This file was created by the TYPO3 extension bib --- Timezone: UTC Creation date: 2024-11-21 Creation time: 08-51-29 --- Number of references 16 inproceedings 2024_lohmoeller_tee_datasharing 2024 12 19 internet-of-production;health https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-tee-data-sharing.pdf IEEE Proceedings of the 1st Conference on Building a Secure and Empowered Cyberspace (BuildSEC '24), December 19-21, 2024, New Delhi, India New Delhi, India Building a Secure & Empowered Cyberspace December 19-21, 2024 accepted en 1 JohannesLohmöller RomanMatzutt JoschaLoos EduardVlad JanPennekamp KlausWehrle inproceedings 2024_lohmoeller_scematch 2024 12 16 rfc;health IEEE Proceedings of the International Workshop on AI-Driven Trust, Security and Privacy in Computer Networks (AI-Driven TSP '24), co-located with the 23rd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom '24), December 17-21, 2024, Sanya, China Sanya, China TrustCom 2024 December 17-21, 2024 accepted en 1 JohannesLohmöller JannisScheiber RafaelKramann KlausWehrle SikanderHayat JanPennekamp article 2024_querfurth_mcbert bioRxiv 2024 11 7 health 10.1101/2024.11.04.621897 Benediktvon Querfurth JohannesLohmöller JanPennekamp ToreBleckwehl RafaelKramann KlausWehrle SikanderHayat inproceedings 2024_lohmoeller_consent 2024 10 17 4 7-12 health https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-consent-aware-discovery.pdf Online Fraunhofer ISI Research Papers of the Platform Privacy, 2024, October 17-18, Berlin, Germany Berlin Plattform Privatheit October 17-18, 2024 en 2942-8874 10.24406/publica-3685 1 JohannesLohmöller JanPennekamp KlausWehrle inproceedings 2024_dahlmanns_ipv6-deployments 2024 5 10 Internet-wide studies provide extremely valuable insight into how operators manage their Internet of Things (IoT) deployments in reality and often reveal grievances, e.g., significant security issues. However, while IoT devices often use IPv6, past studies resorted to comprehensively scan the IPv4 address space. To fully understand how the IoT and all its services and devices is operated, including IPv6-reachable deployments is inevitable-although scanning the entire IPv6 address space is infeasible. In this paper, we close this gap and examine how to best discover IPv6-reachable IoT deployments. To this end, we propose a methodology that allows combining various IPv6 scan direction approaches to understand the findability and prevalence of IPv6-reachable IoT deployments. Using three sources of active IPv6 addresses and eleven address generators, we discovered 6658 IoT deployments. We derive that the available address sources are a good starting point for finding IoT deployments. Additionally, we show that using two address generators is sufficient to cover most found deployments and save time as well as resources. Assessing the security of the deployments, we surprisingly find similar issues as in the IPv4 Internet, although IPv6 deployments might be newer and generally more up-to-date: Only 39% of deployments have access control in place and only 6.2% make use of TLS inviting attackers, e.g., to eavesdrop sensitive data. Internet of Things, security, Internet measurements, IPv6, address generators internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-dahlmanns-ipv6.pdf IEEE Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24), May 6-10, 2024, Seoul, Korea Seoul, Korea 2024 IEEE Network Operations and Management Symposium May 6-10, 2024 10.1109/NOMS59830.2024.10574963 1 MarkusDahlmanns FelixHeidenreich JohannesLohmöller JanPennekamp KlausWehrle MartinHenze article 2024_lohmoeller_sovereignty-survey Data & Knowledge Engineering 2024 5 1 151 Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning their reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts. Data sharing; Confidentiality; Integrity protection; Data Markets; Distributed databases internet-of-production; coat-ers; vesitrust; health https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-data-sovereignty-survey.pdf Elsevier 0169-023X 10.1016/j.datak.2024.102301 1 JohannesLohmöller JanPennekamp RomanMatzutt Carolin VictoriaSchneider EduardVlad ChristianTrautwein KlausWehrle inproceedings 2023_lohmoeller_transparency 2023 11 27 data usage control; data ecosystems; transparency logs https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-lohmoeller-transparency.pdf ACM Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23), November 26-30, 2023, Copenhagen, Denmark Copenhagen, Denmark November 26-30, 2023 979-8-4007-0050-7/23/11 10.1145/3576915.3624371 1 JohannesLohmöller EduardVlad MarkusDahlmanns KlausWehrle inproceedings 2023_pennekamp_benchmarking_comparison 2023 6 15 13901 489-505 Benchmarking is an essential tool for industrial organizations to identify potentials that allows them to improve their competitive position through operational and strategic means. However, the handling of sensitive information, in terms of (i) internal company data and (ii) the underlying algorithm to compute the benchmark, demands strict (technical) confidentiality guarantees—an aspect that existing approaches fail to address adequately. Still, advances in private computing provide us with building blocks to reliably secure even complex computations and their inputs, as present in industry benchmarks. In this paper, we thus compare two promising and fundamentally different concepts (hardware- and software-based) to realize privacy-preserving benchmarks. Thereby, we provide detailed insights into the concept-specific benefits. Our evaluation of two real-world use cases from different industries underlines that realizing and deploying secure information systems for industry benchmarking is possible with today's building blocks from private computing. Lecture Notes in Computer Science (LNCS), Volume 13901 real-world computing; trusted execution environments; homomorphic encryption; key performance indicators; benchmarking internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-industry-benchmarking.pdf Springer Proceedings of the 35th International Conference on Advanced Information Systems Engineering (CAiSE '23), June 12-16, 2023, Zaragoza, Spain Zaragoza, Spain 35th International Conference on Advanced Information Systems Engineering (CAiSE '23) June 12-16, 2023 978-3-031-34559-3 0302-9743 10.1007/978-3-031-34560-9_29 1 JanPennekamp JohannesLohmöller EduardVlad JoschaLoos NiklasRodemann PatrickSapel Ina BereniceFink SethSchmitz ChristianHopmann MatthiasJarke GüntherSchuh KlausWehrle MartinHenze article 2023-circres-wu-comp-ecosystem Circulation research 2023 4 14 132 8 1084-1100 The identification of mediators for physiologic processes, correlation of molecular processes, or even pathophysiological processes within a single organ such as the kidney or heart has been extensively studied to answer specific research questions using organ-centered approaches in the past 50 years. However, it has become evident that these approaches do not adequately complement each other and display a distorted single-disease progression, lacking holistic multilevel/multidimensional correlations. Holistic approaches have become increasingly significant in understanding and uncovering high dimensional interactions and molecular overlaps between different organ systems in the pathophysiology of multimorbid and systemic diseases like cardiorenal syndrome because of pathological heart-kidney crosstalk. Holistic approaches to unraveling multimorbid diseases are based on the integration, merging, and correlation of extensive, heterogeneous, and multidimensional data from different data sources, both -omics and nonomics databases. These approaches aimed at generating viable and translatable disease models using mathematical, statistical, and computational tools, thereby creating first computational ecosystems. As part of these computational ecosystems, systems medicine solutions focus on the analysis of -omics data in single-organ diseases. However, the data–scientific requirements to address the complexity of multimodality and multimorbidity reach far beyond what is currently available and require multiphased and cross-sectional approaches. These approaches break down complexity into small and comprehensible challenges. Such holistic computational ecosystems encompass data, methods, processes, and interdisciplinary knowledge to manage the complexity of multiorgan crosstalk. Therefore, this review summarizes the current knowledge of kidney-heart crosstalk, along with methods and opportunities that arise from the novel application of computational ecosystems providing a holistic analysis on the example of kidney-heart crosstalk. disease progression; ecosystem; heart; kidney; multimorbidity coat-ers Online en 10.1161/CIRCRESAHA.123.321765 1 ZhuojunWu JohannesLohmöller ChristianeKuhl KlausWehrle JoachimJankowski inproceedings 2022_lohmoeller_sovereignty 2022 9 5 3306 51-63 Data ecosystems are the foundation of emerging data-driven business models as they (i) enable an automated exchange between their participants and (ii) provide them with access to huge and heterogeneous data sources. However, the corresponding benefits come with unforeseen risks as also sensitive information is potentially exposed. Consequently, data security is of utmost importance and, thus, a central requirement for the successful implementation of these ecosystems. Current initiatives, such as IDS and GAIA-X, hence foster sovereign participation via a federated infrastructure where participants retain local control. However, these designs place significant trust in remote infrastructure by mostly implementing organizational security measures such as certification processes prior to admission of a participant. At the same time, due to the sensitive nature of involved data, participants are incentivized to bypass security measures to maximize their own benefit: In practice, this issue significantly weakens sovereignty guarantees. In this paper, we hence claim that data ecosystems must be extended with technical means to reestablish such guarantees. To underpin our position, we analyze promising building blocks and identify three core research directions toward stronger data sovereignty, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. We conclude that these directions are critical to securely implement data ecosystems in data-sensitive contexts. internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-lohmoeller-deco.pdf CEUR Workshop Proceedings Proceedings of the 1st International Workshop on Data Ecosystems (DEco '22), co-located with the 48th International Conference on Very Large Databases (VLDB '22), September 5-9, 2022, Sydney, Australia, Sydney, Australia International Workshop on Data Ecosystems (DEco '22) September 5, 2022 1613-0073 1 JohannesLohmöller JanPennekamp RomanMatzutt KlausWehrle inproceedings 2022_dahlmanns_tlsiiot 2022 5 31 252-266 The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and authentication, (i) traditional industrial protocols, e.g., Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g., MQTT, are directly designed to use TLS. To understand whether these changes indeed lead to secure Industrial Internet of Things deployments, i.e., using TLS-based protocols, which are configured according to security best practices, we perform an Internet-wide security assessment of ten industrial protocols covering the complete IPv4 address space. Our results show that both, retrofitted existing protocols and newly developed secure alternatives, are barely noticeable in the wild. While we find that new protocols have a higher TLS adoption rate than traditional protocols (7.2 % vs. 0.4 %), the overall adoption of TLS is comparably low (6.5 % of hosts). Thus, most industrial deployments (934,736 hosts) are insecurely connected to the Internet. Furthermore, we identify that 42 % of hosts with TLS support (26,665 hosts) show security deficits, e.g., missing access control. Finally, we show that support in configuring systems securely, e.g., via configuration templates, is promising to strengthen security. industrial communication; network security; security configuration internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-dahlmanns-asiaccs.pdf ACM Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan Nagasaki, Japan ASIACCS '22 May 30-June 3, 2022 978-1-4503-9140-5/22/05 10.1145/3488932.3497762 1 MarkusDahlmanns JohannesLohmöller JanPennekamp JörnBodenhausen KlausWehrle MartinHenze inproceedings 2021_mitseva_sequences 2021 11 17 2411-2413 Website fingerprinting (WFP) is a special case of traffic analysis, where a passive attacker infers information about the content of encrypted and anonymized connections by observing patterns of data flows. Although modern WFP attacks pose a serious threat to online privacy of users, including Tor users, they usually aim to detect single pages only. By ignoring the browsing behavior of users, the attacker excludes valuable information: users visit multiple pages of a single website consecutively, e.g., by following links. In this paper, we propose two novel methods that can take advantage of the consecutive visits of multiple pages to detect websites. We show that two up to three clicks within a site allow attackers to boost the accuracy by more than 20% and to dramatically increase the threat to users' privacy. We argue that WFP defenses have to consider this new dimension of the attack surface. Traffic Analysis; Website Fingerprinting; Web Privacy https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mitseva-fingerprinting-sequences.pdf ACM Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea Seoul, Korea November 15-19, 2021 978-1-4503-8454-4/21/11 10.1145/3460120.3485347 1 AsyaMitseva JanPennekamp JohannesLohmöller TorstenZiemann CarlHoerchner KlausWehrle AndriyPanchenko thesis 2021_lohmoeller_industrial_tls 2021 6 RWTH Aachen University Master Thesis JohannesLohmöller inproceedings 2020-dahlmanns-imc-opcua 2020 10 27 101-110 Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24% of hosts), disabled security functionality (24%), or use of deprecated cryptographic primitives (25%) on in total 92% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols. industrial communication; network security; security configuration internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf ACM Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA Pittsburgh, PA, USA ACM Internet Measurement Conference 2020 October 27-29, 2020 978-1-4503-8138-3/20/10 10.1145/3419394.3423666 1 MarkusDahlmanns JohannesLohmöller Ina BereniceFink JanPennekamp KlausWehrle MartinHenze inproceedings 2019_lohmoeller_fiware 2019 11 IOP Publishing Journal of Physics: Conference Series 1343 EPFL Lausanne CISBAT 2019 4-6 September 2019 10.1088/1742-6596/1343/1/012063 1 ThomasStorek JohannesLohmöller AlexanderKümpel MarkBaranski DirkMüller thesis 2019_lohmoeller_fingerprinting 2019 3 RWTH Aachen University Communication and Distributed Systems Bachelor Thesis JohannesLohmöller