Contribution
  • Karl Leidl
  • Andreas Grzemba
Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning
  • 2019
Lecture
  • Karl Leidl
Anomalieerkennung in industriellen Netzwerken - Cybersicherheit mit Machine Learning
  • 2019
Lecture
  • Karl Leidl
Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning
  • 2019
Lecture
  • Karl Leidl
Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning
  • 2019
Contribution
  • Karl Leidl
  • Andreas Grzemba
Cybersicherheit in industriellen Netzwerken - Intrusion Detection mit Machine Learning
  • 2019
JournalArticle
  • Karl Leidl
  • Andreas Grzemba
Secure per Machine Learning - Wie KI die Informationssicherheit verbessern kann
  • 2019
JournalArticle
  • Karl Leidl
  • Andreas Grzemba
Secure per Machine Learning - Wie KI die Informationssicherheit verbessern kann
  • 2019
Lecture
  • Karl Leidl
Anomalieerkennung in industriellen Netzwerken - Cybersicherheit mit Machine Learning
  • 2019
Contribution
  • Robert Wildenauer
  • Karl Leidl
  • Martin Schramm
Hacking an optics manufacturing machine: You don't see it coming?!
  • 2019

DOI: 10.1117/12.2526691

With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.
Contribution
  • Robert Wildenauer
  • Karl Leidl
  • Martin Schramm
Hacking an optics manufacturing machine: You don't see it coming?!
  • 2019

DOI: 10.1117/12.2526691

With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.
JournalArticle
  • Nari Arunraj
  • Robert Hable
  • Michael Fernandes
  • Karl Leidl
  • Michael Heigl
Comparison of Supervised, Semi-supervised and Unsupervised Learning Methods in Network Intrusion Detection Systems (NIDS) Application
  • 2017
With the emergence of the fourth industrial revolution (Industrie 4.0) of cyber physical systems, intrusion detection systems are highly necessary to detect industrial network attacks. Recently, the increase in application of specialized machine learning techniques is gaining critical attention in the intrusion detection community. A wide variety of learning techniques proposed for different network intrusion detection system (NIDS) problems can be roughly classified into three broad categories: supervised, semi-supervised and unsupervised. In this paper, a comparative study of selected learning methods from each of these three kinds is carried out. In order to assess these learning methods, they are subjected to investigate network traffic datasets from an Airplane Cabin Demonstrator. In addition to this, the imbalanced classes (normal and anomaly classes) that are present in the captured network traffic data is one of the most crucial issues to be taken into consideration. From this investigation, it has been identified that supervised learning methods (logistic and lasso logistic regression methods) perform better than other methodswhen historical data on former attacks are available. The results of this study have also showed that the performance of semi-supervised learning method (One class support vector machine) is comparatively better than unsupervised learning method (Isolation Forest) when historical data on former attacks are not available.
JournalArticle
  • Nari Arunraj
  • Robert Hable
  • Michael Fernandes
  • Karl Leidl
  • Michael Heigl
Comparison of Supervised, Semi-supervised and Unsupervised Learning Methods in Network Intrusion Detection Systems (NIDS) Application
  • 2017
With the emergence of the fourth industrial revolution (Industrie 4.0) of cyber physical systems, intrusion detection systems are highly necessary to detect industrial network attacks. Recently, the increase in application of specialized machine learning techniques is gaining critical attention in the intrusion detection community. A wide variety of learning techniques proposed for different network intrusion detection system (NIDS) problems can be roughly classified into three broad categories: supervised, semi-supervised and unsupervised. In this paper, a comparative study of selected learning methods from each of these three kinds is carried out. In order to assess these learning methods, they are subjected to investigate network traffic datasets from an Airplane Cabin Demonstrator. In addition to this, the imbalanced classes (normal and anomaly classes) that are present in the captured network traffic data is one of the most crucial issues to be taken into consideration. From this investigation, it has been identified that supervised learning methods (logistic and lasso logistic regression methods) perform better than other methodswhen historical data on former attacks are available. The results of this study have also showed that the performance of semi-supervised learning method (One class support vector machine) is comparatively better than unsupervised learning method (Isolation Forest) when historical data on former attacks are not available.
Lecture
  • Karl Leidl
  • Martin Aman
  • Michael Heigl
  • Andreas Grzemba
Intrusion Detection Sensoren für industrielle Netzwerke
  • 2016
Lecture
  • Peter Semmelbauer
  • Karl Leidl
  • Martin Aman
  • Laurin Dörr
  • Andreas Grzemba
Schwachstellen, Angriffsszenarien und Schutzmaßnahmen bei industriellen Protokollen am Beispiel Profinet IO
  • 2016
Lecture
  • Peter Semmelbauer
  • Karl Leidl
  • Martin Aman
  • Laurin Dörr
  • Andreas Grzemba
Schwachstellen, Angriffsszenarien und Schutzmaßnahmen bei industriellen Protokollen am Beispiel Profinet IO
  • 2016
Lecture
  • Karl Leidl
  • Martin Aman
  • Michael Heigl
  • Andreas Grzemba
Intrusion Detection Sensoren für industrielle Netzwerke
  • 2016
Lecture
  • Karl Leidl
Cyber Security for Process Control Networks
  • 2014
Lecture
  • Karl Leidl
Cyber Security for Process Control Networks
  • 2014
Lecture
  • Karl Leidl
  • Andreas Grzemba
  • Laurin Dörr
Live Hacking
  • 2013
Lecture
  • Karl Leidl
  • Andreas Grzemba
  • Laurin Dörr
Live Hacking
  • 2013
Lecture
  • Martin Schramm
  • Karl Leidl
  • Andreas Grzemba
  • N. Kuntze
Enhanced Embedded Device Security by Combining Hardware-Based Trust Mechanisms Poster-Session
  • 2013
Lecture
  • Karl Leidl
Cyber Security for Industrial Control Systems
  • 2013
Lecture
  • Karl Leidl
Cyber Security for Industrial Control Systems
  • 2013
Lecture
  • Karl Leidl
  • Peter Fröhlich
  • Andreas Grzemba
Embedded Security with Respect to Industrial Control Systems Workshop
  • 2013
Lecture
  • Karl Leidl
  • Peter Fröhlich
  • Andreas Grzemba
Embedded Security with Respect to Industrial Control Systems Workshop
  • 2013
Lecture
  • Martin Schramm
  • Karl Leidl
  • Andreas Grzemba
  • N. Kuntze
Enhanced Embedded Device Security by Combining Hardware-Based Trust Mechanisms Poster-Session
  • 2013
Lecture
  • Karl Leidl
  • Martin Schramm
  • Andreas Grzemba
The Establishment of High Degrees of Trust in a Linux Environment
  • 2012
Lecture
  • Karl Leidl
  • Martin Schramm
  • Andreas Grzemba
The Establishment of High Degrees of Trust in a Linux Environment
  • 2012
Lecture
  • Karl Leidl
  • R. Habermann
Intelligente Anlagenüberwachung - Digitalisierung sicher meistern
Lecture
  • Karl Leidl
  • R. Habermann
Intelligente Anlagenüberwachung - Digitalisierung sicher meistern