% % This file was created by the TYPO3 extension % bib % --- Timezone: UTC % Creation date: 2024-11-21 % Creation time: 11-44-03 % --- Number of references % 18 % @Inproceedings { 2024-fink-cired, title = {Resilient Control Center to Substation Device Communication}, year = {2024}, month = {11}, day = {7}, abstract = {Resilient communication is essential for reliably exchanging parameters and measurements in distribution systems. Thus, deploying redundant hardware for both local and wide area communication, along with protocols that leverage these redundancies for automatic and timely failovers, is fundamental. This paper presents a comprehensive overview of key protocols (PRP/HSR, MPLS-TP, and MPTCP) which offer robust recovery mechanisms. Additionally, it provides a specific concept and topology that effectively combine the presented protocols to ensure resilient communication from the control center to substation devices.}, tags = {ven2us}, booktitle = {Proceedings of the CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems, November 7-8, 2024, Chicago, USA}, event_place = {Chicago}, event_name = {CIRED Chicago Workshop 2024 on Resilience of Electric Distribution Systems}, event_date = {November 7-8, 2024}, state = {accepted}, reviewed = {1}, author = {Fink, Ina Berenice and Dahlmanns, Markus and Erichsen, Gerrit and Wehrle, Klaus} } @Inproceedings { 2024-dahlmanns-cired, title = {Reliable and Secure Control Center to Station Device Communication}, year = {2024}, month = {6}, day = {19}, abstract = {The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems. In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy.}, tags = {ven2us}, booktitle = {Proceedings of the CIRED workshop on Increasing Distribution Network Hosting Capacity 2024, June 19-20, 2024, Vienna, Austria}, event_place = {Vienna}, event_name = {CIRED workshop on Increasing Distribution Network Hosting Capacity 2024}, event_date = {June 19-20, 2024}, DOI = {10.1049/icp.2024.2096}, reviewed = {1}, author = {Dahlmanns, Markus and Fink, Ina Berenice and Erichsen, Gerrit and Lin, Guosong and Hammer, Thomas and Borkenhagen, Burkhard and Schneider, Sebastian and Maahsen, Christof and Wehrle, Klaus} } @Poster { 2024-fink-sul, title = {Poster: Resiliente Kommunikation f{\"u}r die Fernwirktechnik in digitalen Umspannwerken}, year = {2024}, month = {3}, day = {5}, number = {19}, tags = {ven2us}, organization = {VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik, March 05-06, 2024, Leipzig, Germany}, event_place = {Leipzig, Germany}, event_name = {VDE ETG/FNN-Tutorial 2024 Schutz- und Leittechnik}, event_date = {March 05-06, 2024}, reviewed = {1}, author = {Fink, Ina Berenice and Dahlmanns, Markus and Wehrle, Klaus} } @Inproceedings { 2023_pennekamp_benchmarking_comparison, title = {Designing Secure and Privacy-Preserving Information Systems for Industry Benchmarking}, year = {2023}, month = {6}, day = {15}, volume = {13901}, pages = {489-505}, abstract = {Benchmarking is an essential tool for industrial organizations to identify potentials that allows them to improve their competitive position through operational and strategic means. However, the handling of sensitive information, in terms of (i) internal company data and (ii) the underlying algorithm to compute the benchmark, demands strict (technical) confidentiality guarantees—an aspect that existing approaches fail to address adequately. Still, advances in private computing provide us with building blocks to reliably secure even complex computations and their inputs, as present in industry benchmarks. In this paper, we thus compare two promising and fundamentally different concepts (hardware- and software-based) to realize privacy-preserving benchmarks. Thereby, we provide detailed insights into the concept-specific benefits. Our evaluation of two real-world use cases from different industries underlines that realizing and deploying secure information systems for industry benchmarking is possible with today's building blocks from private computing.}, note = {Lecture Notes in Computer Science (LNCS), Volume 13901}, keywords = {real-world computing; trusted execution environments; homomorphic encryption; key performance indicators; benchmarking}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-industry-benchmarking.pdf}, publisher = {Springer}, booktitle = {Proceedings of the 35th International Conference on Advanced Information Systems Engineering (CAiSE '23), June 12-16, 2023, Zaragoza, Spain}, event_place = {Zaragoza, Spain}, event_name = {35th International Conference on Advanced Information Systems Engineering (CAiSE '23)}, event_date = {June 12-16, 2023}, ISBN = {978-3-031-34559-3}, ISSN = {0302-9743}, DOI = {10.1007/978-3-031-34560-9_29}, reviewed = {1}, author = {Pennekamp, Jan and Lohm{\"o}ller, Johannes and Vlad, Eduard and Loos, Joscha and Rodemann, Niklas and Sapel, Patrick and Fink, Ina Berenice and Schmitz, Seth and Hopmann, Christian and Jarke, Matthias and Schuh, G{\"u}nther and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2023-lorz-cired, title = {Interconnected grid protection systems - reference grid for testing an adaptive protection scheme}, year = {2023}, pages = {3286-3290}, tags = {ven2us}, booktitle = {27th International Conference on Electricity Distribution (CIRED 2023), Rome, Italy, June 12-15, 2023}, event_place = {Rome, Italy}, event_name = {International Conference \& Exhibition on Electricity Distribution (CIRED)}, event_date = {June 12-15, 2023}, DOI = {10.1049/icp.2023.0864}, reviewed = {1}, author = {Lorz, Tobias and Jaeger, Johann and Selimaj, Antigona and Hacker, Immanuel and Ulbig, Andreas and Heckel, Jan-Peter and Becker, Christian and Dahlmanns, Markus and Fink, Ina Berenice and Wehrle, Klaus and Erichsen, Gerrit and Schindler, Michael and Luxenburger, Rainer and Lin, Guosong} } @Proceedings { 2022-wolsing-radarsec, title = {Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset}, year = {2022}, month = {9}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-radar.pdf}, publisher = {IEEE}, event_place = {Edmonton, Canada}, event_name = {47th IEEE Conference on Local Computer Networks (LCN)}, event_date = {September 26-29, 2022}, DOI = {10.1109/LCN53696.2022.9843801}, reviewed = {1}, author = {Wolsing, Konrad and Saillard, Antoine and Bauer, Jan and Wagner, Eric and van Sloun, Christian and Fink, Ina Berenice and Schmidt, Mari and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_kus_iids_generalizability, title = {A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection}, year = {2022}, month = {5}, day = {30}, pages = {73-84}, abstract = {Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 \%. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 \% and 14.7 \% for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks.}, keywords = {anomaly detection; machine learning; industrial control system}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan}, ISBN = {978-1-4503-9176-4/22/05}, DOI = {10.1145/3494107.3522773}, reviewed = {1}, author = {Kus, Dominik and Wagner, Eric and Pennekamp, Jan and Wolsing, Konrad and Fink, Ina Berenice and Dahlmanns, Markus and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022-lorenz-ven2us, title = {Interconnected network protection systems - the basis for the reliable and safe operation of distribution grids with a high penetration of renewable energies and electric vehicle}, year = {2022}, abstract = {Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development. In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests.}, tags = {ven2us}, booktitle = {Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal}, event_place = {Porto}, event_name = {CIRED workshop on E-mobility and power distribution systems 2022}, event_date = {June 2-3, 2022}, DOI = {10.1049/icp.2022.0768}, reviewed = {1}, author = {Lorenz, Matthias and Pletzer, Tobias Markus and Schuhmacher, Malte and Sowa, Torsten and Dahms, Michael and Stock, Simon and Babazadeh, Davood and Becker, Christian and Jaeger, Johann and Lorz, Tobias and Dahlmanns, Markus and Fink, Ina Berenice and Wehrle, Klaus and Ulbig, Andreas and Linnartz, Philipp and Selimaj, Antigona and Offergeld, Thomas} } @Proceedings { fink-lcn-demons-2021, title = {DEMONS: Extended Manufacturer Usage Description to Restrain Malicious Smartphone Apps}, year = {2021}, month = {10}, day = {4}, tags = {nerd-nrw}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-fink-lcn-demons.pdf}, publisher = {IEEE}, howpublished = {online}, event_place = {Edmonton, Canada}, event_name = {46th IEEE Conference on Local Computer Networks (LCN)}, event_date = {October 4-7, 2021}, DOI = {10.1109/LCN52139.2021.9524879}, reviewed = {1}, author = {Fink, Ina Berenice and Serror, Martin and Wehrle, Klaus} } @Inproceedings { 2021_dahlmanns_entrust, title = {Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems}, year = {2021}, month = {4}, day = {28}, pages = {78–87}, abstract = {The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.}, keywords = {cyber-physical system security; publish-subscribe security; end-to-end security}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-dahlmanns-entrust.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 1st ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SaT-CPS '21), co-located with the 11th ACM Conference on Data and Application Security and Privacy (CODASPY '21), April 26-28, 2021, Virtual Event, USA}, event_place = {Virtual Event, USA}, event_name = {ACM Workshop on Secure and Trustworthy Cyber-Physical Systems}, event_date = {April 28, 2021}, ISBN = {978-1-4503-8319-6/21/04}, DOI = {10.1145/3445969.3450423}, reviewed = {1}, author = {Dahlmanns, Markus and Pennekamp, Jan and Fink, Ina Berenice and Schoolmann, Bernd and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2020_pennekamp_benchmarking, title = {Revisiting the Privacy Needs of Real-World Applicable Company Benchmarking}, year = {2020}, month = {12}, day = {15}, pages = {31-44}, abstract = {Benchmarking the performance of companies is essential to identify improvement potentials in various industries. Due to a competitive environment, this process imposes strong privacy needs, as leaked business secrets can have devastating effects on participating companies. Consequently, related work proposes to protect sensitive input data of companies using secure multi-party computation or homomorphic encryption. However, related work so far does not consider that also the benchmarking algorithm, used in today's applied real-world scenarios to compute all relevant statistics, itself contains significant intellectual property, and thus needs to be protected. Addressing this issue, we present PCB — a practical design for Privacy-preserving Company Benchmarking that utilizes homomorphic encryption and a privacy proxy — which is specifically tailored for realistic real-world applications in which we protect companies' sensitive input data and the valuable algorithms used to compute underlying key performance indicators. We evaluate PCB's performance using synthetic measurements and showcase its applicability alongside an actual company benchmarking performed in the domain of injection molding, covering 48 distinct key performance indicators calculated out of hundreds of different input values. By protecting the privacy of all participants, we enable them to fully profit from the benefits of company benchmarking.}, keywords = {practical encrypted computing; homomorphic encryption; algorithm confidentiality; benchmarking; key performance indicators; industrial application; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-company-benchmarking.pdf}, web_url = {https://eprint.iacr.org/2020/1512}, publisher = {HomomorphicEncryption.org}, booktitle = {Proceedings of the 8th Workshop on Encrypted Computing \& Applied Homomorphic Cryptography (WAHC '20), December 15, 2020, Virtual Event}, event_place = {Virtual Event}, event_date = {December 15, 2020}, ISBN = {978-3-00-067798-4}, DOI = {10.25835/0072999}, reviewed = {1}, author = {Pennekamp, Jan and Sapel, Patrick and Fink, Ina Berenice and Wagner, Simon and Reuter, Sebastian and Hopmann, Christian and Wehrle, Klaus and Henze, Martin} } @Proceedings { fink-lcn-demons-2020, title = {Extending MUD to Smartphones}, year = {2020}, month = {11}, day = {15}, tags = {nerd-nrw}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-fink-lcn-mud-smartphone.pdf}, publisher = {IEEE}, howpublished = {online}, event_place = {Sydney, Australia}, event_name = {45th IEEE Conference on Local Computer Networks (LCN)}, event_date = {November 16-19, 2020}, DOI = {10.1109/LCN48667.2020.9314782}, reviewed = {1}, author = {Fink, Ina Berenice and Serror, Martin and Wehrle, Klaus} } @Inproceedings { 2020-dahlmanns-imc-opcua, title = {Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments}, year = {2020}, month = {10}, day = {27}, pages = {101-110}, abstract = {Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24\% of hosts), disabled security functionality (24\%), or use of deprecated cryptographic primitives (25\%) on in total 92\% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols.}, keywords = {industrial communication; network security; security configuration}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf}, publisher = {ACM}, booktitle = {Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA}, event_place = {Pittsburgh, PA, USA}, event_name = {ACM Internet Measurement Conference 2020}, event_date = {October 27-29, 2020}, ISBN = {978-1-4503-8138-3/20/10}, DOI = {10.1145/3419394.3423666}, reviewed = {1}, author = {Dahlmanns, Markus and Lohm{\"o}ller, Johannes and Fink, Ina Berenice and Pennekamp, Jan and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2020_roepert_opcua, title = {Assessing the Security of OPC UA Deployments}, year = {2020}, month = {4}, day = {2}, abstract = {To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf}, misc2 = {en}, publisher = {University of T{\"u}bingen}, booktitle = {Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, T{\"u}bingen, Germany}, event_place = {T{\"u}bingen, Germany}, event_date = {April 2-3, 2020}, DOI = {10.15496/publikation-41813}, reviewed = {1}, author = {Roepert, Linus and Dahlmanns, Markus and Fink, Ina Berenice and Pennekamp, Jan and Henze, Martin} } @Article { 2019-csf-date, title = {Visualizing flow in an intact CSF network using optical coherence tomography: implications for human congenital hydrocephalus}, journal = {Scientific Reports}, year = {2019}, month = {4}, day = {17}, volume = {9}, number = {1}, pages = {6196.}, web_url = {https://www.nature.com/articles/s41598-019-42549-4}, web_url_date = {06.09.2019}, chapter = {6196}, DOI = {https://doi.org/10.1038/s41598-019-42549-4}, extern = {1}, reviewed = {1}, author = {Date, Priya and Ackermann, Pascal and Furey, Charuta and Fink, Ina Berenice and Jonas, Stephan and Khokha, Mustafa K. and Kahle, Kristophe T. and Deniz, Engin} } @Inproceedings { 2017-henze-mobiquitous-comparison, title = {Privacy-preserving Comparison of Cloud Exposure Induced by Mobile Apps}, year = {2017}, month = {11}, day = {7}, pages = {543-544}, tags = {trinics}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-comparison.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous) - Poster Session, Melbourne, VIC, Australia}, language = {en}, ISBN = {978-1-4503-5368-7}, DOI = {10.1145/3144457.3144511}, reviewed = {1}, author = {Henze, Martin and Inaba, Ritsuma and Fink, Ina Berenice and Ziegeldorf, Jan Henrik} } @Conference { 2017-fink-brainlab-gmds, title = {BrainLab - Ein Framework f{\"u}r mobile neurologische Untersuchungen}, year = {2017}, month = {8}, day = {29}, note = {Best Abstract Award}, web_url = {https://www.egms.de/static/en/meetings/gmds2017/17gmds137.shtml}, web_url_date = {06.09.19}, publisher = {German Medical Science GMS Publishing House (2017)}, booktitle = {62. Jahrestagung der Deutschen Gesellschaft f{\"u}r Medizinische Informatik, Biometrie und Epidemiologie e.V. (GMDS).}, event_place = {Oldenburg}, event_name = {GMDS 2017}, event_date = {17-21 September 2017}, DOI = {10.3205/17gmds137}, reviewed = {1}, author = {Fink, Ina Berenice and Hankammer, Bernd and Stopinski, Thomas and Titgemeyer, Yannic and Ramos, Roann and Kutafina, Ekaterina and Bitsch, J{\'o} Agila and Jonas, Stephan Michael} } @Conference { 2017-fink-brainlab, title = {BrainLab – towards mobile brain research}, year = {2017}, month = {4}, day = {24}, pages = {2}, url = {/fileadmin/papers/2017/2017-fink-brainlab.pdf}, web_url2 = {http://informaticsforhealth.org/wp-content/uploads/2017/04/IFH2017-Digital-Programme.pdf}, web_url2_date = {2017-05-09}, misc2 = {Online}, booktitle = {Informatics for Health 2017, Manchester UK}, event_place = {Manchester, UK}, event_name = {Informatics for Health 2017, Manchester UK}, event_date = {24-26 April 2017}, language = {en}, reviewed = {1}, author = {Fink, Ina Berenice and Hankammer, Bernd and Stopinsky, Thomas and Ramos, Roann and Kutafina, Ekaterina and Bitsch Link, J{\'o} Agila and Jonas, Stephan} }