. Hence, patients must consent to the data donation process for general medical research but without selecting specific research projects. We argue that patients must gain more influence in the data donation process to cover this lack of data sovereignty. Therefore, we developed a concept and implementation empowering patients to make sovereign decisions about donating their medical data to specific medical research projects. Our work comprises concepts of the Medical Informatics Initiative, International Data Spaces, and MY DATA Control Technologies with new specific elements combining these components. This approach of patient empowerment enables a new kind of data sovereignty in the medical research domain.
  • Publication
    Breaking Black Box Crypto-Devices Using Laser Fault Injection
    Laser fault injection attacks on hardware implementations are challenging, due to the inherently large parameter space of the fault injection and the unknown underlying implementation of the attacked device. In this work we report details from an exemplary laser fault attack on the AES-based authentication chip Microchip ATAES 132A, which lead to full secret key extraction. In addition we were able to reveal some details of the underlying implementation. This chip claims to feature various countermeasures and tamper detection mechanisms and is therefore a representative candidate for devices to be found in many different applications. On this basis we describe a systematic approach for Laser fault attacks on devices in a black-box scenario. This includes the determination of all relevant attack parameters such as fault locations, timings, and energy settings.
  • Publication
    Counteract Side-Channel Analysis of Neural Networks by Shuffling
    ( 2022)
    Brosch, M.
    ;
    Probst, M.
    ;
    Machine learning is becoming an essential part in almost every electronic device. Implementations of neural networks are mostly targeted towards computational performance or memory footprint. Nevertheless, security is also an important part in order to keep the network secret and protect the intellectual property associated to the network. Especially, since neural network implementations are demonstrated to be vulnerable to side-channel analysis, powerful and computational cheap countermeasures are in demand. In this work, we apply a shuffling countermeasure to a microcontroller implementation of a neural network to prevent side-channel analysis. The countermeasure is effective while the computational overhead is low. We investigate the extensions necessary for our countermeasure, and how shuffling increases the effort for an attack in theory. In addition, we demonstrate the increase in effort for an attacker through experiments on real side-channel measurements. Based on the mechanism of shuffling and our experimental results, we conclude that an attack on a commonly used neural network with shuffling is no longer feasible in a reasonable amount of time.
  • Publication
    A TOCTOU Attack on DICE Attestation
    ( 2022)
    Hristozov, Stefan
    ;
    Wettermann, Moritz
    ;
    Huber, M.
    A major security challenge for modern IoT deployments is to ensure that the devices run legitimate firmware free from malware. This challenge can be addressed through a security primitive called attestation which allows a remote backend to verify the firmware integrity of the devices it manages. In order to accelerate broad attestation adoption in the IoT domain the Trusted Computing Group (TCG) has introduced the Device Identifier Composition Engine (DICE) series of specifications. DICE is a hardware-software architecture for constrained, e.g., microcontroller-based IoT devices where the firmware is divided into successively executed layers. In this paper, we demonstrate a remote Time-Of-Check Time-Of-Use (TOCTOU) attack on DICE-based attestation. We demonstrate that it is possible to install persistent malware in the flash memory of a constrained microcontroller that cannot be detected through DICE-based attestation. The main idea of our attack is to install malware during runtime of application logic in the top firmware layer. The malware reads the valid attestation key and stores it on the device's flash memory. After reboot, the malware uses the previously stored key for all subsequent attestations to the backend. We conduct the installation of malware and copying of the key through Return-Oriented Programming (ROP). As a platform for our demonstration, we use the Cortex-M-based nRF52840 microcontroller. We provide a discussion of several possible countermeasures which can mitigate the shortcomings of the DICE specifications.