Contributions published at Communication Systems Group (Burkhard Stiller)

As digital dependency increases, companies are becoming more exposed to cybersecu- rity threats. Cybersecurity has become a critical factor for companies that depend on information systems. Therefore, companies are interested in implementing appropriate cybersecurity solutions to reduce the risk of a successful cyberattack. If these invest- ments are done incorrectly or not at all, the consequences can be devastating. Successful attacks can lead to system failures and data theft, often resulting in financial loss and damage to the company’s reputation. However, it is difficult for a company to evaluate how much money they should invest in cybersecurity and in which measures they should invest. Since budgets are often limited, companies aim for the highest level of security while keeping costs as low as possible. The goal of this thesis is therefore to develop a visual tool for cybersecurity investments. The tool supports the calculation of the optimal cybersecurity investment for different business areas. It also provides the user with suit- able cybersecurity measures. Furthermore, it shows the user the calculated profitability of the various security investments.

null

null

Brain-Computer Interfaces (BCIs) have significantly improved the patients’ quality of life by restoring damaged hearing, sight, and movement capabilities. After evolving their application scenarios, the current trend of BCI is to enable new innovative brain-to-brain and brain-to-the-Internet communication paradigms. This technological advancement generates opportunities for attackers, since users’ personal information and physical integrity could be under tremendous risk. This work presents the existing versions of the BCI life-cycle and homogenizes them in a new approach that overcomes current limitations. After that, we offer a qualitative characterization of the security attacks affecting each phase of the BCI cycle to analyze their impacts and countermeasures documented in the literature. Finally, we reflect on lessons learned, highlighting research trends and future challenges concerning security on BCIs.

Invasive Brain-Computer Interfaces (BCIs) are extensively used in medical application scenarios to record, stimulate, or inhibit neural activity with different purposes. An example is the stimulation of some brain areas to reduce the effects generated by Parkinson’s disease. Despite the advances in recent years, cybersecurity on BCIs is an open challenge since attackers can exploit the vulnerabilities of invasive BCIs to induce malicious stimulation or treatment disruption, affecting neuronal activity. In this work, we design and implement a novel neuronal cyberattack called Neuronal Jamming (JAM), which prevents neurons from producing spikes. To implement and measure the JAM impact, and due to the lack of realistic neuronal topologies in mammalians, we have defined a use case using a Convolutional Neural Network (CNN) trained to allow a simulated mouse to exit a particular maze. The resulting model has been translated to a biological neural topology, simulating a portion of a mouse’s visual cortex. The impact of JAM on both biological and artificial networks is measured, analyzing how the attacks can both disrupt the spontaneous neural signaling and the mouse’s capacity to exit the maze. Besides, another contribution of the work focuses on comparing the impacts of both JAM and FLO (an existing neural cyberattack), demonstrating that JAM generates a higher impact in terms of neuronal spike rate. As a final contribution, we discuss whether and how JAM and FLO attacks could induce the effects of neurodegenerative diseases if the implanted BCI had a comprehensive electrode coverage of the targeted brain regions.

null

Open Source Software (OSS) is widely prevalent these days. Most software contains integrated OSS to some extent. Nevertheless, many OSS projects are not pursued and maintained sufficiently due to the lack of funding. Although a significant number of donation platforms exist to support open-sourced projects, it is cumbersome for developers to keep up with receiving enough financial reassurance to sustain an OSS project. Flat-FeeStack is a project that aims to solve this problem by allowing sponsors to donate a flat fee and pay the developers transparently using a decentralized approach. However, previous research on such a donation platform showed that performing a payout with viable transaction fees is challenging. Hence, in this thesis, an improved design is proposed in comparison to related work and supported by the implementation of a Proof-of-Concept. The solution uses a signature mechanism in combination with a batched payout, preserving important properties such as transparency. Conducted evaluations on two different blockchains (i.e., Ethereum and Neo N3) show strong indications that on-chain fees can significantly be reduced. When high transparency is desired, the proposed approach decreases the payout fees on Ethereum on average by 76.5% up to 99%. Utilizing Neo N3, the fees can be reduced further by up to 99%.

null

null

As the number of blockchain (BC) platforms providing specific features increases, selecting a platform that fits all requirements needed for a specific case becomes a cumbersome task. For example, not only are BCs' technical details relevant, but also their intrinsic characteristics (e.g., cryptocurrency price) must be considered in selecting a BC for a given case. Hence, the management of data stored in multiple BCs and the selection process are not straightforward due to the myriad platforms and both technical and economic details (e.g., BC throughput and the underlying price fluctuation). This article defines a novel refinement flow (based on the policy continuum) of high-level BC selection policies to low-level BC transactions. Experiments with the BC selection framework developed applying policy-based management (PBM) in the BC context do show that such synergy simplifies data management in multiple BCs driven by user requirements (e.g., based on costs or performance policies). The performance analysis of the framework demonstrates the successful employment of PBM for BC selections with minimal overhead.

In recent years, bacterial populations have been engineered to act as biological sensors able to improve human health by developing novel therapeutics and diagnostics. Nowadays, populations of engineered bacteria can be remotely controlled to perform some medical actions on-demand; however, it brings crucial concerns from the cybersecurity perspective. As an example, one of the first cyberbioattacks has been recently proposed to explore the feasibility of using engineered bacteria to produce a Distributed Denial-of-Service and disrupt the creation of biofilm, a natural protection of bacteria against external agents. With the goal of mitigating the impact of this cyberbioattack, this paper proposes two novel mitigation mechanisms: quorum quenching and amplification. On the one hand, quorum quenching focuses on emitting molecules to block those sent by the cyberbioattack. On the other hand, the amplification approach emits molecules to increase the percentage of those needed to create the biofilm structure. To measure the performance of both mitigation techniques in dynamic scenarios, we have implemented different configurations of the Distributed Denial-of-Service attack and evaluated the channel attenuation and the signal-to-interference-plus-noise (SINR). As a result, we have observed that both approaches reduce the impact caused by the cyberbioattack, detecting differences between them. The quorum quenching mechanism presented better results, although it did not adapt its behavior to different attack configurations, responding statically. In contrast, the amplitude mitigation technique is perfectly adapted to attack configurations with different impacts on biofilm creation.

This work specifies, implements, and evaluates access management based on face recognition. The system developed uses Internet-of-Things (IoT) for video surveillance, Artificial Intelligence (AI) for face recognition, and Blockchains (BC) for immutable permanent storage and provides excellent properties in terms of image quality, end-to-end delay, and energy efficiency.

null

While Wireless Sensor Networks (WSN) offer potentials, their limited programmability and energy-limitations determine operational challenges. Thus, a TinyIPFIX-based system was designed, such that this application layer protocol is now usable to exchange data in WSNs efficiently. The system implementation in MicroPython is simple and efficient in comparison to a lower level programming language, while displaying valuable properties in terms of overhead and power efficiency. Furthermore, it demonstrates that MicroPython may pave the way towards Network Function Virtualization (NFV) on Internet-of-Things (IoT) devices by providing highly portable software functions implemented in a high-level programming language.

For the protection of people and society against harm and health threats—especially in case of the COVID-19 pandemic — a variety of different disciplines needs to be involved. The data collection of basic and health-related data of individuals in today's highly mobile society does help to plan, protect, and identify next steps health authorities and governments can, shall, or need to plan for or even implement. Thus, every individual, human, and inhabitant of the world is the key player—very different from many past crises'. And since all individuals are involved his/her(a) health and (b) privacy shall be considered in a very carefully crafted balance, not overruling one aspect with another one. Privacy remains key. The solution of the current pandemic's data collection can be based on a fully privacy-preserving application, which can be used by individuals on their mobile devices, such as smartphones, while maintaining at the same time their privacy. Additionally, respective data collected in such a fully distributed setting does help to confine the pandemic and can be achieved in a democratic and very open, but still and especially privacy-protecting manner. Therefore, the WeTrace approach and application designed utilizes the Bluetooth low energy (BLE) communication channel, many modern mobile devices offer, where public-key cryptography is being applied to allow for deciphering of messages for that destination it had been intended for. Since literally every other potential participant only listens to random data, even a brute force attack will not succeed. WeTrace and its Open Source implementation ensure that any receiver of a message knows that this is for him/her, without being able to identify the original sender.

The goal of this thesis is to implement a Long Range (LoRa) mesh with Software Defined Networking (SDN) - based mechanisms. Devices used in LoRa based Wireless Sensor Networks are often limited in their range, therefore, a LoRa network with mesh topology is a principle to increase the range of these devices with multi-hop communication. The main principle of SDN is to improve network management through a controller. The implementation is performed for Raspberry Pis, which have become popular in Internet of Things, and the E32-868T20D which is a cheap LoRa shield. The implementation is provided in the Python programming language, which entails that the code is more simple and readable compared to a lower level programming language. LoRa networks with mesh topologies have already been demonstrated for other devices and programming languages; therefore, the goal of this thesis is to show that SDN-based mechanisms can benefit a LoRa mesh and to provide them as extensible software.

As people spend most of their time indoors, Indoor Positioning Systems (IPS) have extended their use from object tracking to human motion detection. Among a variety of IPS technologies, Radio Frequency Identification (RFID), a non-contact electromagnetic signal for automatic object identification, is often chosen due to its inexpensive nature and ability to promptly identify a number of distinct tags. However, unlike objects under traditional tracking setups, people typically move and act arbitrarily, which leads to difficulties in localization, especially as traditional measures, such as Received Signal Strength (RSS), are noisy. In this thesis, a novel data collection method, which integrates a 3-D camera and a static RFID reader to refine reading accuracy and obtain RFID tag measurements, is introduced. In addition, Kalman Filtering is proposed to smooth a tag's location estimation. Moreover, this thesis elevates current declarative visualization of RFID-marked objects with defined metrics and key performance indicators (KPIs) and integrates them in a prototype dashboard for enhanced understanding in a practical context. The upgraded data collection, simple localization algorithm and additional visualizations aim to bridge semantic gaps for a RFID indoor application and or campaign marketers and health measure administrators an analytical tool to effectively leverage collected measurements.

As criminals have become more sophisticated in the manner they launder their illicit funds, financial institutions and regulators across the world have been quick in their rush to adapt much more stringent Anti Money Laundering (AML) controls. Unfortunately, AML laws oftentimes come at the expense of the most financially vulnerable in society [1]. In fact, many banks today would rather reject low-value or low-income customers (whether officially or bureaucratically) than risk high costs or fines associated with complicated AML procedures. The relatively new phenomenon of cryptocurrencies has lowered the regulatory barrier and cost for both domestic transactions as well as international remittances for people all over the world. At the same time, it is important to acknowledge that money laundering and illegal transactions do occur on the blockchain. However, the nature and openness of the blockchain has presented an opportunity for machine learning algorithms to make the financial system safer by detecting and tracing such illicit funds moving throughout the network. This thesis is motivated to improve the AML process for both financial institutions, businesses, as well as ordinary people. In particular, a machine learning model (XGBoost) is presented that not only depicts a robust way to detect anomalous transactions on the Bitcoin blockchain, but also to explain what drives its underlying decisions. With that said, having an accurate model alone is not enough for such an endeavour due to the regulatory landscape surrounding AML laws. In fact, explaining why a model arrived at the result it did - in particular, why something was agged as an anomaly is a salient of a concept as the performance metrics of the model itself.

The evolution of integrated clinical environments (ICE) and the future generations of mobile networks brings to reality the hospitals of the future and their innovative clinical scenarios. The mobile edge computing paradigm together with network function virtualization techniques and the software-defined networking paradigm enable self-management, adaptability, and security of medical devices and data management processes making up clinical environments. However, the logical centralized approach of the SDN control plane and its protocols introduce new vulnerabilities which affect the security of the network infrastructure and the patients’ safety. The paper at hand proposes an SDN/NFV-based architecture for the mobile edge computing infrastructure to detect and mitigate cybersecurity attacks exploiting SDN vulnerabilities of ICE in real time and on-demand. A motivating example and experiments presented in this paper demonstrate the feasibility of of the proposed architecture in a realistic clinical scenario.