Karsten Bsufka

Agent-based telematic services and telecom applications

he telecommunications market is expanding rapidly and players in that market are facing increasingly stiff competition. The key to commercial success in the telecommunications market will be the provisioning of adequate services, the focus shifting from a purely technological one to one of convenience and usefulness. An important prerequisite is the effective management of basic telecommunications infrastructure supporting the rapid deployment of new services. These future services will determine the market shares to be gained. Not only must their time to market be reduced, but also other requirements need to be fulfilled, for example, dynamic service development and configuration. Due to a demand for permanent availability the motto to be followed is “information anywhere, anytime.” Service maintenance must not interfere with continuous service usage; future services must allow for personalization, meet security demands, and provide management functionality. Furthermore, asynchronous service usage has to be supported as well as demand-driven service combination and integration. Not the least, services must allow for access independent of specific technologies and terminal equipment. Next to the technical requirements, new business models must be developed reflecting the fact that various actors in new roles, for example, content provider or application service provider, will need to cooperate and coordinate in order to provide these future services. Companies will provide integrated solutions with their own and third-party services being bundled on their platforms. These platforms will realize required infrastructure functionality and enable various means of access by addressing influencing factors and developments of the future telecommunications market such as consumer devices (mobile phones, Internet phones, PDAs), networks (GPRS, UMTS), languages and software technologies (Java, Jini), consumer demands and trends like convenience of use, mobility, and ubiquitous computing. Each role participating in the future telecommunications world will have specific requirements to such service platforms. These demands differ in the extent of infrastructure being needed for service usage and provisioning, according to different necessities regarding aspects such as security, personalization, asynchronous usage, mobility, device-independency, and supporting tools.

Application-level Simulation for Network Security

NeSSi (network security simulator) is a novel network simulation tool which incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profile-based automated attack generation, traffic analysis and support for detection algorithm plug-ins allow it to be used for security research and evaluation purposes. NeSSi has been successfully used for testing intrusion detection algorithms, conducting network security analysis and developing overlay security frameworks. NeSSi is built upon the agent framework JIAC, resulting in a distributed and extensible architecture. In this paper, we provide an overview of the NeSSi architecture as well as its distinguishing features and briefly demonstrate its application to current security research projects.

Intelligent network-based early warning systems

In this paper we present an approach for an agent-based early warning system (A-EWS) for critical infrastructures. In our approach we combine existing security infrastructures, e.g. firewalls or intrusion detection systems, with new detection approaches to create a global view and to determine the current threat state.

Realization of an Agent-Based Certificate Authority and Key Distribution

Security issues are key factors for the deployment and acceptance of agent based systems in the telecommunication area. This fact is most obvious in electronic commerce applications, where security services have to be offered. These services are needed to ensure secure communication, fair exchange of goods and payment. Public key cryptography techniques are an often employed mechanism. Keys are distributed by using a certificate to store them and to provably associate them to a principal. This document deals with the design of an agent-based certificate authority (CA) and key distribution center (KDC).

Optimization and early-warning in DSL access networks based on simulation

Network providers operate large DSL-based access networks to offer customers Broadband Internet. These networks are observed and managed by Performance Management Systems (PMS), that capture the actual situation to support network administration. In this regard, the administrator can cope with incidents such as link failures or congestion. We present an application for optimization and forecast of traffic distributions in DSL networks as an addition to an existing PMS. This application makes heavy use of simulation. In this way, we give a description of traffic models based on real network performance data reflecting: (I) individual subscribers and (II) an aggregated model for multiple subscribers. Then, we introduce the overall simulation approach based on the Network Security Simulator NeSSi2. The evaluation takes place by a use case for simulation-based verification of applied optimization strategies and a use case for continuous forecast to predict upcoming link congestion.

A Tool Set for the Evaluation of Security and Reliability in Smart Grids

Fluctuating energy resources and security flaws in ICT used for power networks threaten the stability of the system. This requires an in-depth analysis of smart grid technologies which are used for balancing out supply and demand. We present a tool set that supports the analysis and evaluation of various smart grid scenarios with respect to their security relevance.

A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered. These vulnerabilities are most of the time used by ma¬licious people to penetrate these IT infrastructures for mainly disrupting business or stealing intellectual pro¬perties. Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infra¬structure based on sporadic security audits. Instead net¬works should be continuously tested against possible attacks. In this paper we present current results and challenges towards realizing automated and scalable solutions to identify possible attack scenarios in an IT in¬frastructure. Namely, we define an extensible frame¬work which uses public vulnerability databases to identify pro¬bable multi-step attacks in an IT infrastructure, and pro¬vide recommendations in the form of patching strategies, topology changes, and configuration updates.