Publications

Publications in 2021 of type Article, Conference Proceedings and Edited Conference Proceedings

Filter by Year: All, 2022, 2021, 2020, 2019, 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008,
Filter by Type: All, Book, Article, Chapter, Conference Proceedings, Edited Conference Proceedings, Master Thesis, Bachelor Thesis, Technical Report, Miscellaneous,
Filter by Language: All, English, German,

    2021

    • Philipp Meyer, Timo Häckel, Sandra Reider, Franz Korf, and Thomas C. Schmidt. Network Anomaly Detection in Cars: A Case for Time-Sensitive Stream Filtering and Policing. In: . Dec. 2021,
      [Abstract], [ArXiv], [Bibtex]

      Connected cars are vulnerable to cyber attacks. Security challenges arise from vehicular management uplinks, from signaling with roadside units or nearby cars, as well as from common Internet services. Major threats arrive from bogus traffic that enters the in-car backbone, which will comprise of Ethernet technologies in the near future. Various security techniques from different areas and layers are under discussion to protect future vehicles. In this paper, we show how Per-Stream Filtering and Policing of IEEE Time-Sensitive Networking (TSN) can be used as a core technology for identifying misbehaving traffic flows in cars, and thereby serve as network anomaly detectors. TSN is the leading candidate for implementing quality of service in vehicular Ethernet backbones. We classify the impact of network attacks on traffic flows and benchmark the detection performance in each individual class. Based on a backbone topology derived from a real car and its traffic definition, we evaluate the detection system in realistic scenarios with real attack traces. Our results show that the detection accuracy depends on the precision of the in-vehicle communication specification, the traffic type, the corruption layer, and the attack impact on the link layer. Most notably, the anomaly indicators of our approach remain free of false positive alarms, which is an important foundation for implementing automated countermeasures in future vehicles.

      @Article{         mhrks-nadct-21,
        author        = {Philipp Meyer AND Timo H{\"a}ckel AND Sandra Reider AND
                        Franz Korf AND Thomas C. Schmidt},
        title         = {{Network Anomaly Detection in Cars: A Case for
                        Time-Sensitive Stream Filtering and Policing}},
        month         = dec,
        year          = 2021,
        eprinttype    = {arxiv},
        eprint        = {2112.11109},
        abstract      = {Connected cars are vulnerable to cyber attacks. Security
                        challenges arise from vehicular management uplinks, from
                        signaling with roadside units or nearby cars, as well as
                        from common Internet services. Major threats arrive from
                        bogus traffic that enters the in-car backbone, which will
                        comprise of Ethernet technologies in the near future.
                        Various security techniques from different areas and layers
                        are under discussion to protect future vehicles. In this
                        paper, we show how Per-Stream Filtering and Policing of
                        IEEE Time-Sensitive Networking (TSN) can be used as a core
                        technology for identifying misbehaving traffic flows in
                        cars, and thereby serve as network anomaly detectors. TSN
                        is the leading candidate for implementing quality of
                        service in vehicular Ethernet backbones. We classify the
                        impact of network attacks on traffic flows and benchmark
                        the detection performance in each individual class. Based
                        on a backbone topology derived from a real car and its
                        traffic definition, we evaluate the detection system in
                        realistic scenarios with real attack traces. Our results
                        show that the detection accuracy depends on the precision
                        of the in-vehicle communication specification, the traffic
                        type, the corruption layer, and the attack impact on the
                        link layer. Most notably, the anomaly indicators of our
                        approach remain free of false positive alarms, which is an
                        important foundation for implementing automated
                        countermeasures in future vehicles.},
        groups        = {own, publications, simulation},
        langid        = {english}
      }
    • Tobias Haugg, Mohammad Fazel Soltani, Timo Häckel, Philipp Meyer, Franz Korf, and Thomas C. Schmidt. Simulation-based Evaluation of a Synchronous Transaction Model for Time-Sensitive Software-Defined Networks. In: Proceedings of the 8th International OMNeT++ Community Summit 2021. Oct. 2021,
      [Abstract], [Slides (pdf)], [ArXiv], [Bibtex]

      Real-time networks based on Ethernet require robust quality-of-service for time-critical traffic. The Time-Sensitive Networking (TSN) collection of standards enables this in real-time environments like vehicle on-board networks. Runtime reconfigurations in TSN must respect the deadlines of real-time traffic. Software-Defined Networking (SDN) moves the control plane of network devices to the SDN controller, making these networks programmable. This allows reconfigurations from a central point in the network. In this work, we present a transactional model for network reconfigurations that are synchronously executed in all network devices. We evaluate its performance in a case study against non-transactional reconfigurations and show that synchronous transactions enable consistency for reconfigurations in TSN without increased latencies for real-time frames.

      @InProceedings{   hshmk-ssttn-21,
        author        = {Tobias Haugg and Mohammad Fazel Soltani and Timo
                        H{\"a}ckel and Philipp Meyer and Franz Korf and Thomas C.
                        Schmidt},
        title         = {{Simulation-based Evaluation of a Synchronous Transaction
                        Model for Time-Sensitive Software-Defined Networks}},
        booktitle     = {Proceedings of the 8th International OMNeT++ Community
                        Summit 2021},
        month         = oct,
        year          = 2021,
        eprinttype    = {arxiv},
        eprint        = {2110.00236},
        abstract      = {Real-time networks based on Ethernet require robust
                        quality-of-service for time-critical traffic. The
                        Time-Sensitive Networking (TSN) collection of standards
                        enables this in real-time environments like vehicle
                        on-board networks. Runtime reconfigurations in TSN must
                        respect the deadlines of real-time traffic.
                        Software-Defined Networking (SDN) moves the control plane
                        of network devices to the SDN controller, making these
                        networks programmable. This allows reconfigurations from a
                        central point in the network. In this work, we present a
                        transactional model for network reconfigurations that are
                        synchronously executed in all network devices. We evaluate
                        its performance in a case study against non-transactional
                        reconfigurations and show that synchronous transactions
                        enable consistency for reconfigurations in TSN without
                        increased latencies for real-time frames. },
        groups        = {own, publications, simulation, omnet},
        langid        = {english},
        archiveprefix = {arXiv},
        primaryclass  = {cs.NI}
      }
    • Sandra Reider, Philipp Meyer, Timo Häckel, Franz Korf, and Thomas C. Schmidt. Integration realer Angriffe in simulierte Echtzeit- Ethernet-Netzwerke. In: Echtzeit 2020. Pages 51—60, Wiesbaden, Jan. 2021, Springer Vieweg,
      [Abstract], [DOI], [Bibtex]

      Ethernet wird zunehmend Bestandteil moderner Fahrzeugnetze und bildet die aussichtsreichste Technologie für künftige Hochgeschwindigkeits-Backbones im Auto. "Connected Vehicles" öffnen gleichzeitig ihre internen Fahrzeugnetzwerke nach außen und ermöglichen so eine Vielzahl neuer Angriffe, für die neue Sicherheitskonzepte entwickelt werden müssen. Sicherheitskonzepte und -mechanismen vor ihrer Einführung in einer Simulationsumgebungen zu testen, ist flexibel, schnell und kostengünstig. In dieser Arbeit stellen wir ein Konzept vor, mit dem realer Angriffsverkehr aufgezeichnet und in eine Simulationsumgebung eingespielt werden kann. Dieses evaluieren wir am Beispiel eines DoS-Angriffs und können zeigen, dass die erwarteten Auswirkungen des abgespielten Angriffs in der Simulation wiedergegeben werden.

      @InProceedings{   rmhks-irasn-21,
        author        = {Sandra Reider AND Philipp Meyer AND Timo H{\"a}ckel AND
                        Franz Korf AND Thomas C. Schmidt},
        title         = {{Integration realer Angriffe in simulierte Echtzeit-
                        Ethernet-Netzwerke}},
        booktitle     = {Echtzeit 2020},
        month         = jan,
        year          = 2021,
        pages         = {51--60},
        publisher     = {Springer Vieweg},
        address       = {Wiesbaden},
        isbn          = {978-3-658-32818-4},
        doi           = {10.1007/978-3-658-32818-4_6},
        abstract      = {Ethernet wird zunehmend Bestandteil moderner Fahrzeugnetze
                        und bildet die aussichtsreichste Technologie f{\"u}r
                        k{\"u}nftige Hochgeschwindigkeits-Backbones im Auto.
                        "Connected Vehicles" {\"o}ffnen gleichzeitig ihre internen
                        Fahrzeugnetzwerke nach au{\ss}en und erm{\"o}glichen so
                        eine Vielzahl neuer Angriffe, f{\"u}r die neue
                        Sicherheitskonzepte entwickelt werden m{\"u}ssen.
                        Sicherheitskonzepte und -mechanismen vor ihrer
                        Einf{\"u}hrung in einer Simulationsumgebungen zu testen,
                        ist flexibel, schnell und kosteng{\"u}nstig. In dieser
                        Arbeit stellen wir ein Konzept vor, mit dem realer
                        Angriffsverkehr aufgezeichnet und in eine
                        Simulationsumgebung eingespielt werden kann. Dieses
                        evaluieren wir am Beispiel eines DoS-Angriffs und
                        k{\"o}nnen zeigen, dass die erwarteten Auswirkungen des
                        abgespielten Angriffs in der Simulation wiedergegeben werden.},
        booksubtitle  = {Kommunikationssicherheit im Internet der Dinge (IoT)},
        series        = {Informatik aktuell},
        groups        = {own, publications, simulation},
        langid        = {ngerman}
      }