Marko Jahnke

Learn More
This contribution presents a graph based approach for modelling the effects of both attacks against computer networks and response measures as reactions against the attacks. Certain properties of the model graphs are utilized to quantify different response metrics which are well-kown from the pragmatic view of network security officers. Using these metrics,(More)
Black hole attacks are a serious threat to communication in tactical MANETs. In this work we present TOGBAD a new centralised approach, using topology graphs to identify nodes attempting to create a black hole. We use well-established techniques to gain knowledge about the network topology and use this knowledge to perform plausibility checks of the routing(More)
Data hiding is one technique by which system perpetrators store information while reducing the risk of being detected by system administrators. The first major section of this article structures and compares existing data hiding methods for UNIX file systems in terms of usability and countermeasures. It discusses variant techniques related to advanced file(More)
Mobile ad hoc networks (MANETs) provide possibilities to realize IP-based networks without the presence of a fixed infrastructure. Therefore, this technology has also become attractive for tactical networks, such as in command posts, vehicle convoys, autonomous robot systems, and also for infantry troops. Due to its radio characteristics, it is widely known(More)
We present a prototype of an Intrusion Warning System for combining event message flows of multiple domain-specific security tools in order to determine anomalies for early warning and response. Unlike other approaches for cooperating Intrusion Detection Systems (IDS), we suggest a modified star shape architecture for distributing attack information and(More)
Koalitionsumgebungen sollen für alle miteinander kooperierenden Mitglieder einen Vorteil bei der Verfolgung eines gemeinsamen Ziels erbringen. Dies gilt für die verschiedensten Anwendungsbereiche, etwa bei kooperierenden Strafverfolgungsbehörden, Wirtschaftsunternehmen oder Streitkräfte. Auch bei der Erkennung von sicherheitsrelevanten Vorgängen in(More)
This contribution presents validation results of an intuitive approach named `GrADAR' for automatically selecting response measures to DoS attacks. It creates and maintains a model of a computer network and of the availability of its resources from the observations of deployed monitoring systems. The graph-based model is able to express both the effects of(More)