Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

2
Reset filters

Settings
Now showing 1 - 10 of 27
  • Publication
    Integrating security evaluations into virtual commissioning
    ( 2020)
    Giehl, Alexander
    ;
    Wiedermann, Norbert
    ;
    Tayebi Gholamzadeh, Makan
    ;
    Eckert, Claudia
    Virtual commissioning is an important part of modern plant and factory organization. Research in this area focuses on safety, reliability, liveness, and repeatability. Security evaluations are currently not considered in virtual commissioning research and applications. Vulnerabilities in controller software and in the implementation of industrial equipment are receiving increased attention from attackers and cyber criminals. This is due to the rapidly advancing interconnection in modern, digital factories. This increase of the possible attack surface needs to be addressed as a part of comprehensive risk analysis within the domain of Industrie 4.0.Virtual commissioning, as an established process, is well-suited to address this lack of security evaluation. In this work, we propose a conceptual architecture for a simulation testbed that can be integrated in the virtual commissioning toolchain and show how to model and evaluate industrial equipment.
  • Publication
    Improving mobile device security with operating system-level virtualization
    ( 2015)
    Wessel, Sascha
    ;
    Huber, Manuel
    ;
    Stumpf, Frederic
    ;
    Eckert, Claudia
    In this paper, we propose a lightweight mechanism to isolate one or more Android userland instances from a trustworthy and secure entity. This entity controls and manages the Android instances and provides an interface for remote administration and management of the device and its software. We provide an administrative solution for dynamically modifying, removing or adding multiple Android instances remotely and locally. Furthermore, we present a secure device provisioning and enrollment solution for our system. Our approach includes several security extensions for secure network access, integrity protection of data on storage devices, and secure access to the touchscreen of mobile devices. Our implementation requires only minimal modification to the software stack of a typical Android-based smartphone, which allows easy porting to other devices when compared to other virtualization techniques. Practical tests show the feasibility of our approach regarding runtime overhead and battery lifetime impact.
  • Publication
    User identity verification based on touchscreen interaction analysis in web contexts
    ( 2015)
    Velten, Michael
    ;
    Schneider, Peter
    ;
    Wessel, Sascha
    ;
    Eckert, Claudia
    The ever-increasing popularity of smartphones amplifies the risk of loss or theft, thus increasing the threat of attackers hijacking critical user accounts. In this paper, we present a framework to secure accounts by continuously verifying user identities based on user interaction behavior with smartphone touchscreens. This enables us to protect user accounts by disabling critical functionality and enforcing a reauthentication in case of suspicious behavior. We take advantage of standard mobile web browser capabilities to remotely capture and analyze touchscreen interactions. This approach is completely transparent for the user and works on everyday smartphones without requiring any special software or privileges on the user's device. We show how to successfully classify users even on the basis of limited and imprecise touch interaction data as is prevalent in web contexts. We evaluate the performance of our framework and show that the user identification accuracy is higher than 99% after collecting about a dozen touch interactions.
  • Publication
    Support Vector Machines under Adversarial Label Contamination
    ( 2015)
    Xiao, Huang
    ;
    Biggio, Battista
    ;
    Nelson, Blaine
    ;
    Xiao, Han
    ;
    Eckert, Claudia
    ;
    Roli, Fabio
    Machine learning algorithms are increasingly being applied in security-related tasks such as spam and malware detection, although their security properties against deliberate attacks have not yet been widely understood. Intelligent and adaptive attackers may indeed exploit specific vulnerabilities exposed by machine learning techniques to violate system security. Being robust to adversarial data manipulation is thus an important, additional requirement for machine learning algorithms to successfully operate in adversarial settings. In this work, we evaluate the security of Support Vector Machines (SVMs) to well-crafted, adversarial label noise attacks. In particular, we consider an attacker that aims to maximize the SVM\textquoterights classification error by flipping a number of labels in the training data. We formalize a corresponding optimal attack strategy, and solve it by means of heuristic approaches to keep the computational complexity tractable. We report an extensive experimental analysis on the effectiveness of the considered attacks against linear and non-linear SVMs, both on synthetic and real-world datasets. We finally argue that our approach can also provide useful insights for developing more secure SVM learning algorithms, and also novel techniques in a number of related research areas, such as semi-supervised and active learning.
  • Patent
    Verfahren zum Versehen eines mobilen Endgeräts mit einem Authentisierungszertifikat
    ( 2014)
    Stumpf, Frederic
    ;
    Eckert, Claudia
    ;
    Krauß, Christoph
    ;
    Paeschke, Manfred
    ;
    Dietrich, Frank
    The method (100) involves generating (102) the authentication certificate for authenticating a user by a mobile terminal. The authentication certificate is generated by an identity administrator in response to a first certificate and a second certificate. The first certificate is based on a secure information of a physical identity. The physical identity is assigned to the user by the identity administrator and uniquely identifies the user by a third party. Independent claims are included for the following: (1) a computer program product with instructions; and (2) a computer program for executing the method. USE: Method for providing a mobile terminal (Claimed) with an authentication certificate. ADVANTAGE: The method involves generating the authentication certificate for authenticating a user by a mobile terminal, and hence ensures reliable and improved mobile terminal providing method. The drawing shows a flowchart of a mobile terminal providing method. (Drawing includes non-English language text). 100 : Mobile terminal providing method 102 : Generating the authentication certificate for authenticating a user by a mobile terminal 104 : Storing the authentication certificate in the secure environment of the mobile terminal.
  • Publication
    Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data
    ( 2014)
    Vogl, Sebastian
    ;
    Gawlik, Robert
    ;
    Garmany, Behrad
    ;
    Kittel, Thomas
    ;
    Pfoh, Jonas
    ;
    Eckert, Claudia
    ;
    Holz, Thorsten
    Generally speaking, malicious code leverages hooks within a system to divert the control flow. Without them, an attacker is blind to the events occurring in the system, rendering her unable to perform malicious activities (e.g., hiding of files or capturing of keystrokes). However, while hooks are an integral part of modern attacks, they are at the same time one of their biggest weaknesses: Even the most sophisticated attack can be easily identified if one of its hooks is found. In spite of this fact, hooking mechanisms have remained almost unchanged over the last years and still rely on the persistent modification of code or control data to divert the control flow. As a consequence, hooks represent an abnormality within the system that is permanently evident and can in many cases easily be detected as the hook detection mechanisms of recent years amply demonstrated. In this paper, we propose a novel hooking concept that we refer to as dynamic hooking. Instead of modifying persistent control data permanently, this hooking mechanisms targets transient control data such as return addresses at run-time. The hook itself will thereby reside within non-control data and remains hidden until it is triggered. As a result, there is no evident connection between the hook and the actual control flow change, which enables dynamic hooks to successfully evade existing detection mechanisms. To realize this idea, dynamic hooks make use of exploitation techniques to trigger vulnerabilities at run-time. Due to this approach, dynamic hooks cannot only be used to arbitrarily modify the control flow, but can also be applied to conduct non-control data attacks, which makes them more powerful than their predecessors. We implemented a prototype that makes uses of static program slicing and symbolic execution to automatically extract paths for dynamic hooks that can then be used by a human expert for their realization. To demonstrate this, we used the output provided by our prototype to implement concrete examples of dynamic hooks for both modern Linux and Windows kernels.
  • Publication
    Persistent Data-only Malware: Function Hooks without Code
    ( 2014)
    Vogl, Sebastian
    ;
    Pfoh, Jonas
    ;
    Kittel, Thomas
    ;
    Eckert, Claudia
  • Publication
    SobTra - A software-based trust anchor for ARM cortex application processors
    ( 2014)
    Horsch, Julian
    ;
    Wessel, Sascha
    ;
    Stumpf, Frederic
    ;
    Eckert, Claudia
    In this paper, we present SobTrA, a Software-based Trust Anchor for ARM Cortex-A processors to protect systems against software-based attacks. SobTrA enables the implementation of a software-based secure boot controlled by a third party independent from the manufacturer. Compared to hardware-based trust anchors, our concept provides some other advantages like being updateable and also usable on legacy hardware. The presented software-based trust anchor involves a trusted third party device, the verifier, locally connected to the untrusted device, e.g., via the microSD card slot of a smartphone. The verifier is verifying the integrity of the untrusted device by making sure that a piece of code is executed untampered on it using a timing-based approach. This code can then act as an anchor for a chain of trust similar to a hardware-based secure boot. Tests on our prototype showed that tampered and untampered execution of SobTrA can be clearly and reliably distinguished.
  • Publication
    Leveraging In-Car Security by Combining Information Flow Monitoring Techniques
    ( 2013)
    Bouard, Alexandre
    ;
    Schweppe, Hendrik
    ;
    Weyl, Benjamin
    ;
    Eckert, Claudia