A5009630403- Internet Traffic Analysis and Secure E-voting
- Advanced Steganography and Watermarking Techniques
- Digital Media Forensic Detection
- User Authentication and Security Systems
- Network Security and Intrusion Detection
- Advanced Malware Detection Techniques
- Spam and Phishing Detection
- Chaos-based Image/Signal Encryption
- Advanced Authentication Protocols Security
- Technology and Data Analysis
- Security and Verification in Computing
- Physical Unclonable Functions (PUFs) and Hardware Security
- Digital and Cyber Forensics
- Adversarial Robustness in Machine Learning
- Embedded Systems Design Techniques
- Biometric Identification and Security
- Smart Grid Security and Resilience
Otto-von-Guericke University Magdeburg
2017-2025
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among different domains, such as digital media steganography, text cyber-physical systems network steganography (network covert channels), local channels, and out-of-band channels. To cope with this, a prime attempt has been done in 2015, introduction of so-called patterns, allow to describe more abstract manner. Despite significant enhancements, main...
In this paper, we present an Information Hiding approach that would be suitable for exfiltrating sensible information of Industrial Control Systems (ICS) by leveraging the long-term storage process data in historian databases. We show how hidden messages can embedded sensor measurements as well retrieved asynchronously accessing historian. evaluate at example water-flow and water-level sensors Secure Water Treatment (SWAT) dataset from iTrust. To generalize specific cover channels (sensors...
Industrial Control Systems (ICS) help to automate various cyber-physical systems in our world. The controlled processes range from rather simple traffic lights and elevators complex networks of ICS car manufacturing or controlling nuclear power plants. With the advent industrial Ethernet are increasingly connected Information Technology (IT). Thus, novel attack vectors on possible. In IT information hiding steganography is used advanced persistent threats conceal infection allowing attacker...
Recent findings in research on malware threats indicate an increasing use of information hiding techniques as a novel approach for compromising IT-Systems by using covert functions and hidden channels. Especially the context intrusion data exfiltration, networks Industrial Control Systems (ICS) are valuable target based attacks. In this paper we discuss how 18 known patterns can be applied to protocols found ICS demonstrate covertly embedded retrieved at example Modbus/TCP achieve overall...
In this paper we perform a threat analysis for covert Command and Control (C2) channel using port scans as cover syslog carrier data infiltration. We describe theoretical scenario in which an adversary makes use of known channels TCP DNS, propose novel method hiding information ports the resulting (sys)logs hidden messages. For forensic purposes, provide details on Indicators-of-Compromise (IoC) well mitigating measures aiming at preventing apriori. Moreover, detection scheme order to...
Abstract A feature of search engines is prediction and suggestion to complete or extend input query phrases, i.e. functions (SSF). Given the immediate temporal nature this functionality, alongside character submitted trigger each suggestion, adequate data provided derive keystroke features. The potential such biometric features be used in identification tracking poses risks user privacy.For our initial experiment, we evaluate SSF traffic with different browsers on a Linux PC an Android...
Covert channels in network protocols are a technique aiming to hide the very existence of secret communication computer networks. In this work we present systematic in-depth analysis covert by modification for Network Time Protocol (NTP). Our results identification 49 channels, applying channel pattern-based taxonomy. The summary and comparison based on nine selected key attributes show that NTP is plausible carrier channels. evaluated regards common behavior implementations six major...
Network Time Security (NTS) specified in RFC8915 is a mechanism to provide cryptographic security for clock synchronization using the Protocol (NTP) as foundation. By Transport Layer (TLS) and Authenticated Encryption with Associated Data (AEAD) NTS able ensure integrity authenticity between server clients synchronizing time. However, past it was shown that time synchronisation protocols such Precision (PTP) might be leveraged carrier covert channels, potentially infiltrating or exfiltrating...
<p>A unified understanding of terms and their applicability is essential for every scientific discipline: steganography no exception. Being divided into several domains (for instance, text steganography, digital media network steganography), it crucial to provide a terminology as well taxonomy that not limited some specific applications or areas. A prime attempt towards was conducted in 2015 with the introduction pattern-based steganography. Six years later, 2021, first work proposed....
<p>A unified understanding of terms and their applicability is essential for every scientific discipline: steganography no exception. Being divided into several domains (for instance, text steganography, digital media network steganography), it crucial to provide a terminology as well taxonomy that not limited some specific applications or areas. A prime attempt towards was conducted in 2015 with the introduction pattern-based steganography. Six years later, 2021, first work proposed....
The term Internet of Things might be regarded as simultaneous occurrence three important trends. First, the general change from isolated devices to large-scale interconnected and interacting environments. Second, rapidly increasing numbers applied hardware software components. Third, an level complexity individual components applied. connection a broad range heterogeneous each other, or Internet, results in greater attack potentials multitudes vectors. Consequently, IT-Security has deal with...
<p>A unified understanding of terms and their applicability is essential for every scientific discipline: steganography no exception. Being divided into several domains (for instance, text steganography, digital media network steganography), it crucial to provide a terminology as well taxonomy that not limited some specific applications or areas. A prime attempt towards was conducted in 2015 with the introduction pattern-based steganography. Six years later, 2021, first work proposed....
Synchronized clocks are vital for most communication scenarios in networks of Information Technology (IT) and Operational (OT). The process time synchronisation requires transmission high-precision timestamps often originating from external sources. In this paper, we analyze how synchronization protocols impose a threat by being leveraged as carrier network covert channels. This paper is an extended version our open-access [15] which performed in-depth analysis the Network Time Protocol...
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among different domains, such as digital media steganography, text cyber-physical systems network steganography (network covert channels), local channels, and out-of-band channels. To cope with this, a prime attempt has been done in 2015, introduction of so-called patterns, allow to describe more abstract manner. Despite significant enhancements, main...