This file was created by the TYPO3 extension bib --- Timezone: CEST Creation date: 2024-07-03 Creation time: 07-45-22 --- Number of references 5 inproceedings 2024_dahlmanns_ipv6-deployments 2024 5 10 Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data. Internet of Things, security, Internet measurements, IPv6, address generators internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-ipv6.pdf IEEE Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea Seoul, Korea 2024 IEEE Network Operations and Management Symposium May 6-10, 2024 accepted 1 MarkusDahlmanns FelixHeidenreich JohannesLohmöller JanPennekamp KlausWehrle MartinHenze inproceedings 2024-dahlmanns-doctoralsym 2024 5 10 Advances like Industry 4.0 lead to a rising number of Internet-connected industrial deployments and thus an Industrial Internet of Things with growing attack vectors. To uphold a secure and safe operation of these deployments, industrial protocols nowadays include security features, e.g., end-to-end secure communication. However, so far, it is unclear how well these features are used in practice and which obstacles might prevent operators from securely running their deployments. In this research description paper, we summarize our recent research activities to close this gap. Specifically, we show that even secure-by-design protocols are by far no guarantee for secure deployments. Instead, many deployments still open the doors for eavesdropping attacks or malicious takeovers. Additionally, we give an outlook on how to overcome identified obstacles allowing operators to configure their deployments more securely. https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-disssymposium.pdf IEEE Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea Seoul, Korea 2024 IEEE Network Operations and Management Symposium May 6-10, 2024 accepted 1 MarkusDahlmanns KlausWehrle poster 2024-dahlmanns-sul 2024 3 5 19 ven2us https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-slt.pdf VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany Leipzig, Germany VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik March 05-06, 2024 1 MarkusDahlmanns AndreasWark Carl-HeinzGenzel KlausWehrle inproceedings 2024-dahlmanns-fps 2024 14551 Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario. Mohamed Mosbah, Florence Sèdes, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens, Joaquin Garcia-Alfaro Springer Cham Lecture Notes in Computer Science Proceedings of the 16th International Symposium on Foundations and Practice of Security (FPS '23), December 11-13, 2023, Bordeaux, France Bordeaux, France International Symposium on Foundations and Practice of Security 2023 (FPS 23) December 11-13, 2023 10.1007/978-3-031-57540-2_2 1 MarkusDahlmanns RomanMatzutt ChrisDax KlausWehrle inproceedings 2024-dahlmanns-cired 2024 The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems. In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy. ven2us Proceedings of the CIRED workshop on Increasing Distribution Network Hosting Capacity 2024, June 19-20, 2024, Vienna, Austria Vienna CIRED workshop on Increasing Distribution Network Hosting Capacity 2024 June 19-20, 2024 1 MarkusDahlmanns Ina BereniceFink GerritErichsen GuosongLin ThomasHammer BurkhardBorkenhagen SebastianSchneider ChristofMaahsen KlausWehrle