Suchergebnisse

Cyberattacks are the cause of several damages on governments and companies in the last years. Such damage includes not only leaks of sensitive information, but also economic loss due to downtime of services. The security market size worth billions of dollars, which represents investments to acquire protection services and training response teams to operate such services, determines a considerable part of the investment in technologies around the world. Although a vast number of protection services are available, it is neither trivial for network operators nor endusers to choose one of them in order to prevent or mitigate an imminent attack. As the next-generation cybersecurity solutions are on the horizon, systems that simplify their adoption are still required in support of security management tasks. Thus, this paper introduces MENTOR, a support tool for cybersecurity, focusing on the recommendation of protection services. MENTOR is able to (a) to deal with different demands from the user and (b) to recommend the adequate protection service in order to provide a proper level of cybersecurity in different scenarios. Four similarity measurements are implemented in order to prove the feasibility of the MENTOR's engine. An evaluation determines the performance and accuracy of each measurement used during the recommendation process.

Digitization of electoral processes depends on confident systems that produce verifiable evidence. The design and implementation of voting systems has been widely studied in prior research, bringing together expertise in many fields. Switzerland is organized in a federal, decentralized structure of independent governmental entities. Thus, its decentralized structure is a real-world example for implementing an electronic voting system, where trust is distributed among multiple authorities. This work outlines the design and implementation of a blockchain-based electronic voting system providing cast-as-intended verifiability. The generation of non-interactive zero-knowledge proofs of knowledge enables every voter to verify the encrypted vote, while maintaining the secrecy of the ballot. The Public Bulletin Board (PBB) is a crucial component of every electronic voting system, serving as a publicly verifiable log of communication and ballots - here a blockchain is used as the PBB. Also, the required cryptographic operations are in linear relation to the number of voters, making the outlined system fit for large-scale elections.

Distributed Denial-of-Service (DDoS) attacks are one of the major causes of concerns for communication service providers. When an attack is highly sophisticated and no countermeasures are available directly, sharing hardware and defense capabilities become a compelling alternative. Future network and service management can base its operations on equally distributed systems to neutralize highly distributed DDoS attacks. A cooperative defense allows for the combination of detection and mitigation capabilities, the reduction of overhead at a single point, and the blockage of malicious traffic near its source. Main challenges impairing the widespread deployment of existing cooperative defense are: (a) high complexity of operation and coordination, (b) need for trusted and secure communications, (c) lack of incentives for service providers to cooperate, and (d) determination on how operations of these systems are affected by different legislation, regions, and countries. The cooperative Blockchain Signaling System (BloSS) defines an effective and alternative solution for security management, especially cooperative defenses, by exploiting Blockchains (BC) and Software-Defined Networks (SDN) for sharing attack information, an exchange of incentives, and tracking of reputation in a fully distributed and automated fashion. Therefore, BloSS was prototyped and evaluated through a global experiment, without the burden to maintain, design, and develop special registries and gossip protocols.

For the protection of people and society against harm and health threats — especially in case of the COVID-19 pandemic — a variety of different disciplines needs to be involved. The data collection of basic and health-related data of individuals in today's highly mobile society does help to plan, protect, and identify next steps health authorities and governments can, shall, or need to plan for or even implement. Thus, every individual, human, and inhabi- tant of the world is the key player — very different from many past crises'. And since all individuals are involved his/her (a) health and (b) privacy shall be considered in a very carefully crafted balance, not overruling one aspect with another one. Privacy remains key. The solution of the current pandemic's data collection can be based on a fully privacy-preserving application, which can be used by individuals on their mobile devices, such as smartphones, while maintaining at the same time their privacy. Additionally, respective data collected in such a fully distributed setting does help to confine the pandemic and can be achieved in a democratic and very open, but still and especially privacy-protecting manner. Therefore, the WeTrace approach and application designed uti- lizes the Bluetooth low energy (BLE) communication channel, many modern mobile devices offer, where public-key cryptography is being applied to allow for deciphering of messages for that desti- nation it had been intended for. Since literally every other potential participant only listens to random data, even a brute force attack will not succeed. WeTrace and its Open Source implementation en- sure that any receiver of a message knows that this is for him/her, without being able to identify the original sender.