International Journal of Pervasive Computing and Communications, 2009
Purpose Secure communication is very important for computer networks. Thereby, authentication i... more Purpose Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority ...
Our demonstrator shows the implementation of a Service- oriented Architecture (SoA) for wireless ... more Our demonstrator shows the implementation of a Service- oriented Architecture (SoA) for wireless sensor-actuator net- works (WSAN). It demonstrates the feasibility of our service- oriented system in a real-world, resource-restricted WSAN based on off-the-shelf MICAz motes running the operation system TinyOS. In contrast to data-oriented approaches our service-oriented system does not only provide "traditional" uni-directional data transfer (from sensor nodes
Summary The industrial application of wireless sensor-actua-tor networks is attractive due to the... more Summary The industrial application of wireless sensor-actua-tor networks is attractive due to their flexibility, saving poten-tial and ease of use. However, weak or missing security would restrain the acceptance and hinder a wide-spread use. This paper presents a security design for ...
Measurements of light cosmic ray isotopes (2<= Z <= 8) have been carried out by the Isotope... more Measurements of light cosmic ray isotopes (2<= Z <= 8) have been carried out by the Isotope Magnet Experiment (ISOMAX) balloon-borne magnetic spectrometer, during a flight from Lynn Lake, Manitoba, Canada in August 1998. The main emphasis of the ISOMAX experiment is to determine the ratio of radioactive ^10Be to stable ^9Be at energies where time-dilation becomes significant, in order
The Isotope Magnet Experiment, ISOMAX, is a balloon-borne instrument designed to measure the isot... more The Isotope Magnet Experiment, ISOMAX, is a balloon-borne instrument designed to measure the isotopic composition of the light elements in cosmic rays (2<=Z<=8), with a particular emphasis on the measurement of the radioactive isotope ^10Be. ISOMAX was first flown in August 1998 from Lynn Lake, Manitoba, Canada and is scheduled to fly again from Lynn Lake during Summer 2000. To
Honeypots are used in IT Security to detect and gather information about ongoing intrusions, e.g.... more Honeypots are used in IT Security to detect and gather information about ongoing intrusions, e.g., by documenting the approach of an attacker. Honeypots do so by presenting an interactive system that seems just like a valid application to an attacker. One of the main design goals of honeypots is to stay unnoticed by attackers as long as possible. The longer the intruder interacts with the honeypot, the more valuable information about the attack can be collected. Of course, another main goal of honeypots is to not open new vulnerabilities that attackers can exploit. Thus, it is necessary to harden the honeypot and the surrounding environment. This paper presents Apate, a Linux Kernel Module (LKM) that is able to log, block and manipulate system calls based on preconfigurable conditions like Process ID (PID), User Id (UID), and many more. Apate can be used to build and harden High Interaction Honeypots. Apate can be configured using an integrated high level language. Thus, Apate is an...
Honeypots are used in IT-Security to detect and gather information about ongoing intrusions, e.g.... more Honeypots are used in IT-Security to detect and gather information about ongoing intrusions, e.g. by documenting the approach of an attacker. Honeypots do so by presenting an interactive system that seems just like a valid application to an attacker. This paper presents a part of APATE, a Linux Kernel Module (LKM) that is able to log, block and manipulate system calls based on preconfigurable conditions like Process ID (PID), User Id (UID), and many more. \apate can be used to build and harden High Interaction Honeypots. \apate can be configured using an integrated high level language. This language gets compiled to a fast intermediate language, which is processed by the APATE interpreter. This interpreter is able to hook, manipulate and log most of Linux Kernel functions. This research presents the language, the interpreter and its performance evaluation.
2010 Third International Conference on Advances in Human-Oriented and Personalized Mechanisms, Technologies and Services, 2010
Abstract Using communication services like voice services, chat services and web 2.0 technologie... more Abstract Using communication services like voice services, chat services and web 2.0 technologies (wikis, blogs, etc) are a common part of everyday life in a personal or business context. These communication services typically authenticate participants. Identities identify the ...
Secure communication is very important in computer networks and authentication is one of the most... more Secure communication is very important in computer networks and authentication is one of the most eminent preconditions. However, common authentication schemes are not applicable in ad hoc networks because public key infrastructures with a centralized certification authority are hard to deploy there. We propose and evaluate a security concept based on a distributed certification facility. A network is divided into clusters with one special head node each. These cluster head nodes execute administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a networksigned certificate after their authenticity has been warranted by some other members. The feasibility of this concept was verified by simulation. Three different models for node mobility were used in order to include realistic scenarios as well as make the results comparable to other work. The simulation results inc...
International Journal of Pervasive Computing and Communications, 2009
Purpose Secure communication is very important for computer networks. Thereby, authentication i... more Purpose Secure communication is very important for computer networks. Thereby, authentication is one of the most eminent preconditions. In ad hoc networks, common authentication schemes are not applicable since public key infrastructures with a centralized certification authority ...
Our demonstrator shows the implementation of a Service- oriented Architecture (SoA) for wireless ... more Our demonstrator shows the implementation of a Service- oriented Architecture (SoA) for wireless sensor-actuator net- works (WSAN). It demonstrates the feasibility of our service- oriented system in a real-world, resource-restricted WSAN based on off-the-shelf MICAz motes running the operation system TinyOS. In contrast to data-oriented approaches our service-oriented system does not only provide "traditional" uni-directional data transfer (from sensor nodes
Summary The industrial application of wireless sensor-actua-tor networks is attractive due to the... more Summary The industrial application of wireless sensor-actua-tor networks is attractive due to their flexibility, saving poten-tial and ease of use. However, weak or missing security would restrain the acceptance and hinder a wide-spread use. This paper presents a security design for ...
Measurements of light cosmic ray isotopes (2<= Z <= 8) have been carried out by the Isotope... more Measurements of light cosmic ray isotopes (2<= Z <= 8) have been carried out by the Isotope Magnet Experiment (ISOMAX) balloon-borne magnetic spectrometer, during a flight from Lynn Lake, Manitoba, Canada in August 1998. The main emphasis of the ISOMAX experiment is to determine the ratio of radioactive ^10Be to stable ^9Be at energies where time-dilation becomes significant, in order
The Isotope Magnet Experiment, ISOMAX, is a balloon-borne instrument designed to measure the isot... more The Isotope Magnet Experiment, ISOMAX, is a balloon-borne instrument designed to measure the isotopic composition of the light elements in cosmic rays (2<=Z<=8), with a particular emphasis on the measurement of the radioactive isotope ^10Be. ISOMAX was first flown in August 1998 from Lynn Lake, Manitoba, Canada and is scheduled to fly again from Lynn Lake during Summer 2000. To
Honeypots are used in IT Security to detect and gather information about ongoing intrusions, e.g.... more Honeypots are used in IT Security to detect and gather information about ongoing intrusions, e.g., by documenting the approach of an attacker. Honeypots do so by presenting an interactive system that seems just like a valid application to an attacker. One of the main design goals of honeypots is to stay unnoticed by attackers as long as possible. The longer the intruder interacts with the honeypot, the more valuable information about the attack can be collected. Of course, another main goal of honeypots is to not open new vulnerabilities that attackers can exploit. Thus, it is necessary to harden the honeypot and the surrounding environment. This paper presents Apate, a Linux Kernel Module (LKM) that is able to log, block and manipulate system calls based on preconfigurable conditions like Process ID (PID), User Id (UID), and many more. Apate can be used to build and harden High Interaction Honeypots. Apate can be configured using an integrated high level language. Thus, Apate is an...
Honeypots are used in IT-Security to detect and gather information about ongoing intrusions, e.g.... more Honeypots are used in IT-Security to detect and gather information about ongoing intrusions, e.g. by documenting the approach of an attacker. Honeypots do so by presenting an interactive system that seems just like a valid application to an attacker. This paper presents a part of APATE, a Linux Kernel Module (LKM) that is able to log, block and manipulate system calls based on preconfigurable conditions like Process ID (PID), User Id (UID), and many more. \apate can be used to build and harden High Interaction Honeypots. \apate can be configured using an integrated high level language. This language gets compiled to a fast intermediate language, which is processed by the APATE interpreter. This interpreter is able to hook, manipulate and log most of Linux Kernel functions. This research presents the language, the interpreter and its performance evaluation.
2010 Third International Conference on Advances in Human-Oriented and Personalized Mechanisms, Technologies and Services, 2010
Abstract Using communication services like voice services, chat services and web 2.0 technologie... more Abstract Using communication services like voice services, chat services and web 2.0 technologies (wikis, blogs, etc) are a common part of everyday life in a personal or business context. These communication services typically authenticate participants. Identities identify the ...
Secure communication is very important in computer networks and authentication is one of the most... more Secure communication is very important in computer networks and authentication is one of the most eminent preconditions. However, common authentication schemes are not applicable in ad hoc networks because public key infrastructures with a centralized certification authority are hard to deploy there. We propose and evaluate a security concept based on a distributed certification facility. A network is divided into clusters with one special head node each. These cluster head nodes execute administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a networksigned certificate after their authenticity has been warranted by some other members. The feasibility of this concept was verified by simulation. Three different models for node mobility were used in order to include realistic scenarios as well as make the results comparable to other work. The simulation results inc...
Uploads
Papers