Refine
Departments, institutes and facilities
- Institut für Cyber Security & Privacy (ICSP) (13) (remove)
Document Type
- Article (6)
- Conference Object (6)
- Doctoral Thesis (1)
Year of publication
- 2012 (13) (remove)
Has Fulltext
- no (13)
Keywords
- Bag of Features (1)
- Cloud Security (1)
- Cloud Standards (1)
- D [Software] (1)
- DNSSEC (1)
- Domestic service robots (1)
- Human factors (1)
- Human robot interaction (1)
- Security (1)
- Semantic scene understanding (1)
- Service-Oriented Architecture (1)
- TLS (1)
- Web Browser (1)
- classifier combination (1)
- clustering (1)
- feature extraction (1)
- machine learning (1)
- object categorization (1)
- reverse engineering, malware, machine learning (1)
- visualization (1)
- web services (1)
Multi-hop Netze sind seit vielen Jahren Forschungsthema. Seit einigen Jahren gibt es auch erste Realisierungen solcher Netze. Sie ermöglichen es, ohne feste Infrastruktur sich selbst organisierende Netze zu realisieren. Dies macht sie für vielfältige zivile wie taktische Szenarien interessant. In der vorliegenden Arbeit liegt der Fokus auf taktischen Szenarien, wie Szenarien der öffentlichen Sicherheit, militärischen oder Katastrophenszenarien. In solchen Szenarien kann für die Kommunikation auf der letzten Meile nicht von existierender Kommunikationsinfrastruktur ausgegangen werden. Taktische multi-hop Netze stellen eine Möglichkeit dar, die Kommunikation auf der letzen Meile trotzdem zu realisieren.
Malware is responsible for massive economic damage. Being the preferred tool for digital crime, botnets are becoming increasingly sophisticated, using more and more resilient, distributed infrastructures based on peer-to-peer (P2P) protocols. On the other side, current investigation techniques for malware and botnets on a technical level are time-consuming and highly complex. Fraunhofer FKIE is addressing this problem, researching new ways of intelligent process automation and information management for malware analysis in order to minimize the time needed to investigate these threats.
Today’s computer systems face a vast array of severe threats that are posed by automated attacks performed by malicious software as well as manual attacks by individual humans. These attacks not only differ in their technical implementation but may also be location-dependent. Consequentially, it is necessary to join the information from heterogeneous and distributed attack sensors in order to acquire comprehensive information on current ongoing cyber attacks.
XML Encryption and XML Signature are fundamental security standards forming the core for many applications which require to process XML-based data. Due to the increased usage of XML in distributed systems and platforms such as in SOA and Cloud settings, the demand for robust and effective security mechanisms increased as well. Recent research work discovered, however, substantial vulnerabilities in these standards as well as in the vast majority of the available implementations. Amongst them, the so-called XML Signature Wrapping attack belongs to the most relevant ones. With the many possible instances of this attack type, it is feasible to annul security systems relying on XML Signature and to gain access to protected resources as has been successfully demonstrated lately for various Cloud infrastructures and services. This paper contributes a comprehensive approach to robust and effective XML Signatures for SOAP-based Web Services. An architecture is proposed, which integrates the r equired enhancements to ensure a fail-safe and robust signature generation and verification. Following this architecture, a hardened XML Signature library has been implemented. The obtained evaluation results show that the developed concept and library provide the targeted robustness against all kinds of known XML Signature Wrapping attacks. Furthermore the empirical results underline, that these security merits are obtained at low efficiency and performance costs as well as remain compliant with the underlying standards.