1 - 10 of 10
-
PublicationGAIA-X and IDS(International Data Spaces Association, 2021)
-
-
-
PublicationIDS Reference Architecture Model. Industrial Data Space. Version 2.0(International Data Spaces Association, 2018)
-
PublicationBlockchain and smart contracts(Fraunhofer-Gesellschaft, 2018)This position paper analyzes blockchain technology from the scientific and application-oriented perspective of the Fraunhofer-Gesellschaft. It examines relevant technical aspects and related research questions. It shows that technology still has fundamental research and development challenges in all areas. These include, for example, the modularization of individual blockchain concepts as well as their combination and integration for application-specific blockchain solutions.
-
PublicationBlockchain und Smart Contracts(Fraunhofer-Gesellschaft, 2017)Dieses Positionspapier analysiert die Blockchain-Technologie aus wissenschaftlicher und anwendungsorientierter Sicht der Fraunhofer-Gesellschaft. Es untersucht relevante Technikaspekte und damit verbundene Forschungsfragen. Dabei zeigt sich, dass die Technik in allen Bereichen noch grundlegende Forschungs- und Entwicklungs-Herausforderungen aufweist. Diese liegen beispielsweise in der Modularisierung einzelner Blockchain-Konzepte sowie deren Kombination und Integration für anwendungsspezifische Blockchain-Lösungen.
-
PublicationReference Architecture Model for the Industrial Data Space(Fraunhofer-Gesellschaft, 2017)
-
PublicationStrategie- und Positionspapier Cyber-Sicherheit 2020: Herausforderungen für die IT-Sicherheitsforschung( 2014)Datensicherheit ist in aller Munde - das Bewusstsein um die Relevanz dieser Thematik und die damit verbundene Erwartungshaltung sind groß. Fraunhofer-Experten haben ihre Empfehlungen für eine starke IT-Nation Deutschland in einem Positionspapier zusammengefasst. Prof. Dr. Reimund Neugebauer, Präsident der Fraunhofer-Gesellschaft, überreichte es auf der CeBIT an Prof. Dr. Johanna Wanka, Bundesministerin für Bildung und Forschung, und Dr. Thomas de Maizière, Bundesminister des Innern.
-
PublicationOn the effectiveness of malware protection on Android( 2013)Android is currently the most popular smartphone operating system. However, users feel their private information at threat, facing a rapidly increasing number of malware for Android which significantly exceeds that of other platforms. Antivirus software promises to effectively protect against malware on mobile devices and many products are available for free or at reasonable prices. Their effectiveness is supported by various reports, attesting very high detection rates. However, a more detailed investigation is required in order to understand the real risk level arising from malware for the Android platform. Neither do the exceedingly high numbers of different malware variants reflect the real threat in comparison to other platforms, nor do the results of testing antivirus software against a set of already known malware samples (retrospective tests) provide a clear picture of the capabilities and limitations of antivirus software on the Android platform. The primary objective of this report is thus to help corporate and private users to assess the real risk level imposed by Android malware on the one hand, and the protection level offered by antivirus software on the other hand. For this purpose, we discuss how malware spreads and which limitations antivirus apps are subject to. We then evaluate how well Android antivirus software performs under realworld conditions, as opposed to retrospective detection rate tests. Based on our findings, we give recommendations for private and corporate users and sketch possible future solutions to overcome some of the current issues of antivirus software. For this report, we conducted various tests on several antivirus apps for Android. As we aim to reflect realworld threats better than retrospective tests, in which antivirus software is tested for recognizing known malware samples, our test setup considers the ability to cope with typical malware distribution channels, infection routines, and privilege escalation techniques. We found that it is easy for malware to evade detection by most antivirus apps with only trivial alterations to their package files.In order to test different malware detection techniques, we also used a newly developed proof of concept malware. This proof of concept malware demonstrates advanced functionality which is not present in most of today's Android malware, and is intended to determine how Android antivirus software will deal with unknown and upcoming malware.
-
PublicationAndroid OS security: Risks and limitations( 2012)The number of Android based smartphones is growing rapidly. They are increasingly used for security critical private and business applications, such as online banking or to access corporate networks. This makes them a very valuable target for an adversary. Up to date, significant or large scale attacks have failed, but attacks are becoming more sophisticated and successful. Thus, security is of paramount importance for both private and corporate users. In this paper, we give an overview of the current state of the art of Android security and present our extensible automated exploit execution framework. First, we provide a summary of the Android platform, current attack techniques, and publicly known exploits. Then, we introduce our extensible exploit execution framework which is capable of performing automated vulnerability tests of Android smartphones. It incorporates currently known exploits, but can be easily extended to integrate future exploits. Finally, we discuss how malware can propagate to Android smartphones today and in the future, and which possible threats arise. For example, device-to-device infections are possible if physical access is given.
