Institute for Internet-Security
if(is)

Links  | Kontakt  | Sitemap  | Impressum  |  if(is) auf Twitter if(is) Facebook if(is)
Research

Below you find a list of the exploratory focuses in progress:

Explicit information regarding our research and development can be found under projects or publications.


Our society is changing as we are more and more becoming a linked information society. The reliability and trustworthiness of communication techniques and of course information has reached a high level of importance. 

At the moment, these are our exploratory focuses in education and research within the area of Internet Security:

Analyzing the Internet

The Internet consists of steadily growing, independent networks, the so called Autonomous Systems.

By now approximately 21.000 AS-networks have been registered.
In turn an AS, can consist of other sub-networks, which are connected by routers, but are under control of one administrative entity.

Autonomous Systems differ enormously in size and area expansion.
Each provider can determine its own strategy and by the help of routing protocols is able to organize the communication of IP packets within his network.

This balanced chaos got its own dynamic and needs to be monitored and understood.

Internet early-warning SystemsUsing the results of our key activities in the field of Internet early-warning Systems, an effective system is being developed. This System is able to detect critical states and broad-range attacks on the security, integrity and availability of services in the Internet in time.

Our staff members participating on the key activities develop an Internet early-warning System based on their collected knowledge. We expect this System to be able to recognize attack scenarios and to generate warnings, depending on the alarm level. Using this information, essential steps for blocking the attack can be made.


Internet-Analyzing-System

We developed a high complex Distributed System, which basic aim is to monitor the critical infrastructure Internet and to give a survey over the current state of the web.

Our System needs to fulfil the following tasks:

  • Creating profiles
  • Declaration of current state
  • Early-warning System
  • projection

The internet traffic is influenced by different communication parameters, these parameters "shape" profiles and patterns, which in turn are representative for different states of the Internet. The main task of the profile-creating module is to analyze and interpret those parameters.

By the help of our System anomaly can be detected and the cause of the change in state can be researched and analyzed.

Availability of services

In this research area, we focus on the development of a system, which is able to measure the different states of availability of the most important services and infrastructure components in terms of the Internet.  

These parameters could be for example, the most important web services, DNS services and communication connections, as well as routers, mail services and servers.

Different Parameters are measured by means of probes:
Quality of Service, error ratio, Jitter, delay, packet loss.
Additionally the functionality of Services is tested besides others by requesting various previously selected web pages, creating communication with an E-Mail-Gateway and performing DNS requests:

Scientific foundation for the interpretation of the collected information about the state of the Internet

In this field of research, Internet the data about the state of the internet, which is collected by our systems, is used for a statistical analysis to find anomalies, which might indicate an attack. One of the methods applied by this process of statistical analysis is Data-Mining.


Structural analysis of the Internet in Germany

In context of the Internet-Analysis-System the structure of the Internet in Germany shall be displayed.

On the basis information about autonomous systems, the different connections between them and the enterprises standing behind it, meshing the german part of the internet to be analyzed this.
An autonomous system is in the internet, an IP net, which stand for itself, which as unit administered and outward by special rout at the borders of the autonomous system one identifies. Enterprises become the AS nets of ISPs, Webhostern, large enterprises and of public InterNet exchange points. For the administration of the autonomous systems the central Internet Assigned Numbers Authority (IANA) has responsibility itself. World-wide approximately 21,000 AS networks are registered to time. With the structural analysis now the communication rivers between the autonomous systems are to be examined and represented. In addition model architectures are developed, help to understand the Dynamiken better.


Security Gateways (Firewall, VPN, uns.)

The effectiveness and overhead for communication of security gateways is being analyzed in this area.

 

E-Mail-Security

Our exploratory focus E-Mail security deals with security relevant topics, like the E-Mail service. Within this area of research we perform continuous surveys on the risk potential of E-Mail communication and the threat level of Spam and Virus infections.

Through our surveys we try to find out what kind of information is being exchanged via E-Mail and how relevant they are for the communication partners.

Another aim is to find out whether E-Mail communication is already limited or not and which techniques have already approved in practise.


Anti-Spam (Concepts, implementation strategies, empiric research)

The above mentioned surveys are a basis for the evaluation of Anti-Spam techniques. It is essential to check the numerous and in most cases complex options of spam defence for practical feasibility. In addition we work on modern techniques of spam defence. The focus of this task is to make E-Mail Service providers aware of their responsibility for Spam Defence and to help them to do this.


Digital signature and encryption, virtual mailbox 

In this area we focus on the usability of existing security techniques.


Password Fishing (recognition strategies)

Within this area we try to derive recognition strategies from the activities of the Internet-Analysis System.

Additional we look forward to make users and providers more aware of this issue and try to minimize this problem by the help of tech articles.


Harvesting (research)

Spammers use automated Bots to collect E-Mail-addresses for spam mailings.
This so called harvesting is our subject of research and therefore we analyze it to determine the behaviour of such Harvesting-Bots.
Furthermore, analysing the harvesting behaviour might reveal some clues about underlying structures of spamming.


Viruses, worms, trojans (recognition strategies)

Within this area we focus on the recognition of virus-spreading in the Internet to gain a knowledge base to enable the Internet-early-warning systems to announce a threat. 

Security of web services

Web-services have grown up and therefore developed an enormous potential that is based upon an open, dynamic exchange of data.
This openness is an advantage and gave them a broad acceptance.
On the other hand plainness is a problem, as its lacking of mechanisms that are to able to make web services secure enough to use them on a broad base in practise.

Within our exploratory focus web service security we deal on technologies and approaches that help to reach a higher security level for web services.

These are the following:


Identity Management

Within this area we realize common authentication policies on the base of PKIs, and check them for usability.

Single Sign On

In this area, we integrated the Liberty Alliance (Global LogIn, Circle of Trust) technology in our and other websites to demonstrate the operability.

XKMS

XKMS defines a protocol to implement the validation and administration of XML based keys via web services. The resulting benefits make it much easier to handle PKI. We have developed such a system and are checking it for usability at the moment.

Trustable chat rooms and mediation chats in the internet

Within the scope of this focus we have developed a secure chat system that offers tap-proof communication and safe operation.

Within a special focus is the trustable design of user interfaces that enables a private chat consultation in the professional area.

This makes it possible to use this system for psychological or general medicine consultation purposes.

Another application for this trustable chat is the mediation chat, which can be used for smaller legal cases that are therefore not brought to court.

Within the mediation chat, the parties to the dispute use the extended secure chat system and try to adjust their differences in short time and without extensive travel expenditures.

Security of Distributed Systems

In this area we deal with the implementation of security techniques on the different layers, like operating system, security system (e.g. EMSCB), and communication stack, to match all security related aspects for future applications.

Trusted Computing

The aim of our research project EMSCB is the development of a trustable, fair and open security system based on the Trusted Computing (TC) technology.


Communication aspects

Through the realization of modern IT concepts the necessity to communicate via networks will become more than important.

Distributed Systems, mobile applications as well as Ubiquitous- or Pervasive Computing are just a few examples to demonstrate the necessity.


Equitable Digital Right Management (DRM)

In our terms the aim of fair DRM systems is to create suitable environments and basic conditions for the use of digital works and to take care of the interests and security requirements of all participating parties. By that means fair DRM methods basically shall ensure the conclusion of a contract and its adherence.

Cyber law

Within our main focus cyber law, we deal with the statutory framework and the options of E-Commerce. This focus includes the following topics:

  • Adjustment and flexibility of adaptive legal norms

  • How to arrange privity of contract between the parties

  • Privacy protection and law for e-commerce

  • Mediation through Internet

More topics

IP-Telephony (Voice over IP)

Our topic IP-Telephony deals with quality of service requirements and new dependencies resulting from the cutback of old structures.
Furthermore we discuss the relevance of spam over IP-Telephony(spit).


Mobile networks (secure access, encrypted communication, etc.)

Here we deal with WLAN and Bluetooth security and the secure integration of mobile users in existing company networks.


Security of Next Generation Networks

Today, different security solutions are tailored for a specific technology or special requirements, but future will require the fusion of all technologies to one Next Generation Network.

The convergence of these different technologies and of products results in a greater demand for controlling the security of junctions between services and technologies and of complex relations.

Open Systems need different, provider comprehensive solution concepts to ensure working security mechanisms.

We deal with the new requirements of a Next Generation Network and discuss strategies and solutions. Our aim is to create a secure and trustable operation of information and communication techniques.


Link zum moeglichen Abschlussarbeiten des if(is)
Marktplatz IT-Sicherheit, Lösungen, Anbieter, Dienstleistungen, IT-Jobs
Anbieter finden!
Jobs finden!

Logo zum neuen Studiengang: Master Internet-SicherheitEinstieg auch zum
Sommersemster!

Logo zum Professor des Jahres 2011

Logo: Buch Sicher im Internet

Logo: DIX - Deutscher Internet-Index

Logo: Frühwarn- und Intrusion Detection-System auf der Basis von kombinierten Methoden der KI

Logo: Live Hacking / Awareness Performance

Logo: Turaya