DINGFEST

Local project leader

Prof. Hans P. Reiser

Researcher team members

Benjamin Taubmann
Noëlle Rakotondravony
Johannes Köstler

External project website

http://dingfest.ur.de

Project partners

University of Regensburg | Lehrstuhl Wirtschaftsinformatik I (Prof. Dr. Günther Pernul)
University of Erlangen | Lehrstuhl Informatik 1 (Prof. Dr. Felix Freiling) (https://www1.cs.fau.de/)
Innowerk (http://www.innowerk-it.de/)
Nexis GmbH (http://www.nexis-secure.com/)
R-KOM (http://www.r-kom.de/)
Paluka Sobola Loibl & Partner (http://www.paluka.de/)

Summary

The project is devoted to the detection, forensic analysis and reporting of security incidents. The starting point is the status information of operating systems, runtime parameters of the application systems and data from virtual machines, which are enriched with information from the identity and computer management and are compared with known attack patterns. Data streams are evaluated using new visual analysis methods. In the case of the detection of anomalies, the systems are fed to an intensive forensic trace analysis. In addition, it is planned to forensically evaluate and publish known and hitherto unknown attack patterns and, in the event of damage to critical infrastructure operators, to prepare a pseudonymized notification according to the recent law on increasing the security of information technology systems. In addition to the research results, DINGFEST will provide all research prototypes in the form of a modular toolsuite in the open source business model.

Funding

Bundesministerium für Bildung und Forschung

2021

10.

F. Menges, T. Latzo, M. Vielberth, S. Sobola, H. C. Pöhls, B. Taubmann, J. Köstler, A. Puchta, F. Freiling, H. P. Reiser and G. Pernul, "Towards GDPR-compliant data processing in modern SIEM systems" , Computers & Security , vol. 103 , pp. 102165 , 2021.
DOI: https://doi.org/10.1016/j.cose.2020.102165
https://www.sciencedirect.com/science/article/pii/S0167404820304387

2019

N. Rakotondravony, B. Taubmann, S. Sentanoe and H. P. Reiser, "Poster: Reconfigurable monitoring and performance awareness in VMI-based SIEM systems" in 2019 {IEEE} Security and Privacy Poster, San Francisco, CA, USA, May 20-22 , 2019.

B. Taubmann, A. Böhm and H. P. Reiser, "TwinPorter - An Architecture For Enabling the Live Migration of VMI-based Monitored Virtual Machines" in The 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom'19) , 2019.

S. Sentanoe, B. Taubmann and H. P. Reiser, "VMIGuard: Detecting and Preventing Service Integrity Violations by Malicious Insiders Using Virtual Machine Introspection" in Proc. of the 24th Nordic Conference on Secure IT Systems (NordSec) , 2019. pp. 271--282.

2018

B. Taubmann, O. Al Abduljaleel and H. P. Reiser, "DroidKex: Fast Extraction of Ephemeral TLS Keys from the Memory of Android Apps" , Digital Investigation , vol. 26 , pp. S67-S76 , 2018.

S. Sentanoe, B. Taubmann and H. P. Reiser, "Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots using Virtual Machine Introspection" in Proc. of the 23. Nordic Conference on Secure IT Systems , 2018.

2017

B. Taubmann and B. Kolosnjaji, "Architecture for Resource-Aware VMI-based Cloud Malware Analysis" in Workshop on Security in {H}ighly {C}onnected IT {S}ystems (SHCIS'17) , 2017.

N. Rakotondravony and H. P. Reiser, "Towards a Common Evaluation Framework for Cyber Security Visualizations" in Poster at the 14th IEEE Symposium on Visualization for Cyber Security (VizSec) , 2017.

S. Sentanoe, B. Taubmann and H. P. Reiser, "Virtual Machine Introspection Based SSH Honeypot" in Workshop on Security in {H}ighly {C}onnected IT {S}ystems (SHCIS'17) , 2017.

2016

B. Taubmann, N. Rakotondravony and H. P. Reiser, "CloudPhylactor: Harnessing Mandatory Access Control for Virtual Machine Introspection in Cloud Data Centers" in The 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-16) , 2016.

BibTeX download

Chair for Reliable Distributed Systems