Now showing 1 - 10 of 16
  • Publication
    Towards a toolkit for utility and privacy-preserving transformation of semi-structured data using data pseudonymization
    ( 2017)
    Kasem-Madani, Saffija
    ;
    ;
    Wehner, Martin
    We present a flexibly configurable toolkit for the automatic pseudonymization of datasets that keeps certain utility. The toolkit could be used to pseudonymize data in order to preserve the privacy of data owners while data processing and to meet the requirements of the new European general data protection regulation. We define some possible utility requirements and corresponding utility options a pseudonym can meet. Based on that, we define a policy language that can be used to produce machine-readable utility policies. The utility policies are used to configure the toolkit to produce a pseudonymized dataset that offers the utility options. Here, we follow a confidentiality-by-default principle. I.e., only the data mentioned in the policy is transformed and included in the pseudonymized dataset. All remaining data is kept confidential. This stays in contrast to common pseudonymization techniques that replace only personal or sensitive data of a dataset with pseudonyms, while keeping any other information in plaintext. If applied appropriately, our approach allows for providing pseudonymized datasets that includes less information that can be misused to infer personal information about the individuals the data belong to.
  • Publication
    Novel approaches for security in building automation systems
    ( 2015)
    Kaur, Jaspreet
    ;
    Herdin, Christian
    ;
    Tonejc, Jernej
    ;
    Wendzel, Steffen
    ;
    ;
    Szlosarczyk, Sebastian
  • Publication
    Hunting observable objects for indication of compromise
    Shared Threat Intelligence is often imperfect. Especially so called Indicator of Compromise might not be well constructed. This might either be the case if the threat only appeared recently and recordings do not allow for construction of high quality Indicators or the threat is only observed by sharing partners lesser capable to model the threat. However, intrusion detection based on imperfect intelligence yields low quality results. Within this paper we illustrate how one is able to overcome these shortcomings in data quality and is able to achieve solid intrusion detection. This is done by assigning individual weights to observables listed in a STIXTM report to express their significance for detection. For evaluation, an automatized toolchain was developed to mimic the Threat Intelligence sharing ecosystem from initial detection over reporting, sharing, and determining compromise by STIXTM-formated data. Multiple strategies to detect and attribute a specific threat are compared using this data, leading up to an approach yielding a F1-Score of 0.79.
  • Publication
    Gathering and analyzing identity leaks for a proactive warning of affected users
    ( 2018)
    Malderle, Timo
    ;
    ;
    Knauer, Sven
    ;
    Identity theft is a common consequence of successful cyber-attacks. Criminals steal identity data in order to either (mis)use the data themselves or sell entire identity collections of such data to other parties. Warning the victims of identity theft is crucial to avoid or limit the damage caused by identity misuse. However, in order to provide proactive warnings to victims in a timely fashion, the leaked identity data has to be available. Within this paper we present a methodology to gather and analyze leaked identity data to enable proactive warnings of victims.
  • Patent
    Concept for combined dynamic range compression and quided clipping prevention for audio devices
    The invention provides a concept for combined dynamic range compression and guided clipping prevention for audio devices. An audio decoder for decoding an audio bitstream and a metadata bitstream related to the audio bitstream according to the concept comprisesan audio processing chain configured to receive a decoded audio signal derived from the audio bitstream and to adjust characteristics of the audio signal in order to produce an audio output signal, the audio adjustment chain comprising a plurality of adjustment stages including a dynamic range control stage for adjusting a dynamic range of the audio output signal and a guided clipping prevention stage for preventing clipping of the audio output signal; anda metadata decoder configured to receive the metadata bitstream and to extract dynamic range control gain sequences and guided clipping prevention gain sequences from the metadata bitstream, at least a part of the dynamic range control gain sequences being supplied to the dynamic range control stage, and at least a part of the guided clipping prevention gain sequences being supplied to the guided clipping prevention stage.
  • Publication
    Structure formation of polymeric building blocks: Complex polymer architectures
    ( 2014)
    Binder, Kurt
    ;
    Butt, Hans-Jürgen
    ;
    Floudas, George
    ;
    Frey, Holger
    ;
    Hsu, Hsiao-Ping
    ;
    Landfester, Katharina
    ;
    Kolb,Ute
    ;
    Kühnle, Angelika
    ;
    ;
    Müllen, Klaus
    ;
    Paul, Wolfgang
    ;
    ;
    Spiess, Hans Wolfgang
    ;
    Virnau, Peter
  • Publication
    Improved calculation of aS resilience against IP prefix hijacking
    Network prefix hijacking is still a serious threat in the Internet. Confirmed incidents in the recent past have shown that even small autonomous systems (ASs) are able to manipulate routing information with huge global impact. Even though countermeasures exist, they are not established at large scale yet. Monitoring of the actual routing state is the only mean to provide at least information about prefix hijacking events for single ASs. Given topology information the resilience of an AS against prefix hijacking attacks can be determined. This paper proposes an improved formula to calculate the resilience of an AS against prefix hijacking. Additionally, the role of internet exchange points (IXPs) and the peering opportunities they provide are evaluated. Such opportunities allow for establishing links between ASs at very low cost. Current peering opportunities are derived from a collection of member data gathered from European IXPs. Furthermore, the effect of additional l inks on an AS's resilience is investigated by combining actual peering and individual peering opportunities.