Robert Altschaffel

Modelling watermark communication protocols using the CASPER modelling language

In cryptography it is common to evaluate the security of cryptographic primitives and protocols in a computational model, with an attacker trying to break the primitive or protocol in question. To do so formalisation languages like CASPER or CSP (Communication Sequential Processes) and model checkers like FDR (Failures-Divergences Refinement) are used for automatic or semi-automatic machine-based security verification. Here we transfer the idea of machine-based verification of the security of communication protocols from cryptography to the domain of digital watermarking based media security protocols. To allow for such a mainly automatic verification approach, we introduce and illustrate in this paper a six step procedure for the modelling and verification of watermark communication protocols based on application scenario descriptions. The six steps are: First, a modelling of the used communication network and application scenario (as a task) in XML-structures, second, a path search comparing the network and the task and identifying possible watermarking channels, third, a path selection selecting one watermarking channel from the identified alternatives for the protocol realisation, fourth, an automatic CASPER protocol generation from the selected alternative followed by manual adjustments (if necessary), fifth, the CASPER compilation into CSP and sixth, the protocol security(confidentiality, integrity and authenticity) verification via the FDR model checker.

Statistical Pattern Recognition Based Content Analysis on Encrypted Network: Traffic for the TeamViewer Application

In the course of a forensic investigation it might be required to distinguish between different network activities. While various means to analyse network traffic exist, encrypted traffic often makes such an analysis problematic. The focus of this paper is to introduce a method based on statistical pattern recognition on network recordings of encrypted sessions to distinguish between different actions within these sessions. For demonstration purposes the popular remote support and online-meeting application TeamViewer is selected to introduce and discuss an approach to distinguish between file transfers, voice conferences, video conferences, text chat and normal remote sessions within TeamViewer sessions.

From the Computer Incident Taxonomy to a Computer Forensic Examination Taxonomy

Forensic investigations are usually conducted to solve crimes committed using IT-systems as pertetrator and/or victim. However, depending on the size of IT-system, also non-malicious incidents can be investigated using the same, methodological and proven techniques. Based upon the principles contained in the well-known Computer Incident Taxonomy [1], this paper proposes the establishment a common language for the description of computer forensic examinations, both in malicious and non-malicious incidents. Additionally this taxonomy helps performing a forensic examination in establishing answers to a set of well-definied questions during such an examination. The usefulness of the proposed Forensic Examination Taxonomy is shown using a malicious and a non-malicious example.

Simulation of Automotive Security Threat Warnings to Analyze Driver Interpretations and Emotional Transitions

With the evolution of cars into complex electronic-mechanical systems and related increasing relevance of electronic manipulation and malicious attacks on automotive IT, Security warnings are becoming also more important. This paper presents the findings regarding the potential effect of IT security warnings in vehicles. Different warning approaches were designed and analyzed in driving simulator tests, based upon three representative IT security threats and three variations of the information quantity and recommended action. The potential effect of these warnings was measured using three scenarios, including the simulated consequences, e.g. sudden swerve of vehicle. We analyzed the implications on drivers reaction, task performance, thoughts and emotions to derive the stress level. We found a positive effect of given recommendations due to the lack of security awareness in automotive IT, accompanied by a high variety of warnings cause interpretations. Especially without given recommendation a higher rate of ignorance was observed, leading to accidents.

Semi-automated communication protocol security verification for watermarking - pros and cons illustrated on a complex application scenario

The primary goal in this paper is to adapt and extend a recent concept and prototypical framework for (semi-)automated security verification of watermarking-based communication protocols based on the CASPER protocol modeling language and the FRD model checker. Therefore our paper extends the scope of watermarking research beyond signal processing and information theory investigations to include also protocol verification considerations as known e.g. from the field of cryptographic research. To be able to establish a clear picture of the potential prospects and the current restrictions of such a verification framework for watermarking-based communication protocols, we conceptualize, model, generate and (partially) verify an exemplary protocol for a complex watermarking-based application scenario that combines a multi-level data access structure and the assurance of the security aspects of confidentiality, authenticity and integrity. Our results show that, while the security aspects of communication confidentiality and entity-authenticity can actually be verified with the introduced approach, other security aspects which might be similarly verified are still lacking corresponding support in protocol modeling languages like CASPER.

Beyond mileage: Towards more secure techniques to assess the fitness levels of smart cars

Besides its overall optical impression, the assessment of a cars value and/or condition today is widely being based on its (mile)age as a primary indicator. This is a bad and unreliable concept because mileage alone is no representative indicator for a cars condition (which depends on many more fac-tors) and constitutes a focal point for (frequently successful) attacks. In this paper we propose a new approach of determining a more reliable “fitness level” that extends the basic mileage-based estimation. We illustrate advantages a fitness level estimation would yield for different use cases considering security issues like attack resistance. We realize this approach using multimodal, complementary sensor information already present in modern cars. To open discussion with the community we discuss the potential of a first set of 18 proposed properties which include 9 physical, 4 digital and 5 behavior-based ones. Further, this paper proposes a first concept to evaluate the significance of these properties by discussing their explanatory power, freshness, security and available options to verify their plausibility. To a basic extent, this concept could be applied to existing cars, which is illustrated by a practical analysis of a laboratory setup of a 2008 SUV vehicle and a real 2006 limousine car.

A Hierarchical Model for the Description of Internet-Based Communication

With this paper we aim to support network traffic management and incident management processes. Hence this paper introduces a model to classify different types of internet-based communication and to establish homogenous representations for various forms of internet-based communication. To achieve these aims an approach to project different types of communications onto a comparable template is presented. This hierarchical approach for the classification of electronic communications is both exhaustive (in the sense of considered types of internet-based communication) and expandable (in terms of the level of granularity of the performed communication behaviour modelling as well as the corresponding data modelling).

Fingerprint forensics application protocol: semi-automated modeling and verification of watermark-based communication using CASPER and FDR

Recently, the technique of semi-automated protocol verification using model-checkers was transferred from cryptography to the domain of watermark-based communication protocols. This technique offers cost-effective security verification of such watermark-based protocols and an increased flexibility in comparison to traditionally applied, manual mathematical proofs. In this paper, we want to evaluate the feasibility of this approach, using the modeling language CASPER and the model-checker FDR. We extract the prospects and limitations of the approach by modeling and verifying a practical application scenario for forensic investigations using high-resolution biometric fingerprint data. We evaluate the security aspects, which can be verified by the scheme, as well as the syntactical limitations, complexity limitations and the methodological limitations and indentify necessary improvements for a practical usage of such scheme.