Institut für Verteilte Systeme

Unser Institut beschäftigt sich mit Themen wie Skalierbarkeit, Zuverlässigkeit, Sicherheit und Datenschutz, Selbstorganisation und Beherrschbarkeit von Komplexität in Verteilten Systemen in einer Vielzahl von Einsatzszenarien wie Cloud-Computing oder Fahrzeug-Fahrzeug-Kommunikation.

In der Lehre decken wir das gesamte Spektrum von Rechnernetzen, über verteilte Systeme bis hin zu Sicherheit und Privacy-Schutz ab.

Unsere letzten Publikationen


Pascal, Oser; Frank, Kargl; Stefan, Lüders
Identifying Devices of the Internet of Things Using Machine Learning on Clock Characteristics
Security, Privacy, and Anonymity in Computation, Communication, and Storage
Herausgeber: Springer International Publishing,
Dezember 2018
Al-Momani, Ala'a; Frank, Kargl; K. Schmidt, Robert; Bösch, Christoph
iRide: A Privacy-Preserving Architecture for Self-Driving Cabs Service
2018 IEEE Vehicular Networking Conference (VNC)
Herausgeber: IEEE,
Dezember 2018

Zusammenfassung: Despite the popularity Ride Hailing Services (RHSs) have gained recently, they pose significant privacy risks. In particular, a user wishing to benefit from a RHS is required to disclose her precise spatio-temporal data to the RHS provider. The provider is, thus, able to infer and harvest further sensitive information about the user, including, e.g., her social behavior. Previous work on protecting privacy in such a context assumes service provider to not collude with drivers. This assumption does not hold in the scenario of self-driving cabs, as driverless vehicles replace drivers and, thus, the service provider has to control and collude with her fleet. In this paper, we tackle the open issue of service provider colluding with her fleet by analyzing the scenario of self-driving cab services. We present iRide, a privacy-preserving architecture for self-driving cab service that relies on Intel SGX to provide strong privacy guarantees. iRide maintains the convenience of the functionality while offering strong privacy guarantees, that is, we do not introduce or rely on trade-offs between functionality and privacy. The introduced overhead in iRide design is relatively small and rather acceptable under practical aspects. To our best knowledge, this is the first work that tackles privacy protection in self-driving cab services.

Bösch, Christoph
An Efficient Privacy-Preserving Outsourced Geofencing Service Using Bloom Filter
2018 IEEE Vehicular Networking Conference, VNC 2018
Dezember 2018
Kleber, Stephan; Unterstein, Florian; Hiller, Matthias; Slomka, Frank; Matousek, Matthias; Kargl, Frank; Bösch, Christoph
Secure Code Execution: A Generic PUF-driven System Architecture
21st Information Security Conference
Oktober 2018
akzeptiert

Zusammenfassung: In his invited talk, joint between CHES 2016 and CRYPTO 2016 on the Future of Embedded Security, Paul Kocher suggested to move the security into chips because hardware is the lowest level and thus security can not be compromized by a lower layer. In this paper, we propose a generic PUF-driven secure code execution architecture that employs instruction-level code encryption. Our design foresees a tight integration of a Physically Unclonable Function (PUF) and the decryption of encrypted program code directly inside the processor’s instruction pipeline to avert revealing keys or decrypted code in externally accessible registers or memory. The architecture prevents code-injection by executing only code encrypted for individual target CPUs, has an adaptable impact on performance, and requires only minor changes to the software development process. Our PUF-based code encryption defends also from reverse engineering attempts and enforces IP protection. A proof-of-concept implementation demonstrates the feasibility of our proposed architecture.

van der Heijden, Rens Wouter; Dietzel, Stefan; Leinmüller, Tim; Kargl, Frank
Survey on Misbehavior Detection in Cooperative Intelligent Transportation Systems
IEEE Communications Surveys & Tutorials,
Oktober 2018

Zusammenfassung: Cooperative Intelligent Transportation Systems (cITS) are a promising technology to enhance driving safety and efficiency. Vehicles communicate wirelessly with other vehicles and infrastructure, thereby creating a highly dynamic and heterogeneously managed ad-hoc network. It is these network properties that make it a challenging task to protect integrity of the data and guarantee its correctness. A major component is the problem that traditional security mechanisms like PKI-based asymmetric cryptography only exclude outsider attackers that do not possess key material. However, because attackers can be insiders within the network (i.e., possess valid key material), this approach cannot detect all possible attacks. In this survey, we present misbehavior detection mechanisms that can detect such insider attacks based on attacker behavior and information analysis. In contrast to well-known intrusion detection for classical IT systems, these misbehavior detection mechanisms analyze information semantics to detect attacks, which aligns better with highly application-tailored communication protocols foreseen for cITS. In our survey, we provide an extensive introduction to the cITS ecosystem and discuss shortcomings of PKI-based security. We derive and discuss a classification for misbehavior detection mechanisms, provide an in-depth overview of seminal papers on the topic, and highlight open issues and possible future research trends.

Export als: BibTeX, XML

Klicken Sie hier um eine Übersicht aller Publikationen zu erhalten.