Search Results

Documents authored by König, Hartmut

Document
DOI: 10.4230/DagRep.13.10.90
Network Attack Detection and Defense - AI-Powered Threats and Responses (Dagstuhl Seminar 23431)

Authors: Sven Dietrich, Frank Kargl, Hartmut König, Pavel Laskov, and Artur Hermann

Published in: Dagstuhl Reports, Volume 13, Issue 10 (2024)

Abstract
This report documents the program and the findings of Dagstuhl Seminar 23431 "Network Attack Detection and Defense - AI-Powered Threats and Responses". With the emergence of artificial intelligence (AI), attack detection and defense are taking on a new level of quality. Artificial intelligence will promote further automation of attacks. There are already examples of this, such as the Deep Locker malware. It is expected that we will soon face a situation in which malware and attacks will become more and more automated, intelligent, and AI-powered. Consequently, today’s threat response systems will become more and more inadequate, especially when they rely on manual intervention of security experts and analysts. The main objective of the seminar was to assess the state of the art and potentials that AI advances create for both attackers and defenders. The seminar continued the series of Dagstuhl events "Network Attack Detection and Defense" held in 2008, 2012, 2014, and 2016. The objectives of the seminar were threefold, namely (1) to investigate various scenarios of AI-based malware and attacks, (2) to debate trust in AI and modeling of threats against AI, and (3) to propose methods and strategies for AI-powered network defenses. At the seminar, which brought together participants from academia and industry, we stated that recent advances in artificial intelligence have opened up new possibilities for each of these directions. In general, more and more researchers in networking and security look at AI-based methods which made this a timely event to assess and categorize the state of the art as well as work towards a roadmap for future research. The outcome of the discussions and the proposed research directions are presented in this report.
Cite as

Sven Dietrich, Frank Kargl, Hartmut König, Pavel Laskov, and Artur Hermann. Network Attack Detection and Defense - AI-Powered Threats and Responses (Dagstuhl Seminar 23431). In Dagstuhl Reports, Volume 13, Issue 10, pp. 90-129, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2024)

Copy BibTex To Clipboard

@Article{dietrich_et_al:DagRep.13.10.90,
  author =	{Dietrich, Sven and Kargl, Frank and K\"{o}nig, Hartmut and Laskov, Pavel and Hermann, Artur},
  title =	{{Network Attack Detection and Defense - AI-Powered Threats and Responses (Dagstuhl Seminar 23431)}},
  pages =	{90--129},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2024},
  volume =	{13},
  number =	{10},
  editor =	{Dietrich, Sven and Kargl, Frank and K\"{o}nig, Hartmut and Laskov, Pavel and Hermann, Artur},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.13.10.90},
  URN =		{urn:nbn:de:0030-drops-198365},
  doi =		{10.4230/DagRep.13.10.90},
  annote =	{Keywords: artificial intelligence, cybersecurity, intrusion detection, machine learning}
}
Document
DOI: 10.4230/DagRep.6.9.1
Network Attack Detection and Defense (Dagstuhl Seminar 16361)

Authors: Marc C. Dacier, Sven Dietrich, Frank Kargl, and Hartmut König

Published in: Dagstuhl Reports, Volume 6, Issue 9 (2017)

Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 16361 "Network Attack Detection and Defense: Security Challenges and Opportunities of Software-Defined Networking". Software-defined networking (SDN) has attracted a great attention both in industry and academia since the beginning of the decade. This attention keeps undiminished. Security-related aspects of software-defined networking have only been considered more recently. Opinions differ widely. The main objective of the seminar was to discuss the various contrary facets of SDN security. The seminar continued the series of Dagstuhl events Network Attack Detection and Defense held in 2008, 2012, and 2014. The objectives of the seminar were threefold, namely (1) to discuss the security challenges of SDN, (2) to debate strategies to monitor and protect SDN-enabled networks, and (3) to propose methods and strategies to leverage on the flexibility brought by SDN for designing new security mechanisms. At the seminar, which brought together participants from academia and industry, we discussed the advantages and disadvantages of using software-defined networks from the security point of view. We agreed that SDN provides new possibilities to better secure networks, but also offers a number of serious security problems which require further research. The outcome of these discussions and the proposed research directions are presented in this report.
Cite as

Marc C. Dacier, Sven Dietrich, Frank Kargl, and Hartmut König. Network Attack Detection and Defense (Dagstuhl Seminar 16361). In Dagstuhl Reports, Volume 6, Issue 9, pp. 1-28, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2017)

Copy BibTex To Clipboard

@Article{dacier_et_al:DagRep.6.9.1,
  author =	{Dacier, Marc C. and Dietrich, Sven and Kargl, Frank and K\"{o}nig, Hartmut},
  title =	{{Network Attack Detection and Defense (Dagstuhl Seminar 16361)}},
  pages =	{1--28},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2017},
  volume =	{6},
  number =	{9},
  editor =	{Dacier, Marc C. and Dietrich, Sven and Kargl, Frank and K\"{o}nig, Hartmut},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.6.9.1},
  URN =		{urn:nbn:de:0030-drops-69122},
  doi =		{10.4230/DagRep.6.9.1},
  annote =	{Keywords: attack detection, denial-of-service attack detection and response, intrusion detection, malware assessment, network monitoring, openflow protocol, programmable networks, security, software-defined networking, targeted attacks, vulnerability analysis}
}
Document
DOI: 10.4230/DagRep.4.7.62
Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)

Authors: Marc Dacier, Frank Kargl, Hartmut König, and Alfonso Valdes

Published in: Dagstuhl Reports, Volume 4, Issue 7 (2014)

Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 14292 "Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures". The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It is the sequel of several previous Dagstuhl seminars: (1) the series "Network Attack Detection and Defense" held in 2008 and 2012, and (2) the Dagstuhl seminar "Securing Critical Infrastructures from Targeted Attacks", held in 2012. At the seminar, which brought together members from academia an industry, appropriate methods for detecting attacks on industrial control systems (ICSs) and for limiting the impact on the physical components were considered. A central question was whether and how reactive security mechanisms can be made more ICS- and process-aware. To some extent it seems possible to adopt existing security approaches from other areas (e.g., conventional networks, embedded systems, or sensor networks). The main question is whether adopting these approaches is sufficient to reach the desired level of security for ICSs. Detecting attacks to the physical components and appropriate reactions to attacks are new aspects that need to be considered as well. The main result of the seminar is a list of recommendations for future directions in ICS security that is presented in this report.
Cite as

Marc Dacier, Frank Kargl, Hartmut König, and Alfonso Valdes. Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292). In Dagstuhl Reports, Volume 4, Issue 7, pp. 62-79, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2014)

Copy BibTex To Clipboard

@Article{dacier_et_al:DagRep.4.7.62,
  author =	{Dacier, Marc and Kargl, Frank and K\"{o}nig, Hartmut and Valdes, Alfonso},
  title =	{{Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)}},
  pages =	{62--79},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2014},
  volume =	{4},
  number =	{7},
  editor =	{Dacier, Marc and Kargl, Frank and K\"{o}nig, Hartmut and Valdes, Alfonso},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.4.7.62},
  URN =		{urn:nbn:de:0030-drops-47912},
  doi =		{10.4230/DagRep.4.7.62},
  annote =	{Keywords: Security, Intrusion Detection, Critical Infrastructures, Industrial Control Systems, SCADA, Vulnerability Analysis, Malware Assessment, Attack Response and Countermeasures}
}
Document
DOI: 10.4230/DagRep.2.2.1
Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)

Authors: Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König

Published in: Dagstuhl Reports, Volume 2, Issue 2 (2012)

Abstract
The increasing dependence of human society on information technology (IT) systems requires appropriate measures to cope with their misuse. The growing potential of threats, which make these systems more and more vulnerable, is caused by the complexity of the technologies themselves. The potential of threats in networked systems will further grow as well as the number of individuals who are able to abuse these systems. It becomes increasingly apparent that IT security cannot be achieved by prevention alone. Preventive measures and reactive aspects need to complement one another. A major challenge of modern IT security technologies is to cope with an exploding variability of attacks which stems from a significant commercial motivation behind them. Increasingly proactive measures are required to ward off these threats. Increased efforts in research and society are required to protect critical civil infrastructures, such as the health care system, the traffic system, power supply, trade, military networks, and others in developed countries. This is a consequence of the increasing shift of industrial IT systems to the IP protocol leading to sensible IT infrastructures which are more vulnerable as the proprietary systems used in the past. The abundance of services of modern infrastructures critically depends on information and communication technologies. Though, being key enablers of critical infrastructures, these technologies are, at the same time, reckoned among the most vulnerable elements of the whole system. The cooperative information exchange between institutions is mandatory in order to detect distributed and coordinated attacks. Based on a large-scale acquisition of pertinent information, Early Warning Systems are a currently pursued approach to draw up situation pictures that allows the detection of trends and upcoming threats, allowing furthermore taking appropriate measures. The Dagstuhl seminar brought together researchers from academia and industry. The objective of the seminar was to further discuss challenges and methods in the area of attack detection and defense. The seminar was supposed to focus on design aspects of early warning systems and related monitoring infrastructures, e.g., intrusion detection overlays, to protect computer systems, networks, and critical infrastructures. The seminar was jointly organized by Georg Carle, Hervé Debar, Hartmut König, and Jelena Mirkovic. It was attended by 34 participants from nine countries.
Cite as

Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König. Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061). In Dagstuhl Reports, Volume 2, Issue 2, pp. 1-20, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2012)

Copy BibTex To Clipboard

@Article{carle_et_al:DagRep.2.2.1,
  author =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  title =	{{Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)}},
  pages =	{1--20},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2012},
  volume =	{2},
  number =	{2},
  editor =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.2.2.1},
  URN =		{urn:nbn:de:0030-drops-34761},
  doi =		{10.4230/DagRep.2.2.1},
  annote =	{Keywords: early warning systems, critical infrastructure protection, botnets, intrusion detection, malware assessment, vulnerability analysis, network monitoring, flow analysis, denial-of-service detection and response, event correlation, attack response and countermeasures}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact