Stefan Kraxberger

secinto

Modern vehicles become increasingly digitalized with advanced information technology-based solutions like advanced driving assistance systems and vehicle-to-x communications. These systems are complex and interconnected. Rising complexity and increasing outside exposure has created a steadily rising demand for more cyber-secure systems. Thus, also...

The functional capabilities of radio‐frequency identification (RFID) tags are rapidly increasing. Therefore, they can no longer be treated as pure bar‐code substitute, but they should be considered as computing devices. Modern tags are able to store and compute data, or even hold sensors. To draw full advantage from the increased functionality of t...

A critical requirement in overlay networks is to have unique, undeniable and verifiable identifiers for each node in the system.Without them, every node in such an overlay network would be able to impersonate other nodes or create an arbitrary amount of bogus nodes. Thus, a node or a group of nodes, could easily gain control over an overlay network...

Recent smartphone platforms based on new operating systems, such as iOS, Android, or Windows Phone, have been a huge success in recent years and open up many new opportunities. Unfortunately, 2011 also showed us that the new technologies and the privacy-related data on smartphones are also increasingly interesting for attackers. Especially, the And...

The popularity of the Android System in combination with the lax market approval process may attract the injection of malicious applications (apps) into the market. Android features a permission system allowing a user to review the permissions an app requests and grant or deny access to resources prior to installation. This system conveys a level o...

Twitter is the second largest social network after Facebook and currently 140 millions Tweets are posted on average each day. Tweets are messages with a maximum number of 140 characters and cover all imaginable stories ranging from simple activity updates over news coverage to opinions on arbitrary topics. In this work we argue that Twitter is a va...

To realize another step towards the Inter- net of Things, we looked for a suitable mechanism to transport IP packets on ad-hoc wireless personal area networks. Existing solutions are only targeted at point- to-point transport of IPv6 packets via IEEE 802.15.4 but lack routing and power-management capabilities. Starting from RFC4944 we present an IP...

The increasing market share of the Android platform is partly caused by a growing number of applications (apps) available on the Android market: by now (January 2011) roughly 200.000. This popularity in combination with the lax market approval process attracts the injection of malicious apps into the market. Android features a fine-grained permissi...

In this paper, we propose a secure routing algorithm based on three simple levels and show its applicability to heterogeneous unstructured overlays. Due to the lack of secure routing protocols for unstructured overlays we have started to investigate a possible solution for these systems. We propose a scalable secure routing protocol for heterogenou...

RFID tags can no longer be treated as pure bar-code substitute as their functional capabilities increase rapidly. Many of them are able to store and compute data, or hold sensors. The data flow in the EPCglobal network, which was created for "traditional" low-cost tags, does only work one-way: from tags to a couple of servers where data for the tag...

Energy costs for data centers are a significant part of the overall expenses for their operation. With a reduction of these and associated costs, huge savings can be achieved. This paper describes a way to reduce the energy costs for data centers. The general idea behind our solution is very simple. Instead of routing the information required for a...

RFID tags can no longer be treated as pure bar-code substitutes as their functional capabilities increase rapidly. Many of them are able to store and compute data, or hold sensors. The data flow in the EPCglobal network, which was created for “traditional” low-cost tags, does work one-way: from tags to a couple of servers where data for the tags is...

Research in overlay networks has been very successful, since overlay networks enabled a more efficient use of existing resources in a distributed manner. The paradigm shift from centralized control applied through few entities to distributed management performed by all entities not only had advantages. Also new kinds of security threats have been i...

Multi-agent systems allow a multitude of heterogenous systems to collaborate in a simple manner. It is easy to provide and gather information, distribute work and coordinate tasks without bothering with the differences of the underlying systems. Unfortunately, multiple networking and security problems arise from the dynamic behavior of multi-agent...

Providing access to relevant confidential information during an emergency increases the efficiency of emergency response operations. Existing approaches rely on a centralized on-line authority to regulate access to emergency applications and data. Unfortunately, it cannot be guaranteed that the central authority is available during an incident. Add...

Modern communication and computing devices have the potential to increase the efficiency of disaster response. Mobile agents and ad hoc networks are decentralized and flexible technologies to leverage this potential. While both ad hoc networks and mobile agent platforms suffer from a greater variety of security risks than the classic client-server...

Location determination of devices in wireless networks has been around for some time. Due to the fact that most approaches are based on client collaboration, they are not suitable for being integrated in security related components as intrusion detection or access control systems. In this paper we propose an approach that works without any client c...

Modern communication and computing devices have the potential to increase the efficiency of disaster response. Mobile agents are a decentralized and flexible technology to leverage this potential. While mobile agent platforms suffer from a greater variety of security risks than the classic client-server approach, Trusted Computing is capable of all...

Although P2P systems have found its way into almost every field of application, the lack of adequate security concepts, research for specific security algorithms and implementations of suitable security mechanisms are still limiting their full potential. We are focusing on getting an overall view on the security of heterogeneous unstructured P2P sy...

Peer-to-peer systems have the ability to connect network nodes in a convenient and simple manner. Thus, they are used in a broad range of applications to connect nodes with different capabilities in terms of computational power, memory and energy. For all these peer-to-peer systems there doesn't exist a coherent and dynamic security concept which a...

Driven by the idea to converge to the Internet of things, we searched within the course of a FP6-project for a suitable mechanism to transport IP packets on ad-hoc wireless personal area networks (WPANs). Prior work was already done and so we decided to start with RFC4944, which was probably the best working solutions for this problem. But since th...

The importance of P2P systems in real-world applications has grown significantly over the recent years. Although P2P systems have found its way into almost every field of application the lack of an adequate general security concept, research for specific security mechanisms and implementations of possible security improvements is still limiting the...

Driven by the permanent search for reliable anomaly-based intrusion detection mechanisms, we investigated different statistical methodologies to deal with the detection of polymorphic shellcode. The paper intends to give an overview on existing approaches in the literature as well as a synopsis of our efforts to evaluate the applicability of data m...

This paper presents our progression in the search for reliable anomaly-based intrusion detection mechanisms. We investigated different options of stochastic techniques. We started our investigations with Markov chains to detect abnormal traffic. The main aspect in our prior work was the optimization of transition matrices to obtain better detection...