IT security work group

The IT Security work group at the Faculty of Computer Science at Furtwangen University is involved, within the framework of teaching and research, in the theory and practice of secure and robust distributed IT systems in both a wired and a wireless context. In the Computer Networking (BSc) and Computer Science (BSc) programmes, besides taking lectures on IT security, cryptography and coding, and company security, students are also able to examine certain systems and architectures from the point of view of a hacker (offensive security). In the area of applied research, the topics of data protection, cloud security, securing of IT infrastructures, security management and industrial IT security are covered.

 

Projects

ProSeCCo, PhD work on the increase of Security measures for Cloud Computing

ProSeCCo stands for PhD work on the increase of Security measures for Cloud Computing. Through this project 2 doctoral positions were created at the Faculty of Computer Science.

Cloud Computing, i.e. the provision of IT services over the World Wide Web, is currently one of the greatest drivers of growth in information and communications technology. IT resources such as software, processing power and memory can thus be downloaded from the internet according to need. This offers significant savings potential for companies as they do not have to invest in software and hardware. Because with Cloud Computing storage is outsourced, data security and protection plays a central role. Even with trustworthy Cloud providers there is always a risk of hacker attacks. In this project, Furtwangen University academics work on the development of data-protection-friendly solutions which are integrated into the fundamental concepts of Cloud applications.

Duration:01.11.2013 - 31.10.2016
Durchführung:until WS 2014/15 at Furtwangen University
Third party funding sponsor:Federal Ministry for Education and Research
Funding amount:€432,000
Contact person:Prof. Dr. Dirk Westhoff (at HFU until September 2014)

UNIKOPS, Security solutions for cyber-physical systems

The overall goal of the UNIKOPS project are universally configurable security solutions for embedded devices and systems for various applications, such as SCADA, Smart Metering, the Internet of Things (IoT), and particularly Ambient Assisted Living. The security solutions which will be developed should also meet the demands of energy efficiency and storage space. A partial aim of the project on the safeguarding of system integrity should include the development and implementation of systems security, ad hoc function enabling, trustworthy data fusion of monitored and transmitted data, and the recognition of attacks and attempts at manipulation. UNIKOPS is funded by the Federal Ministry of Education and Research within the framework of the "Security in insecure environments" focus.

Duration:01.03.2013 – 31.08.2015
Project execution:until WS 2014/15 at Furtwangen University
Third party funding sponsor:Federal Ministry of Education and Research
Funding amount of total project:€1.5m
Project partner:ESCRYPT GmbH, IHP GmbH Frankfurt Oder, Ruhr Univesität Bochum
Contact person:Prof. Dr. Dirk Westhoff (at HFU until September 2014)

SAaaS (Security Audit as a Service)

See also Cloud Computing work group

SAaaS is based on a cloud intrusion detection system with distributed agents deployed at logical key locations (e.g. VMs, VM hosts, cloud management) in order to monitor occurences in the cloud. An occurrence can be a simple successful login, a series of unsuccessful login attempts, network connections between VMs or increasing CPU consumption of a certain VM. Distributed attacks on or misuse of a cloud computing environment can thus be detected early.

Further information on SAaaS project

Duration:01.07.2011 – 30.06.2013
Third party funding sponsor:BMBF
Funding amount€239,751.60
Project partner:SCHUTZWERK GmbH, ToasterNET GmbH
Contact person:Prof. Dr. Christoph Reich (christoph.reich(at)hs-furtwangen.de)

Teaching

Problems with and applications of IT security are common headlines and part of our everyday life. The Faculty of Computer Science is well aware of their wide-ranging implications. Since winter semester 2011/12, IT security has been a focus of the Computer Networking (CNB) programme together with mobile systems. Currently the following aspects of IT security are covered in the bachelor's and master's programmes of the Faculty of Computer Science:

  • Mathematical principles of IT security and cryptography and coding
  • Cryptography and coding
  • Secure programing
  • Company security

Other activities

Hack2Improve

At regular intervals since 2008, the Faculty of Computer Science has organized one-day or multiple-day Hacking Events with partner companies. Industry experts report on the latest developments in the computer security sector. In a hacking lab, practical exercises allow students to experience gaps in security gaps and to work out measures to avoid these. The event is a lot of fun for participants and the event is always booked out early.

www.hack2improve.de

CTS Competition Hamburg

The Faculty of Computer Science supports students both theoretically and financially with visits to congresses and workshops outside the University. In August 2013, a group of computer science students took part in the "University Challenge" in Hamburg and together with representatives from other universities, took second place. The organizer of the "University Challenge", which took place as part of the "AppSec Research 2013" Conference, was Martin Knobloch from OWASP (Open Web Application Security Project).

Penetration Test

The Penetration Test has become a standard method to test the IT security of networked computer infrastructures. Using his experience and special tools, the tester takes on the role of the hacker and attempts to find weak points. To prepare the penetration tester well for the practical test, practice in an isolated, near-reality virtual environment is important. For this purpose a Pentest Lab has been built at Furtwangen University. Networked virtual machines with inbuilt weaknesses provide hackable scenarios.

Members of the work group

Prof. Dr. Friedbert Kasparfriedbert.kaspar(at)hs-furtwangen.de
Prof. Dr. Olaf Neißeolaf.neisse(at)hs-furtwangen.de
Prof. Dr. Bertold Laschingerbertold.laschinger(at)hs-furtwangen.de