Marlies Rybnicek

Facebook Watchdog: A Research Agenda for Detecting Online Grooming and Bullying Activities

Due to the rising popularity of communications taking place in social networks, an inconsiderable part of interpersonal interactions of young people is performed online. By introducing novel communication media, new risks and threats, such as cyber bullying, -stalking and online grooming, emerge. The main affected group in this context are children between 12 to 17. The major contribution of this paper, is a research agenda for a Facebook Watchdog application pursuing the aim to detect the above-mentioned threats to improve the situation. Threat indications are determined by image analysis, social media analytics, and text mining techniques in order to raise awareness about ongoing attacks and to provide assistance for further actions.

Game-based Simulation of Distributed Denial of Service (DDoS) Attack and Defense Mechanisms of Critical Infrastructures

The outage of Critical Infrastructures (CI) can have devastating impacts on our society, economic welfare and political stability. One risk that is often encountered in critical infrastructure sectors is its high dependence on ICT components and the complex interdependencies between shared services. Recent cyber attacks (such as Stuxnet, Flame, Gauss) outline the high vulnerability of ICT components which build the foundation of todays Critical Infrastructures. The complexity and fast-changing threat environment pose an enormous challenge for estimating and forecasting the impacts of cyber attacks on such systems. In order to address this challenge, modeling and simulation techniques are used. Especially, Agent-based Modeling and Simulation provides a powerful technique to represent dynamic behavior of various actors. In this paper, we introduce a concept to model and simulate Distributed Denial of Service attacks (DDoS) on critical infrastructures. For representing the interactions and the underlying decisions of the individual agents, we decided to combine Agent-based Modeling and Simulation with game-theoretic elements (such as Anticipation Games). In course of the paper we provide a short motivational example to outline how our approach can be applied in a real world scenario. Furthermore, the architecture of our research prototype is given.

A roadmap to continuous biometric authentication on mobile devices

Mobile devices nowadays contain a variety of personal or even business-related information that is worth being protected from unauthorized access. Owners of such devices should use a passcode or unlock pattern to secure such important assets, but since these techniques are being perceived as annoying barriers, locked devices are not standard. But even if such authentication mechanisms are used, they are very easy to circumvent. Biometric methods are promising applications to secure mobile devices in an user-friendly, discreet way. Based on embedded sensors like gyroscope, accelerometer or microphones, which are state-of-the-art sensors for mobile devices, behavioral biometric approaches appear even more attractive for user verification than physiological methods like fingerprints or face recognition. So far many biometric approaches have been presented. After a short overview of relevant representatives, we discuss these methods based on their applicability and limitations. Our findings are summarized and presented as a roadmap to provide a foundation for future research.

A Generic Approach to Critical Infrastructure Modeling and Simulation

Nowadays health, safety or economic wealth more than ever depend on the correct functionality of services (e.g. water supply, power supply) provided by critical infrastructures. To provide the demanded service level and to mitigate the effects of malfunctions and breakdowns of components it is vital to have flexible modeling and simulation capabilities. In this paper we therefore present a generic approach that aims to model and simulate critical infrastructure entities. We also briefly outline how the approach can be realized by introducing our proof-of-concept prototype architecture.

Challenges and Limitations Concerning Automatic Child Pornography Classification

The huge volume of data to be analyzed in the course of child pornography investigations puts special demands on tools and methods for automated classification, often used by law enforcement and prosecution. The need for a clear distinction between pornographic material and inoffensive pictures with a large amount of skin, like people wearing bikinis or underwear, causes problems. Manual evaluation carried out by humans tends to be impossible due to the sheer number of assets to be sighted. The main contribution of this paper is an overview of challenges and limitations encountered in the course of automated classification of image data. An introduction of state-of-the-art methods, including faceand skin tone detection, faceand texture recognition as well as craniofacial growth evaluation is provided. Based on a prototypical implementation of feasible and promising approaches, the performance is evaluated, as well as their abilities and shortcomings.

Simulation-Based Cyber-Attack Assessment of Critical Infrastructures

Nations, more than ever, depend on the correct functionality of critical infrastructures. In order to deliver their services, critical infrastructure providers often rely on information technologies. Thus, cyber attacks can lead to severe impacts within a nation’s critical infrastructure landscape causing deep scars to health, safety and economic wealth. To provide the demanded service level of critical infrastructures and to reduce the impacts of disruptions and unavailability of components during attacks, it is essential to have a comprehensive understanding of the linkages between providers on the one side and to have the capabilities to identify vulnerabilities of systems and their consequences if exploited on the other side. Therefore, in this paper, we present a agent-based modeling and simulation approach facilitating the assessment of critical infrastructure entities under attack. To demonstrate the capabilities we further provide a motivational example how our approach can be used to perform simulation-based evaluation of cyber attacks. We further provide an overview of our simulation prototype.

Taxonomy of Data Fragment Classification Techniques

Several fields of digital forensics (i.e. file carving, memory forensics, network forensics) require the reliable data type classification of digital fragments. Up to now, a multitude of research papers proposing new classification approaches have been published. Within this paper we comprehensively review existing classification approaches and classify them into categories. For each category, approaches are grouped based on shared commonalities. The major contribution of this paper is a novel taxonomy of existing data fragment classification approaches. We highlight progress made by previous work facilitating the identification of future research directions. Furthermore, the taxonomy can provide the foundation for future knowledge-based classification approaches.

Modellierung und Simulation kritischer IKT-Infrastrukturen und deren Abhängigkeiten

Ohne funktionierende IT steht das offentliche Leben still. Durch die zunehmende Vernetzung kritischer Infrastrukturprovider untereinander sowie deren Informations- und Kommunikationssystemen steigt die Bedrohung durch Cyber-Angriffe enorm. Eine konstante Aufrechterhaltung aller Services ist jedoch fur das Gemeinwohl unerlasslich. Daher hat der Schutz vor Angriffen im Cyberraum hohe Prioritat. Da es derzeit keine einheitliche Abbildung bestehender Abhangigkeiten gibt, konnen Konsequenzen von grosflachigen Ausfallen nur erahnt werden. Um Prioritaten in der Verteidigung kritischer Infrastrukturen zu setzen, ist es notwendig die Wichtigkeit einzelner kritischer Knotenpunkte der nationalen Infrastrukturlandschaft zu kennen und deren Zusammenhange zu skizzieren. In diesem Buchkapitel wird ein agentenbasierter Modellierungs- und Simulationsansatz beschrieben, welcher bei der Analyse komplexer Cyberabhangigkeiten kritischer Infrastrukturen unterstutzt. Dabei ist es moglich Infrastrukturen verteilt zu modellieren und danach unterschiedliche Bedrohungsszenarien mit Hilfe des spieletheoretischen Ansatzes der Anticipation Games zu simulieren. Das gewonnene Wissen kann anschliesend verwendet werden, um im Vorfeld Masnahmen zu planen oder sogar wahrend eines Angriffes Informationen uber bevorstehende negative Implikationen zu erhalten. Am Ende des Kapitels wird dargestellt wie der theoretische Modellierungsansatz prototypisch umgesetzt wurde.

Classification and Recovery of Fragmented Multimedia Files using the File Carving Approach

File carving is a recovery technique which does not consider file tables or other meta-data which is used to organize data on storage media. As files can be recovered based only on their content and/or structure, this technique is an indispensable task during digital investigations. The main contribution of this paper is the description of procedures that allow for successful content-based recovery of multimedia files from their fragments. So far many approaches for the recovery of digital images have been proposed. After a short discussion of relevant representatives in this domain the authors focus on the applicability of these approaches to the recovery of multimedia files.

Evaluation of Illumination Compensation Approaches for ELGBPHS

Various environmental conditions like pose variations, scale, noise and illumination changes cause matching problems for face recognition algorithms due to the fact that inappropriate data from images is extracted and consequently the recognition rate suffers. In the worst case, persons who should be accepted are rejected and vice versa. Enhanced Local Gabor Binary Patterns Histogram Sequence (ELGBPHS) is considered as an advanced and robust face recognition method. In this paper we evaluated if state-of-the-art illumination compensation approaches can further improve the performance of ELGBPHS. The paper outlines if it is worth to additionally implement preprocessing steps with the increasing complexity and cost. Therefore tests were performed to check if the recognition rate improves if applying preprocessing steps and adjusting essential parameters. Multi-Scale-Retinex, Histogram Equalization, 2D discrete Wavelet-Transformation and one approach combining Gamma Correction, Difference of Gaussian Filtering and Contrast Equalization (TT) were implemented and evaluated.