Refine
Year
Publication Type
- Part of a Book (119)
- Lecture (83)
- Article (68)
- Conference Proceeding (42)
- Book (20)
- Participation in a Norm (DIN, RFC etc.) (13)
- Master's Thesis (4)
- Course Material (3)
- Report (2)
- Bachelor Thesis (1)
Language
- English (197)
- German (131)
- Multiple languages (27)
Keywords
- Photovoltaik, Solarstrom, Speicher (5)
- Cyber Security (4)
- Elektrotechnik (3)
- Photovoltaik (3)
- QUIC (3)
- Outdoor-EL (2)
- Photovoltaics (2)
- Solarstrom (2)
- Transport Protocol (2)
- Ack Ratio (1)
Faculty
- Elektrotechnik und Informatik (ETI) (355) (remove)
„Photovoltaik & Speicher“, Kommunales Energieeffizienz-Netzwerktreffen (KEEN), Hünxe, 06.10.2017
(2017)
„Photovoltaik & Speicher“, Kommunales Energieeffizienz-Netzwerktreffen (KEEN), Espelkamp, 07.03.2019
(2019)
„Kennlinienbetrachtungen von Solargeneratoren“, Gutachtertreff Suncycle, Isseroda, 23.02.2017
(2017)
„Ist Ihr Haus solar geDacht?“, Bürger-Veranstaltung des Kreises Steinfurt, Neuenkirchen, 20.06.2017
(2017)
„Ist Ihr Haus solar geDacht?“, Bürger-Veranstaltung des Kreises Steinfurt, Hörstel, 21.06.2017
(2017)
OpenPGP and S/MIME are the two major standards to en-crypt and digitally sign emails. Digital signatures are sup-posed to guarantee authenticity and integrity of messages. Inthis work we show practical forgery attacks against variousimplementations of OpenPGP and S/MIME email signatureverification in five attack classes: (1) We analyze edge casesin S/MIME’s container format. (2) We exploit in-band sig-naling in the GnuPG API, the most widely used OpenPGPimplementation. (3) We apply MIME wrapping attacks thatabuse the email clients’ handling of partially signed mes-sages. (4) We analyze weaknesses in the binding of signedmessages to the sender identity. (5) We systematically testemail clients for UI redressing attacks.Our attacks allow the spoofing of digital signatures for ar-bitrary messages in 14 out of 20 tested OpenPGP-capableemail clients and 15 out of 22 email clients supportingS/MIME signatures. While the attacks do not target the un-derlying cryptographic primitives of digital signatures, theyraise concerns about the actual security of OpenPGP andS/MIME email applications. Finally, we propose mitigationstrategies to counter these attacks.
Wireless Sensor Networks
(2013)
Wireless Sensor
(2013)
TLS is one of today's most widely used and best-analyzed encryption technologies. However, for historical reasons, TLS for email protocols is often not used directly but negotiated via STARTTLS. This additional negotiation adds complexity and was prone to security vulnerabilities such as naive STARTTLS stripping or command injection attacks in the past.
We perform the first structured analysis of STARTTLS in SMTP, POP3, and IMAP and introduce EAST, a semi-automatic testing toolkit with more than 100 test cases covering a wide range of variants of STARTTLS stripping, command and response injections, tampering attacks, and UI spoofing attacks for email protocols. Our analysis focuses on the confidentiality and integrity of email submission (email client to SMTP server) and email retrieval (email client to POP3 or IMAP server). While some of our findings are also relevant for email transport (from one SMTP server to another), the security implications in email submission and retrieval are more critical because these connections involve not only individual email messages but also user credentials that allow access to a user's email archive.
We used EAST to analyze 28 email clients and 23 servers. In total, we reported over 40 STARTTLS issues, some of which allow mailbox spoofing, credential stealing, and even the hosting of HTTPS with a cross-protocol attack on IMAP. We conducted an Internet-wide scan for the particularly dangerous command injection attack and found that 320.000 email servers (2% of all email servers) are affected. Surprisingly, several clients were vulnerable to STARTTLS stripping attacks. In total, only 3 out of 28 clients did not show any STARTTLS-specific security issues. Even though the command injection attack received multiple CVEs in the past, EAST detected eight new instances of this problem. In total, only 7 out of 23 tested servers were never affected by this issue. We conclude that STARTTLS is error-prone to implement, under-specified in the standards, and should be avoided.
We show practical attacks against OpenPGP and S/MIMEencryption and digital signatures in the context of email. Instead of tar-geting the underlying cryptographic primitives, our attacks abuse legiti-mate features of the MIME standard and HTML, as supported by emailclients, to deceive the user regarding the actual message content. Wedemonstrate how the attacker can unknowingly abuse the user as a de-cryption oracle by replying to an unsuspicious looking email. Using thistechnique, the plaintext of hundreds of encrypted emails can be leakedat once. Furthermore, we show how users could be tricked into signingarbitrary text by replying to emails containing CSS conditional rules.An evaluation shows that "out of" OpenPGP-capable email clients,as well as "out of" clients supporting S/MIME, are vulnerable to atleast one attack. We provide different countermeasures and discuss theiradvantages and disadvantages.
WebRTC Data Channels
(2017)
A data sender in an IP based network is only capable to efficiently use a network path if it knows the packet size limit of the path, i.e., the Path Maximum Transmission Unit (PMTU). The IETF recently specified a PMTU discovery framework for transport protocols like QUIC. This paper complements this specification by presenting a search algorithm. In addition, it defines several metrics and shows results of analyses for the algorithm with various PMTU candidate sequences using these metrics. We integrated the PMTU discovery with our algorithm into a QUIC simulation model. This paper describes the integration and presents measurements obtained by simulations.
Systemakkreditierung aus der Sicht eines Dekans, eingeladener Vortrag, 27.04.2015, HS Koblenz
(2015)
This document is a compilation of issues found since the publication of RFC 4960 in September 2007, based on experience with implementing, testing, and using the Stream Control Transmission Protocol (SCTP) along with the suggested fixes. This document provides deltas to RFC 4960 and is organized in a time-ordered way. The issues are listed in the order in which they were brought up. Because some text is changed several times, the last delta in the text is the one that should be applied. In addition to the deltas, a description of each problem and the details of the solution for each are also provided.
Strategies to Secure End-to-End Communication - And Their Application to SCTP-Based Communication
(2011)
State of Charge estimation of zinc air batteries using electrochemical impedance spectroscopy
(2018)
Metal air batteries provide a high energy density as the ca-thodic reaction uses the surrounding air. Different metals can be usedbut zinc is very promising due to its disposability and nontoxic behav-ior. State estimation is quite complicated as the voltage characteristicof the battery is rather flat. Especially estimating the state of chargeis important as a secondary electrolysis process during overcharging canlead to an unsafe state. Another technique for state estimation is theelectrochemical impedance spectroscopy. Therefore, this paper describesthe process of setup and measuring a time series of impedance spectraat known states of charge. Then these spectra are used to derive anequivalent circuit. Finally the development of the circuit’s parameter areanalyzed to extract most important parameters.
The main task of battery management systems is to keep the working area of the battery in a safe state. Estimation of the state of charge and the state of health is therefore essential. The traditional way uses the voltage level of a battery to determine those values. Modern metal air batteries provide a flat voltage characteristic which necessitates new approaches. One promising technique is the electrochemical impedance spectroscopy, which measures the AC resistance for a set of different frequencies. Previous approaches match the measured impedances with a nonlinear equivalent circuit, which needs a lot of time to solve a nonlinear least-squares problem. This paper combines the electrochemical impedance spectroscopy with neural networks to speed up the state estimation using the example of zinc air batteries. Moreover, these networks are trained with different subsets of the spectra as input data in order to determine the required number of frequencies.
Smart wearable devices become more and more prevalent in the age of the Internet of Things. While people wear them as fitness trackers or full-fledged smartphones, they also come in unique versions as smartwatches for children. These watches allow parents to track the location of their children in real-time and offer a communication channel between parent and child.
In this paper, we analyzed six smartwatches for children and the corresponding backend platforms and applications for security and privacy concerns. We structure our analysis in distinct attacker scenarios and collect and describe related literature outside academic publications. Using a cellular network Man-in-the-Middle setup, reverse engineering, and dynamic analysis, we found several severe security issues, allowing for sensitive data disclosure, complete watch takeover, and illegal remote monitoring functionality.
Medizinische Einrichtungen waren in den letzten Jahren immer wieder von Cyber-Angriffen betroffen. Auch wenn sich diese Angriffe derzeit auf die Office-IT-Infrastruktur der Einrichtungen konzentrieren, existiert mit medizinischen Systemen und Kommunikationsprotokollen eine weitere wenig beachtete Angriffsoberfläche.
In diesem Beitrag analysieren wir die weit verbreiteten medizintechnischen Kommunikations-Protokolle DICOM und HL7 sowie Protokoll-Implementierungen auf ihre IT-Sicherheit. Dafür präsentieren wir die Ergebnisse der Sicherheitsanalyse der DICOM- und HL7-Standards, einen Fuzzer “MedFUZZ” für diese Protokolle sowie einen Schwachstellenscanner “MedVAS”, der Schwachstellen in medizintechnischen Produktivumgebungen auffinden kann.
Sichere ABAP-Programmierung
(2009)
Seitenkanäle mit Untiefen: Manche Webanwendungen spielen Angreifern unfreiwillig Informationen zu
(2012)
Reviewing Cyber Security Research of Implantable Medical Rhythm Devices regarding Patients’ Risk
(2020)
Introduction: The recent publication of several critical cyber security issues in cardiac implantable devices and the resulting press coverage upsets affected users and their trust in medical device producers. Reviewing the published security vulnerabilities regarding networked medical devices, it raises the question, if the reporting media, the responsible security researchers, and the producers handle security vulnerabilities appropriately. Are the media reports of security vulnerabilities in medical devices meaningful in a way that patients can assess their respective risk for an attack via the security vulnerability? The collaboration between IT-security experts and clinicians aims at reviewing published security vulnerabilities of rhythm devices, and evaluate overall patients risks.
Methodology: We performed a literature review on security vulnerabilities in implantable medical devices with a focus on cardiac devices. We analyzed (Fig. 1) the (1) requirements for an attacker and the (2) technical feasibility and clustered them in three different scenarios: The first scenario requires that the attacker physically approaches a victim with a programming device. The second scenario requires proximity to the victim, e.g., within a few meters. The third and strongest attacker scenario is a remote attack that doesn’t require any physical proximity to the victim. We then compare the attacker scenarios and (3) the overall patients’ risks with the press coverage (overhyped, adequate, underhyped). (4) The resulting overall patients’ risk was rated by clinicians (security vulnerability of patients’ data, dangerous programming possible).
Results: Out of the three analyzed incidents, we found one to be underhyped, one to be overhyped, and one was appropriate compared to the medial coverage (Fig. 2). The most occurring technical issues were based on the absence of basic security primitives. The patient damage for all of the analyzed incidents was fatal in the worst-case scenario. Further, the patient damage and the overall patient risks are disjunct due to the missing capability of performing large scale attacks.
Conclusion: The resulting overall patients’ risks may not adequately reflect the patient damage in the considered cases. Often, the overall patient risk is not as severe as the necessary attacker capabilities are high and it would require strongly motivated attackers to perform the attack. Therefore, most of the reviewed cases are considered with a smaller overall patient risk than implied by press reports. Reviewing the ongoing IT-Security trends regarding implantable medical devices shows an increasing focus on researching in the field of medical device security. Therefore, further findings in the near future are to be expected. To deal with this fact in a responsible way, proper proactive knowledge management is mandatory. We recommend medical staff to critically reflect reports in mass media due to possible sensationalism. Therefore, we propose a joint approach in combining the technical expertise of cyber security experts with clinical aspects of medical experts, to ensure a solid understanding of a newly published vulnerability. The combination of both communities promises to result in better predictions for patients’ risks from security vulnerabilities in implanted cardiac devices.