FORSEC

Security of Highly Interconnected IT Systems

Current phenomenona like outsourcing, service oriented architectures, cloud computing and also the general penetration of every kind of work process by information technology gave rise to a situation, which was inconceivable a few years ago. At the turn of the millennium central IT-systems, for example information systems in companies or control systems of public infrastructures (energy grid, traffic control systems) were most totally isolated or they've just communicated with other IT-systems in tight, accurately defined boundaries. In the last few years this boundaries became more and more transparent or disappeared completely. Modern IT-systems became versatile, flexible, and highly interconnected, yet fragile constructs.
While a few years ago anti-virus software and firewalls were considered to be sufficient protection against attacks on IT-systems, recently it became apparent, that these measures are obsolete. Complex and adaptive attacks on IT-systems (for example Stuxnet, Duqu or Flame) demonstrated the capability of abuse and industrial espionage and exposed the weakness of current defensive measures.
Taking into account the current threat situation, it emerged in particular that the so far common, strict separation of an IT-security process in the three phases

Preventive measures against attacks
Defense against ongoing attacks
Forensics and post-mortem examination of IT-security incidents

wasn’t sufficient as many possible synergies remained unexploited.

Main FORSEC Objectives

FORSEC aims at transferring the three, up until now always separately considered parts of the process into an integrated, interdisciplinary concept - an integrated security process for highly connected IT-systems. The phase „Preventive measures against attacks “ describes methods for securing IT-systems as well as raising people’s awareness of the safe use of IT-systems. Subprojects in this area are particularly focused on intrusion prevention and reduction of the expected damage.
Defense measures during ongoing attacks can be assigned to the second phase of the cycle „Defense against ongoing attacks “. Topics researched include effective recognition and subsequent defense of and from attacks as well as methods for conviction of the attackers.
Subprojects assigned to the phase "Forensics and post-mortem examination of IT-security incidents" are mostly concerned with methods for the identification of the offenders and recovery of systems and data.

Structure

Eight professors from five different Bavarian research institutions are involved in the Bavarian research association FORSEC: four universities with faculties and departments of different scope (Faculty of Economics and Business Administration at University Regensburg, Faculty of Computer Science and Mathematics at University Passau, Faculty of Computer Science at TU Munich, Technical Faculty at FAU University Erlangen-Nürnberg), and - indirectly - the Institute of Applied and Integrated Security (AISEC) at the Fraunhofer Institute in Garching near Munich. The research association is being coordinated by Prof. Dr. Günther Pernul and Prof. Dr. Guido Schryen from the Institute for Information Systems of the University of Regensburg.

Project Members

Contact

Itsec-office@uni-passau.de

2017

H. C. Pöhls and B. Petschkuhn, "Towards compactly encoded signed IoT messages" in IEEE International Workshop on Computer-Aided Modeling Analysis and Design of Communication Links and Networks (IEEE CAMAD 2017) , IEEE , 2017.
http://henrich.poehls.com/papers/2017_PoehlsPetschkuhn_IoT_signature_encoding_CAMAD.pdf

2016

J. Bauer, R. C. Staudemeyer, H. C. Pöhls and A. Fragkiadakis, "ECDSA on things: IoT integrity protection in practise" in Proc. of Information and Communications Security (ICICS 2016) , K.-Y. Lam et al., Eds. Springer , 2016.
http://henrich.poehls.com/papers/2016_Bauer-et-al_ECDSA-on-things_ICICS.pdf

C. Frädrich, H. C. Pöhls, W. Popp, N. Rakotondravony and K. Samelin, "Integrity and Authenticity Protection with Selective Disclosure Control in the Cloud and IoT" in Proc. of Information and Communications Security (ICICS 2016) , K.-Y. Lam et al., Eds. Springer , 2016.
http://henrich.poehls.com/papers/2016_SelectiveDisclosureControl_ICICS2016_full.pdf

T. Marktscheffel, W. Gottschlich, W. Popp, P. Werli, S. Dominik Fink, A. Bilzhause and H. Meer, "QR Code Based Mutual Authentication Protocol for Internet of Things" in {Proc. of The 5th workshop on IoT-SoS: Internet of Things Smart Objects and Services (WOWMOM SOS-IOT 2016)} , IEEE , 2016.

A. Fragkiadakis, G. Oikonomou, H. C. Pöhls, E. Z. Tragos and M. Wójcik, "Securing Communications Among Severely Constrained, Wireless Embedded Devices" in Engineering Secure Internet of Things Systems , Benjamin Aziz and Alvaro Arenas and Bruno Crispo, Eds. The Institute of Engineering and Technology , 2016 .
http://www.theiet.org/resources/books/security/secIoT.cfm

2015

B. Braun, K. Pauli, J. Posegga and M. Johns, "LogSec: Adaptive Protection for the Wild Wild Web" in the 2015 ACM Symposium on Applied Computing (SAC 2015) - to appear , 2015.

2014

B. Braun, J. Köstler, J. Posegga and M. Johns, "A Trusted UI for the Mobile Web" in 29th IFIP International Information Security and Privacy Conference (IFIP SEC 2014) , 2014.
DOI: http://dx.doi.org/10.1007/978-3-642-55415-5_11
http://web.sec.uni-passau.de/papers/2014_Braun_Koestler_Posegga_Johns-Trusted-UI-Mobile-Web.pdf

B. Braun, C. Gries, B. Petschkuhn and J. Posegga, "Ghostrail: Ad Hoc Control-Flow Integrity for Web Applications" in 29th IFIP International Information Security and Privacy Conference (IFIP SEC 2014) , 2014.
DOI: http://dx.doi.org/10.1007/978-3-642-55415-5_22
http://web.sec.uni-passau.de/papers/2014_Braun_Gries_Petschkuhn_Posegga-Ghostrail.pdf