Showing 1–16 of 16 results for author: Aßmuth, A

Practical Acoustic Eavesdropping On Typed Passphrases

Authors: Darren Fürst, Andreas Aßmuth

Abstract: Cloud services have become an essential infrastructure for enterprises and individuals. Access to these cloud services is typically governed by Identity and Access Management systems, where user authentication often relies on passwords. While best practices dictate the implementation of multi-factor authentication, it's a reality that many such users remain solely protected by passwords. This reli… ▽ More Cloud services have become an essential infrastructure for enterprises and individuals. Access to these cloud services is typically governed by Identity and Access Management systems, where user authentication often relies on passwords. While best practices dictate the implementation of multi-factor authentication, it's a reality that many such users remain solely protected by passwords. This reliance on passwords creates a significant vulnerability, as these credentials can be compromised through various means, including side-channel attacks. This paper exploits keyboard acoustic emanations to infer typed natural language passphrases via unsupervised learning, necessitating no previous training data. Whilst this work focuses on short passphrases, it is also applicable to longer messages, such as confidential emails, where the margin for error is much greater, than with passphrases, making the attack even more effective in such a setting. Unlike traditional attacks that require physical access to the target device, acoustic side-channel attacks can be executed within the vicinity, without the user's knowledge, offering a worthwhile avenue for malicious actors. Our findings replicate and extend previous work, confirming that cross-correlation audio preprocessing outperforms methods like mel-frequency-cepstral coefficients and fast-fourier transforms in keystroke clustering. Moreover, we show that partial passphrase recovery through clustering and a dictionary attack can enable faster than brute-force attacks, further emphasizing the risks posed by this attack vector. △ Less

Submitted 7 April, 2025; v1 submitted 20 March, 2025; originally announced March 2025.

Comments: 8 pages, 9 figures

Journal ref: Proc of the 16th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2025), pp. 9-16, Valencia, Spain, April 2025, ISSN 2308-4294

Graph of Effort: Quantifying Risk of AI Usage for Vulnerability Assessment

Authors: Anket Mehra, Andreas Aßmuth, Malte Prieß

Abstract: With AI-based software becoming widely available, the risk of exploiting its capabilities, such as high automation and complex pattern recognition, could significantly increase. An AI used offensively to attack non-AI assets is referred to as offensive AI. Current research explores how offensive AI can be utilized and how its usage can be classified. Additionally, methods for threat modeling are… ▽ More With AI-based software becoming widely available, the risk of exploiting its capabilities, such as high automation and complex pattern recognition, could significantly increase. An AI used offensively to attack non-AI assets is referred to as offensive AI. Current research explores how offensive AI can be utilized and how its usage can be classified. Additionally, methods for threat modeling are being developed for AI-based assets within organizations. However, there are gaps that need to be addressed. Firstly, there is a need to quantify the factors contributing to the AI threat. Secondly, there is a requirement to create threat models that analyze the risk of being attacked by AI for vulnerability assessment across all assets of an organization. This is particularly crucial and challenging in cloud environments, where sophisticated infrastructure and access control landscapes are prevalent. The ability to quantify and further analyze the threat posed by offensive AI enables analysts to rank vulnerabilities and prioritize the implementation of proactive countermeasures. To address these gaps, this paper introduces the Graph of Effort, an intuitive, flexible, and effective threat modeling method for analyzing the effort required to use offensive AI for vulnerability exploitation by an adversary. While the threat model is functional and provides valuable support, its design choices need further empirical validation in future work. △ Less

Submitted 7 April, 2025; v1 submitted 20 March, 2025; originally announced March 2025.

Comments: 8 pages, 4 figures

Journal ref: Proc of the 16th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2025), Valencia, Spain, April 2025, pp. 17-24, ISSN 2308-4294

Securing Confidential Data For Distributed Software Development Teams: Encrypted Container File

Authors: Tobias J. Bauer, Andreas Aßmuth

Abstract: In the context of modern software engineering, there is a trend towards Cloud-native software development involving international teams with members from all over the world. Cloud-based version management services like GitHub are commonly used for source code and other files. However, a challenge arises when developers from different companies or organizations share the platform, as sensitive data… ▽ More In the context of modern software engineering, there is a trend towards Cloud-native software development involving international teams with members from all over the world. Cloud-based version management services like GitHub are commonly used for source code and other files. However, a challenge arises when developers from different companies or organizations share the platform, as sensitive data should be encrypted to restrict access to certain developers only. This paper discusses existing tools addressing this issue, highlighting their shortcomings. The authors propose their own solution, Encrypted Container Files, designed to overcome the deficiencies observed in other tools. △ Less

Submitted 12 July, 2024; originally announced July 2024.

Comments: 18 pages, for associated implementation etc., see https://github.com/Hirnmoder/ECF

Journal ref: International Journal On Advances in Security, vol. 17, no. 1 and 2, pp. 11-28, 2024, ISSN 1942-2636

Analyzing the Attack Surface and Threats of Industrial Internet of Things Devices

Authors: Simon Liebl, Leah Lathrop, Ulrich Raithel, Andreas Aßmuth, Ian Ferguson, Matthias Söllner

Abstract: The growing connectivity of industrial devices as a result of the Internet of Things is increasing the risks to Industrial Control Systems. Since attacks on such devices can also cause damage to people and machines, they must be properly secured. Therefore, a threat analysis is required in order to identify weaknesses and thus mitigate the risk. In this paper, we present a systematic and holistic… ▽ More The growing connectivity of industrial devices as a result of the Internet of Things is increasing the risks to Industrial Control Systems. Since attacks on such devices can also cause damage to people and machines, they must be properly secured. Therefore, a threat analysis is required in order to identify weaknesses and thus mitigate the risk. In this paper, we present a systematic and holistic procedure for analyzing the attack surface and threats of Industrial Internet of Things devices. Our approach is to consider all components including hardware, software and data, assets, threats and attacks throughout the entire product life cycle. △ Less

Submitted 25 May, 2024; originally announced May 2024.

Comments: 12 pages

Journal ref: International Journal On Advances in Security, vol. 14, no. 1 and 2, pp. 59-70, 2021

Threat Analysis of Industrial Internet of Things Devices

Authors: Simon Liebl, Leah Lathrop, Ulrich Raithel, Matthias Söllner, Andreas Aßmuth

Abstract: As part of the Internet of Things, industrial devices are now also connected to cloud services. However, the connection to the Internet increases the risks for Industrial Control Systems. Therefore, a threat analysis is essential for these devices. In this paper, we examine Industrial Internet of Things devices, identify and rank different sources of threats and describe common threats and vulnera… ▽ More As part of the Internet of Things, industrial devices are now also connected to cloud services. However, the connection to the Internet increases the risks for Industrial Control Systems. Therefore, a threat analysis is essential for these devices. In this paper, we examine Industrial Internet of Things devices, identify and rank different sources of threats and describe common threats and vulnerabilities. Finally, we recommend a procedure to carry out a threat analysis on these devices. △ Less

Submitted 25 May, 2024; originally announced May 2024.

Comments: 7 pages

Journal ref: Proc of the 11th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2020), Nice, France, Apr 2020, pp. 31-37, ISSN 2308-4294

PLASMA -- Platform for Service Management in Digital Remote Maintenance Applications

Authors: Natascha Stumpp, Doris Aschenbrenner, Manuel Stahl, Andreas Aßmuth

Abstract: To support maintenance and servicing of industrial machines, service processes are even today often performed manually and analogously, although supportive technologies such as augmented reality, virtual reality and digital platforms already exist. In many cases, neither technicians on-site nor remote experts have all the essential information and options for suitable actions available. Existing s… ▽ More To support maintenance and servicing of industrial machines, service processes are even today often performed manually and analogously, although supportive technologies such as augmented reality, virtual reality and digital platforms already exist. In many cases, neither technicians on-site nor remote experts have all the essential information and options for suitable actions available. Existing service products and platforms do not cover all the required functions in practice in order to map end-to-end processes. PLASMA is a concept for a Cloud-based remote maintenance platform designed to meet these demands. But for a real-life implementation of PLASMA, security measures are essential as we show in this paper. △ Less

Submitted 20 May, 2024; originally announced May 2024.

Comments: 4 pages

Journal ref: Proc of the 10th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2019), Venice, Italy, May 2019, pp. 78-81, ISSN 2308-4294

Security of Cloud Services with Low-Performance Devices in Critical Infrastructures

Authors: Michael Molle, Ulrich Raithel, Dirk Kraemer, Norbert Graß, Matthias Söllner, Andreas Aßmuth

Abstract: As part of the Internet of Things (IoT) and Industry 4.0 Cloud services are increasingly interacting with low-performance devices that are used in automation. This results in security issues that will be presented in this paper. Particular attention is paid to so-called critical infrastructures. The authors intend to work on the addressed security challenges as part of a funded research project, u… ▽ More As part of the Internet of Things (IoT) and Industry 4.0 Cloud services are increasingly interacting with low-performance devices that are used in automation. This results in security issues that will be presented in this paper. Particular attention is paid to so-called critical infrastructures. The authors intend to work on the addressed security challenges as part of a funded research project, using electrical actuators and battery storages as specific applications. The core ideas of this research project are also presented in this paper. △ Less

Submitted 18 May, 2024; originally announced May 2024.

Comments: 5 pages

Journal ref: Proc of the 10th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2019), Venice, Italy, May 2019, pp. 88-92, ISSN 2308-4294

Cloud Security and Security Challenges Revisited

Authors: Fabian Süß, Marco Freimuth, Andreas Aßmuth, George R. S. Weir, Bob Duncan

Abstract: In recent years, Cloud Computing has transformed local businesses and created new business models on the Internet- and Cloud services are still flourishing. But after the emphatic hype in the early years, a more realistic perception of Cloud services has emerged. One reason for this surely is that today, Cloud Computing is considered as an established and well-accepted technology and no longer as… ▽ More In recent years, Cloud Computing has transformed local businesses and created new business models on the Internet- and Cloud services are still flourishing. But after the emphatic hype in the early years, a more realistic perception of Cloud services has emerged. One reason for this surely is that today, Cloud Computing is considered as an established and well-accepted technology and no longer as a technical novelty. But the second reason for this assessment might also be numerous security issues that Cloud Computing in general or specific Cloud services have experienced since then. In this paper, we revisit attacks on Cloud services and Cloud-related attack vectors that have been published in recent years. We then consider successful or proposed solutions to cope with these challenges. Based on these findings, we apply a security metric in order to rank all these Cloud-related security challenges concerning their severity. This should assist security professionals to prioritize their efforts toward addressing these issues. △ Less

Submitted 18 May, 2024; originally announced May 2024.

Comments: 6 pages

Journal ref: Proc of the 10th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2019), Venice, Italy, May 2019, pp. 61-66, ISSN 2308-4294

A Secure and Privacy-Friendly Logging Scheme

Authors: Andreas Aßmuth, Robert Duncan, Simon Liebl, Matthias Söllner

Abstract: Finding a robust security mechanism for audit trail logging has long been a poorly satisfied goal. There are many reasons for this. The most significant of these is that the audit trail is a highly sought after goal of attackers to ensure that they do not get caught. Thus they have an incredibly strong incentive to prevent companies from succeeding in this worthy aim. Regulation, such as the Europ… ▽ More Finding a robust security mechanism for audit trail logging has long been a poorly satisfied goal. There are many reasons for this. The most significant of these is that the audit trail is a highly sought after goal of attackers to ensure that they do not get caught. Thus they have an incredibly strong incentive to prevent companies from succeeding in this worthy aim. Regulation, such as the European Union General Data Protection Regulation, has brought a strong incentive for companies to achieve success in this area due to the punitive level of fines that can now be levied in the event of a successful breach by an attacker. We seek to resolve this issue through the use of an encrypted audit trail process that saves encrypted records to a true immutable database, which can ensure audit trail records are permanently retained in encrypted form, with no possibility of the records being compromised. This ensures compliance with the General Data Protection Regulation can be achieved. △ Less

Submitted 18 May, 2024; originally announced May 2024.

Comments: 5 pages

Journal ref: Proc of the 12th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2021), Porto, Portugal, April 2021, pp. 8-12, ISSN 2308-4294

Securing 3rd Party App Integration in Docker-based Cloud Software Ecosystems

Authors: Christian Binkowski, Stefan Appel, Andreas Aßmuth

Abstract: Open software ecosystems are beneficial for customers; they benefit from 3rd party services and applications, e.g. analysis of data using apps, developed and deployed by other companies or open-source communities. One significant advantage of this approach is that other customers may benefit from these newly developed applications as well. Especially software ecosystems utilizing container technol… ▽ More Open software ecosystems are beneficial for customers; they benefit from 3rd party services and applications, e.g. analysis of data using apps, developed and deployed by other companies or open-source communities. One significant advantage of this approach is that other customers may benefit from these newly developed applications as well. Especially software ecosystems utilizing container technologies are prone to certain risks. Docker, in particular, is more vulnerable to attacks than hypervisor based virtualisation as it directly operates on the host system. Docker is a popular representative of containerisation technology which offers a lightweight architecture in order to facilitate the set-up and creation of such software ecosystems. Popular Infrastructure as a Service cloud service providers, like Amazon Web Services or Microsoft Azure, jump on the containerisation bandwagon and provide interfaces for provisioning and managing containers. Companies can benefit from that change of technology and create software ecosystems more efficiently. In this paper, we present a new concept for significant security improvements for cloud-based software ecosystems using Docker for 3rd party app integration. Based on the security features of Docker we describe a secure integration of applications in the cloud environment securely. Our approach considers the whole software lifecycle and includes sandbox testing of potentially dangerous 3rd party apps before these became available to the customers. △ Less

Submitted 18 May, 2024; originally announced May 2024.

Comments: 7 pages

Journal ref: Proc of the 9th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2018), Barcelona, Spain, February 2018, pp. 77-83, ISSN 2308-4294

Distinguishing Tor From Other Encrypted Network Traffic Through Character Analysis

Authors: Pitpimon Choorod, Tobias J. Bauer, Andreas Aßmuth

Abstract: For journalists reporting from a totalitarian regime, whistleblowers and resistance fighters, the anonymous use of cloud services on the Internet can be vital for survival. The Tor network provides a free and widely used anonymization service for everyone. However, there are different approaches to distinguishing Tor from non-Tor encrypted network traffic, most recently only due to the (relative)… ▽ More For journalists reporting from a totalitarian regime, whistleblowers and resistance fighters, the anonymous use of cloud services on the Internet can be vital for survival. The Tor network provides a free and widely used anonymization service for everyone. However, there are different approaches to distinguishing Tor from non-Tor encrypted network traffic, most recently only due to the (relative) frequencies of hex digits in a single encrypted payload packet. While conventional data traffic is usually encrypted once, but at least three times in the case of Tor due to the structure and principle of the Tor network, we have examined to what extent the number of encryptions contributes to being able to distinguish Tor from non-Tor encrypted data traffic. △ Less

Submitted 15 May, 2024; originally announced May 2024.

Comments: 5 pages

Journal ref: Proc of the 15th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2024), Venice, Italy, May 2024, pp. 8-12, ISSN 2308-4294

Encrypted Container File: Design and Implementation of a Hybrid-Encrypted Multi-Recipient File Structure

Authors: Tobias J. Bauer, Andreas Aßmuth

Abstract: Modern software engineering trends towards Cloud-native software development by international teams of developers. Cloud-based version management services, such as GitHub, are used for the source code and other artifacts created during the development process. However, using such a service usually means that every developer has access to all data stored on the platform. Particularly, if the develo… ▽ More Modern software engineering trends towards Cloud-native software development by international teams of developers. Cloud-based version management services, such as GitHub, are used for the source code and other artifacts created during the development process. However, using such a service usually means that every developer has access to all data stored on the platform. Particularly, if the developers belong to different companies or organizations, it would be desirable for sensitive files to be encrypted in such a way that these can only be decrypted again by a group of previously defined people. In this paper, we examine currently available tools that address this problem, but which have certain shortcomings. We then present our own solution, Encrypted Container Files (ECF), for this problem, eliminating the deficiencies found in the other tools. △ Less

Submitted 18 May, 2024; v1 submitted 15 May, 2024; originally announced May 2024.

Comments: 7 pages, for associated implementation etc., see https://github.com/Hirnmoder/ECF

Journal ref: Proc of the 14th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2023), Nice, France, June 2023, pp. 1-7, ISSN 2308-4294

An Approach for Decentralized Authentication in Networks of UAVs

Authors: Nicholas Jäger, Andreas Aßmuth

Abstract: We propose a decentralized authentication system for networks of unmanned aerial vehicles. A blockchain-based public key infrastructure allows the usage of public key cryptography and public key based authentication protocols. The blockchain provides a common storage of the public keys and their relations and can provide the required information for the authentication process. Furthermore, the unm… ▽ More We propose a decentralized authentication system for networks of unmanned aerial vehicles. A blockchain-based public key infrastructure allows the usage of public key cryptography and public key based authentication protocols. The blockchain provides a common storage of the public keys and their relations and can provide the required information for the authentication process. Furthermore, the unmanned aerial vehicles store selected parts of the blockchain in order to operate independently in areas where they might not have access to the Internet. This allows unmanned aerial vehicles to authenticate entities of the network, like other unmanned aerial vehicles, cloud services, cars, and any computer. △ Less

Submitted 12 May, 2024; originally announced May 2024.

Comments: 5 pages

Journal ref: Proc of the 12th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2021), Porto Portugal, April 2021, pp. 13-17, ISSN 2308-4294

Managing Forensic Recovery in the Cloud

Authors: George R. S. Weir, Andreas Aßmuth, Nicholas Jäger

Abstract: As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the mu… ▽ More As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'. △ Less

Submitted 10 May, 2024; originally announced May 2024.

Comments: 6 pages

Journal ref: Proc of the 9th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2018), Barcelona, Spain, February 2018, pp. 45-50, ISSN 2308-4294

Strategies for Intrusion Monitoring in Cloud Services

Authors: George R. S. Weir, Andreas Aßmuth

Abstract: Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activit… ▽ More Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activities. We outline an approach to intrusion monitoring that aims (i)~to ensure the credibility of log data and (ii)~provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired. △ Less

Submitted 3 May, 2024; originally announced May 2024.

Comments: 5 pages

Journal ref: Proc of the 8th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2017), Athens, Greece, February 2017, pp. 49-53, ISSN 2308-4294

Security Challenges for Cloud or Fog Computing-Based AI Applications

Authors: Amir Pakmehr, Andreas Aßmuth, Christoph P. Neumann, Gerald Pirkl

Abstract: Security challenges for Cloud or Fog-based machine learning services pose several concerns. Securing the underlying Cloud or Fog services is essential, as successful attacks against these services, on which machine learning applications rely, can lead to significant impairments of these applications. Because the requirements for AI applications can also be different, we differentiate according to… ▽ More Security challenges for Cloud or Fog-based machine learning services pose several concerns. Securing the underlying Cloud or Fog services is essential, as successful attacks against these services, on which machine learning applications rely, can lead to significant impairments of these applications. Because the requirements for AI applications can also be different, we differentiate according to whether they are used in the Cloud or in a Fog Computing network. This then also results in different threats or attack possibilities. For Cloud platforms, the responsibility for security can be divided between different parties. Security deficiencies at a lower level can have a direct impact on the higher level where user data is stored. While responsibilities are simpler for Fog Computing networks, by moving services to the edge of the network, we have to secure them against physical access to the devices. We conclude by outlining specific information security requirements for AI applications. △ Less

Submitted 20 December, 2023; v1 submitted 30 October, 2023; originally announced October 2023.

Journal ref: Proc of the 14th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2023), Nice, France, June 2023, pp. 21-29, ISSN 2308-4294