DecADe
Decentralized Anomaly Detection
| Scientists: | Dr. Holger Kinkelin, Dr. Marcel von Maltitz, Prof. Dr. Marc-Oliver Pahl, Dr. Nadine Herold, Stefan Liebald, M. Sc., Prof. Dr.-Ing. Georg Carle |
| Duration: | 01.06.2016 – 01.06.2019 |
| Funding: | BMBF (Federal Ministry for Education and Research) |
| Homepage: | https://www.net.in.tum.de/sites/decade/ |
Description
Today's IT systems used by corporations are characterized by a steadily growing number of computers and other devices. Furthermore, virtually all devices are connected via networks. Lastly, the complexity of dependencies between computers and services is growing. The named reasons make it difficult to understand, protect and maintain the functionality of computer networks already today.
An additional difficulty is that today's IT systems cannot be shielded anymore from the outside world. One important reason is the spatial expansion of many computer networks which might lead to physically exposed hosts that might be compromized by adversaries. Another reason is the amount of interaction between entities within the (secure and trusted) own IT system and other (hazardous and untrusted) entities located in the outside world.
To reduce operational costs, networks and computers are consolidated today using various types of virtualization technologies, for instance hardware or network virtualization (VLAN, VPN, SDN, etc.). Formerly physically separated machines and networks are now isolated from each other by a thin layer of software that abstracts over the hardware. If the security offered by the virtualization layer fails, the security of the entire IT system can be weakened, as attacks can spread more easily between components.
The changes listed above can even be witnessed even in the very security critical main scenarios addressed by the DecADe project: IT systems found in airplanes and automobiles.
In the project we focus on solutions for permanent and comprehensive monitoring of the IT system, early detection of attacks, and a concise assessment of the current threat level of the entire IT system. The project understands the growing amount of devices and connectivity not only as a problem but also as a chance that only needs to be used in order to increase the security level of the IT system. The projects main idea is that components of the IT system with free capacity (CPU, memory, bandwidth, etc.) shall be leveraged to monitor the behavior of other components in order to find anomalies in the entire IT system.
Partners:
- Airbus Group Innovations
- Audi Electronic Ventures GmbH (Assoziiert)
- AVL Software & Functions GmbH
- b-plus GmbH
- Technische Hochschule Deggendorf
- Universität Bremen
Related publications
| 2019-04-01 | Cora Perner, Holger Kinkelin, Georg Carle, “Adaptive Network Management for Safety-Critical Systems,” in IM 2019 - IEEE/IFIP Workshop Dissect 2019, Washington D.C., USA, Apr. 2019. [Bib] |
| 2019-04-01 | Holger Kinkelin, Heiko Niedermayer, Marc-Oliver Müller, Georg Carle, “Multi-party authorization and conflict mediation for decentralized configuration management processes,” in IM 2019 - IEEE/IFIP Workshop HotNSM 2019, Washington D.C., USA, Apr. 2019. [Preprint] [Bib] |
| 2018-12-01 | Fabien Geyer, “DeepComNet: Performance Evaluation of Network Topologies using Graph-Based Deep Learning,” Performance Evaluation, Dec. 2018. [Pdf] [DOI] [Bib] |
| 2018-12-01 | Cornelius Diekmann, Johannes Naab, Andreas Korsten, Georg Carle, “Agile Network Access Control in the Container Age,” IEEE Transactions on Network and Service Management, Dec. 2018. [Pdf] [DOI] [Bib] |
| 2018-10-01 | Paul Emmerich, Maximilian Pudelko, Quirin Scheitle, Georg Carle, “Efficient Dynamic Flow Tracking for Packet Analyzers,” in CloudNet, Tokyo, Japan, Oct. 2018. [Pdf] [Bib] |
| 2018-08-01 | Fabien Geyer, Georg Carle, “Learning and Generating Distributed Routing Protocols Using Graph-Based Deep Learning,” in Proceedings of the 2018 SIGCOMM Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, Budapest, Hungary, Aug. 2018, pp. 40–45. [Pdf] [DOI] [Bib] |
| 2018-04-01 | Holger Kinkelin, Valentin Hauner, Heiko Niedermayer, Georg Carle, “Trustworthy Configuration Management for Networked Devices using Distributed Ledgers,” in NOMS 2018 - IEEE/IFIP DOMINOS workshop, Apr. 2018. [Preprint] [Bib] |
| 2018-03-01 | Tobias Brunnwieser, Oliver Gasser, Sree Harsha Totakura, Georg Carle, “Live Detection and Analysis of HTTPS Interceptions,” in Passive and Active Measurement Conference (PAM), Poster, Berlin, Germany, Mar. 2018. [Pdf] [Poster] [Bib] |
| 2018-03-01 | Oliver Gasser, Benjamin Hof, Max Helm, Maciej Korczynski, Ralph Holz, Georg Carle, “In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements,” in Proceedings of the Passive and Active Measurement Conference (PAM 2018), Best Paper Award, Berlin, Germany, Mar. 2018. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Blog] [Bib] |
| 2017-12-01 | Fabien Geyer, “Performance Evaluation of Network Topologies using Graph-Based Deep Learning,” in Proc. 11th EAI International Conference on Performance Evaluation Methodologies and Tools, Venice, Italy, Dec. 2017. [Pdf] [DOI] [Bib] |
| 2017-11-01 | Patricia Callejo, Connor Kelton, Narseo Vallina-Rodriguez, Rubén Cuevas, Oliver Gasser, Christian Kreibich, Florian Wohlfart, Ángel Cuevas, “Opportunities and Challenges of Ad-based Measurements from the Edge of the Network,” in Proc. of the 16th ACM Workshop on Hot Topics in Networks, Nov. 2017. [Pdf] [Bib] |
| 2017-07-01 | Nadine Herold, Matthias Wachs, Marko Dorfhuber, Christoph Rudolf, Stefan Liebald, Georg Carle, “Achieving reproducible network environments with INSALATA,” in 11th International Conference on Autonomous Infrastructure, Management and Security (AIMS’2017), Best Paper Award, Zurich, Switzerland, Jul. 2017. [Pdf] [Slides] [Bib] |
| 2017-06-01 | Marcel von Maltitz, Cornelius Diekmann, Georg Carle, “Privacy Assessment using Static Taint Analysis (Tool Paper),” in FORTE – 37th IFIP International Conference on Formal Techniques for Distributed Objects, Components and Systems, Neuchatel, Switzerland, Jun. 2017. [Url] [Preprint] [Slides] [Sourcecode] [Rawdata] [Extended version] [DOI] [Bib] |
| 2016-11-01 | Marcel von Maltitz, Cornelius Diekmann, Georg Carle, “Taint Analysis for System-Wide Privacy Audits: A Framework and Real-World Case Studies.” 1st Workshop for Formal Methods on Privacy, Nov-2016. workshop without proceedings [Preprint] [Sourcecode] [Rawdata] [Bib] |
Finished student theses
| Author | Title | Type | Advisors | Year | Links |
| Jan Martin Vogt | Feasibility of DLT-based Data Storage and Exchange in Small Scale IoT Networks | BA | Dr. Holger Kinkelin | 2019 | |
| Julian Roos | Modelling Organizational Structues for a Federated Distributed Ledger-Based Certificate Management System | BA | Dr. Holger Kinkelin | 2018 |
|
| Yannick Gehring | Incorporating Automated Checks in a Distributed Ledger-Based Certificate Issuance System | BA | Dr. Heiko Niedermayer, Dr. Holger Kinkelin | 2018 |
|
| Alexander Bauer | Evaluation of Distributed Ledger Technology in Automotive Scenarios | MA | Dr. Holger Kinkelin, Dr. Heiko Niedermayer | 2018 | |
| Marc Müller | Trustworthy and tamperproof configuration management of networked devices | MA | Dr. Holger Kinkelin, Cora-Lisa Perner, Dr. Heiko Niedermayer | 2018 |
|
| Anil Karatas | Experimental Performance Evaluation of Distributed Private Ledgers in a Virtualized Environment | MA | Dr. Holger Kinkelin, Benedikt Jaeger | 2018 |
|
| Thomas Maier | Exposing Insecure Configurations of Network Session and Permission Graphs | MA | Simon Bauer, Jonas Jelten, Dr. Holger Kinkelin | 2018 | |
| Dominik Bitzer | Privacy-Preserving and Transparent Access Control for Data Queries in Sensor Networks | MA | Marcel von Maltitz, Dr. Holger Kinkelin | 2017 |
|
| Max von Tettenborn | A Usable and Expressive Schema for Access Control | MA | Dr. Holger Kinkelin, Marcel von Maltitz | 2017 | |
| Jan Felix Hoops | Federated Identity and Transaction Management over Blockchain II | BA | Dr. Heiko Niedermayer, Dr. Holger Kinkelin | 2017 |
|
| Stefanos Georgiou | A Trustworthy Process-Tracing System for B2B-Applications based on Blockchain Technology | MA | Dr. Holger Kinkelin, Sree Harsha Totakura, Dr. Heiko Niedermayer | 2017 |
|
| Valentin Hauner | Trustworthy Configuration Management with Distributed Ledgers | MA | Dr. Holger Kinkelin, Dr. Heiko Niedermayer | 2017 |
|
| Hendrik Leppelsack | Experimental Performance Evaluation of Private Distributed Ledger Implementations | MA | Dr. Holger Kinkelin, Stefan Liebald | 2017 |
|
| Manuel Ehler | Decentralized Feature Processing on Resource-Constrained Devices for Network Anomaly Detection | MA | Marcel von Maltitz, Stefan Liebald, Simon Bauer, Dr. Holger Kinkelin | 2017 | |
| Marko Dorfhuber | Information Collection for Temporal Variation Analysis on Networks | BA | Nadine Herold, Matthias Wachs, Stefan Liebald | 2016 | |
| Christoph Rudolf | Automated Planning, Setup and Configuration for Scientific Testbed Environments | BA | Nadine Herold, Matthias Wachs, Stefan Liebald | 2016 |