This page has only limited features, please log in for full access.

Unclaimed
Tanja Zseby
Institute of Telecommunications, TU Wien, Vienna, Austria

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Regular paper
Published: 04 August 2021 in International Journal of Data Science and Analytics
Reads 0
Downloads 0

Advanced validation of cluster analysis is expected to increase confidence and allow reliable implementations. In this work, we describe and test CluReAL, an algorithm for refining clustering irrespective of the method used in the first place. Moreover, we present ideograms that enable summarizing and properly interpreting problem spaces that have been clustered. The presented techniques are built on absolute cluster validity indices. Experiments cover a wide variety of scenarios and six of the most popular clustering techniques. Results show the potential of CluReAL for enhancing clustering and the suitability of ideograms to understand the context of the data through the lens of the cluster analysis. Refinement and interpretability are both crucial to reduce failure and increase performance control and operational awareness in unsupervised analysis.

ACS Style

Félix Iglesias; Tanja Zseby; Arthur Zimek. Clustering refinement. International Journal of Data Science and Analytics 2021, 1 -21.

AMA Style

Félix Iglesias, Tanja Zseby, Arthur Zimek. Clustering refinement. International Journal of Data Science and Analytics. 2021; ():1-21.

Chicago/Turabian Style

Félix Iglesias; Tanja Zseby; Arthur Zimek. 2021. "Clustering refinement." International Journal of Data Science and Analytics , no. : 1-21.

Review
Published: 23 June 2020 in Applied Sciences
Reads 0
Downloads 0

The increased interest in secure and reliable communications has turned the analysis of network traffic data into a predominant topic. A high number of research papers propose methods to classify traffic, detect anomalies, or identify attacks. Although the goals and methodologies are commonly similar, we lack initiatives to categorize the data, methods, and findings systematically. In this paper, we present Network Traffic Analysis Research Curation (NTARC), a data model to store key information about network traffic analysis research. We additionally use NTARC to perform a critical review of the field of research conducted in the last two decades. The collection of descriptive research summaries enables the easy retrieval of relevant information and a better reuse of past studies by the application of quantitative analysis. Among others benefits, it enables the critical review of methodologies, the detection of common flaws, the obtaining of baselines, and the consolidation of best practices. Furthermore, it provides a basis to achieve reproducibility, a key requirement that has long been undervalued in the area of traffic analysis. Thus, besides reading hard copies of papers, with NTARC, researchers can make use of a digital environment that facilitates queries and reviews over a comprehensive field corpus.

ACS Style

Félix Iglesias; Daniel C. Ferreira; Gernot Vormayr; Maximilian Bachl; Tanja Zseby. NTARC: A Data Model for the Systematic Review of Network Traffic Analysis Research. Applied Sciences 2020, 10, 4307 .

AMA Style

Félix Iglesias, Daniel C. Ferreira, Gernot Vormayr, Maximilian Bachl, Tanja Zseby. NTARC: A Data Model for the Systematic Review of Network Traffic Analysis Research. Applied Sciences. 2020; 10 (12):4307.

Chicago/Turabian Style

Félix Iglesias; Daniel C. Ferreira; Gernot Vormayr; Maximilian Bachl; Tanja Zseby. 2020. "NTARC: A Data Model for the Systematic Review of Network Traffic Analysis Research." Applied Sciences 10, no. 12: 4307.

Journal article
Published: 22 April 2020 in IEEE Communications Surveys & Tutorials
Reads 0
Downloads 0

Network flows build the basis of modern network data analysis by aggregating properties of network packets with common characteristics. A consistent and unambiguous definition of the network flow concept is an indispensable prerequisite and starting point for reproducible network research. However, in today’s practice, the flow output of distinct flow exporters, which is software to generate flows from observed network packets, varies substantially on identical network packet stream input. In this paper we present an in-depth comparison of different flow exporters and show how their outputs differ significantly. We argue that this substantially impairs reproducibility for traffic analysis research. We first present the detailed flow definition of the ipfix standard including explanations and examples, analyze design and implementation of existing flow exporters, and explore the reasons why many projects and publications chose to implement their own flow exporters. Based on this analysis we highlight the main challenges in the flow exporting process and present a detailed tutorial on how to design and implement a flow exporter such that it yields consistent, reproducible output. Based on the tutorial’s theoretical analysis and lessons learned we present design and main concepts of a versatile, flexible, and open source flow exporting solution called go-flows that generates deterministic, reproducible network flows. Finally, we present a flow-by-flow comparison of the analyzed flow exporters’ output, explore the differences in terms of their generated flows, compare flow exporter performance, and conclude with guidelines on parameters that play a crucial role in improving the reproducibility of exported flows.

ACS Style

Gernot Vormayr; Joachim Fabini; Tanja Zseby. Why are My Flows Different? A Tutorial on Flow Exporters. IEEE Communications Surveys & Tutorials 2020, 22, 2064 -2103.

AMA Style

Gernot Vormayr, Joachim Fabini, Tanja Zseby. Why are My Flows Different? A Tutorial on Flow Exporters. IEEE Communications Surveys & Tutorials. 2020; 22 (3):2064-2103.

Chicago/Turabian Style

Gernot Vormayr; Joachim Fabini; Tanja Zseby. 2020. "Why are My Flows Different? A Tutorial on Flow Exporters." IEEE Communications Surveys & Tutorials 22, no. 3: 2064-2103.

Conference paper
Published: 28 March 2020 in Communications in Computer and Information Science
Reads 0
Downloads 0

Among network analysts, “anomaly” and “outlier” are terms commonly associated to network attacks. Attacks are outliers (or anomalies) in the sense that they exploit communication protocols with novel infiltration techniques against which there are no defenses yet. But due to the dynamic and heterogeneous nature of network traffic, attacks may look like normal traffic variations. Also attackers try to make attacks indistinguishable from normal traffic. Then, are network attacks actual anomalies? This paper tries to answer this important question from analytical perspectives. To that end, we test the outlierness of attacks in a recent, complete dataset for evaluating Intrusion Detection by using five different feature vectors for network traffic representation and five different outlier ranking algorithms. In addition, we craft a new feature vector that maximizes the discrimination power of outlierness. Results show that attacks are significantly more outlier than legitimate traffic—specially in representations that profile network endpoints—, although attack and non-attack outlierness distributions strongly overlap. Given that network spaces are noisy and show density variations in non-attack spaces, algorithms that measure outlierness locally are less effective than algorithms that measure outlierness with global distance estimations. Our research confirms that unsupervised methods are suitable for attack detection, but also that they must be combined with methods that leverage pre-knowledge to prevent high false positive rates. Our findings expand the basis for using unsupervised methods in attack detection.

ACS Style

Félix Iglesias; Alexander Hartl; Tanja Zseby; Arthur Zimek. Are Network Attacks Outliers? A Study of Space Representations and Unsupervised Algorithms. Communications in Computer and Information Science 2020, 159 -175.

AMA Style

Félix Iglesias, Alexander Hartl, Tanja Zseby, Arthur Zimek. Are Network Attacks Outliers? A Study of Space Representations and Unsupervised Algorithms. Communications in Computer and Information Science. 2020; ():159-175.

Chicago/Turabian Style

Félix Iglesias; Alexander Hartl; Tanja Zseby; Arthur Zimek. 2020. "Are Network Attacks Outliers? A Study of Space Representations and Unsupervised Algorithms." Communications in Computer and Information Science , no. : 159-175.

Journal article
Published: 23 April 2019 in IEEE Transactions on Pattern Analysis and Machine Intelligence
Reads 0
Downloads 0

The application of clustering involves the interpretation of objects placed in multi-dimensional spaces. The task of clustering itself is inherently submitted to subjectivity, the optimal solution can be extremely costly to discover and sometimes even unreachable or nonexistent. This fact introduces a trade-off between accuracy and computational effort, moreover given that engineering applications usually work well with suboptimal solutions. In such applied scenarios, cluster validation is mandatory to refine algorithms and ensure that solutions are meaningful. Validity indices are commonly intended to benchmark diverse clustering setups, therefore they are coefficients with a relative nature, i.e., useful when compared to one another. In this paper, we propose a validation methodology that enables absolute evaluations of clustering results. Our method performs geometric measurements of the solution space and provides a coherent interpretation of the data structure by using indices based on inter- and intra-cluster distances, density, and multimodality within clusters. Conducted tests and comparisons with well-known indices show that our validation methodology improves the robustness of the clustering application for knowledge discovery. While clustering is often performed as a black box technique, our index is construable and therefore allows for the implementation of systems enriched with self-checking capabilities.

ACS Style

Felix Iglesias; Tanja Zseby; Arthur Zimek. Absolute Cluster Validity. IEEE Transactions on Pattern Analysis and Machine Intelligence 2019, 42, 2096 -2112.

AMA Style

Felix Iglesias, Tanja Zseby, Arthur Zimek. Absolute Cluster Validity. IEEE Transactions on Pattern Analysis and Machine Intelligence. 2019; 42 (9):2096-2112.

Chicago/Turabian Style

Felix Iglesias; Tanja Zseby; Arthur Zimek. 2019. "Absolute Cluster Validity." IEEE Transactions on Pattern Analysis and Machine Intelligence 42, no. 9: 2096-2112.

Conference paper
Published: 10 November 2018 in Transactions on Petri Nets and Other Models of Concurrency XV
Reads 0
Downloads 0

Group communication facilitates efficient data transmission to numerous receivers by reducing data replication efforts both at the sender and in the network. Group communication is used in today’s communication networks in many ways, such as broadcasting in cellular networks, IP multicast on the network layer, or as application layer multicast. Despite many efforts in providing data origin authentication for specific application areas in group communication, no efficient and secure all-purpose solution has been proposed so far. In this paper, we analyze data origin authentication schemes from 25 years of research. We distinguish three general approaches to address the challenge and assign six conceptually different classes to these three approaches. We show that each class comprises trade-offs from a specific point of view that prevent the class from being generally applicable to group communication. We then propose to add a new class of schemes based on recent high-performance digital signatures. We argue that the high-speed signing approach is secure, resource efficient, and can be applied with acceptable communication overhead. This new class therefore provides a solution that is generally applicable and should be the foundation of future research on data origin authentication for group communication.

ACS Style

Robert Annessi; Tanja Zseby; Joachim Fabini. A New Direction for Research on Data Origin Authentication in Group Communication. Transactions on Petri Nets and Other Models of Concurrency XV 2018, 515 -525.

AMA Style

Robert Annessi, Tanja Zseby, Joachim Fabini. A New Direction for Research on Data Origin Authentication in Group Communication. Transactions on Petri Nets and Other Models of Concurrency XV. 2018; ():515-525.

Chicago/Turabian Style

Robert Annessi; Tanja Zseby; Joachim Fabini. 2018. "A New Direction for Research on Data Origin Authentication in Group Communication." Transactions on Petri Nets and Other Models of Concurrency XV , no. : 515-525.

Journal article
Published: 09 November 2018 in Fuzzy Sets and Systems
Reads 0
Downloads 0

Adversarial machine learning copes with the development of methods to prevent machine learning algorithms from being misled by malicious users. This field is especially relevant for applications where machine learning lies in the core of security systems. In the field of network security, adversarial samples are actually novel network attacks or old attacks with tuned properties. This paper proposes to blur classification boundaries in order to enhance machine learning robustness and improve the detection of adversarial samples that exploit learning weaknesses. We test this concept by an experimental setup with network traffic in which linear decision trees are wrapped by a one-class-membership scoring algorithm. We benchmark our proposal with plain linear decision trees and fuzzy decision trees. Results show that evasive attacks (i.e., false negatives) tend to be ranked with low class-membership levels, meaning that they are located in zones close to classification thresholds. In addition, classification performances improve when membership scores are added as new features. Using fuzzy class boundaries is highly consistent with the interpretation of many network traffic features used for malware detection; moreover, it prevents network attackers from exploiting classification boundaries as attack objectives.

ACS Style

Félix Iglesias; Jelena Milosevic; Tanja Zseby. Fuzzy classification boundaries against adversarial network attacks. Fuzzy Sets and Systems 2018, 368, 20 -35.

AMA Style

Félix Iglesias, Jelena Milosevic, Tanja Zseby. Fuzzy classification boundaries against adversarial network attacks. Fuzzy Sets and Systems. 2018; 368 ():20-35.

Chicago/Turabian Style

Félix Iglesias; Jelena Milosevic; Tanja Zseby. 2018. "Fuzzy classification boundaries against adversarial network attacks." Fuzzy Sets and Systems 368, no. : 20-35.

Journal article
Published: 09 November 2018 in Applied Sciences
Reads 0
Downloads 0

The consolidation of encryption and big data in network communications have made deep packet inspection no longer feasible in large networks. Early attack detection requires feature vectors which are easy to extract, process, and analyze, allowing their generation also from encrypted traffic. So far, experts have selected features based on their intuition, previous research, or acritically assuming standards, but there is no general agreement about the features to use for attack detection in a broad scope. We compared five lightweight feature sets that have been proposed in the scientific literature for the last few years, and evaluated them with supervised machine learning. For our experiments, we use the UNSW-NB15 dataset, recently published as a new benchmark for network security. Results showed three remarkable findings: (1) Analysis based on source behavior instead of classic flow profiles is more effective for attack detection; (2) meta-studies on past research can be used to establish satisfactory benchmarks; and (3) features based on packet length are clearly determinant for capturing malicious activity. Our research showed that vectors currently used for attack detection are oversized, their accuracy and speed can be improved, and are to be adapted for dealing with encrypted traffic.

ACS Style

Fares Meghdouri; Tanja Zseby; Félix Iglesias. Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic. Applied Sciences 2018, 8, 2196 .

AMA Style

Fares Meghdouri, Tanja Zseby, Félix Iglesias. Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic. Applied Sciences. 2018; 8 (11):2196.

Chicago/Turabian Style

Fares Meghdouri; Tanja Zseby; Félix Iglesias. 2018. "Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic." Applied Sciences 8, no. 11: 2196.

Original paper
Published: 28 August 2018 in Journal of Computer Virology and Hacking Techniques
Reads 0
Downloads 0

Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid networks in the ns3 simulation environment. First, an aggressive malware type, named the pandemic malware, follows a topological-scan strategy to find and infect all devices on the network in the shortest time possible, via a brute force approach. Next, the more intelligent endemic malware sacrifices speed for stealthiness and operates with a less conspicuous hit-list and permutation-scan strategy. Finally, a highly stealthy malware type called the contagion malware does not scan the network or initiate any connections but rather appends on legitimate communication flows. We define several metrics to express the infection speed, scanning efficiency, stealthiness, and complexity of malware and use those metrics to compare the three malware types. Our simulations provide details on the scanning and propagation behavior of different malware classes. Furthermore, this work allows the assessment of the detectability of different malware types.

ACS Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types. Journal of Computer Virology and Hacking Techniques 2018, 15, 109 -125.

AMA Style

Peter Eder-Neuhauser, Tanja Zseby, Joachim Fabini. Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types. Journal of Computer Virology and Hacking Techniques. 2018; 15 (2):109-125.

Chicago/Turabian Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. 2018. "Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types." Journal of Computer Virology and Hacking Techniques 15, no. 2: 109-125.

Vorwort
Published: 05 June 2018 in e & i Elektrotechnik und Informationstechnik
Reads 0
Downloads 0
ACS Style

Tanja Zseby. Cyber-Physical Systems – Security. e & i Elektrotechnik und Informationstechnik 2018, 135, 249 -249.

AMA Style

Tanja Zseby. Cyber-Physical Systems – Security. e & i Elektrotechnik und Informationstechnik. 2018; 135 (3):249-249.

Chicago/Turabian Style

Tanja Zseby. 2018. "Cyber-Physical Systems – Security." e & i Elektrotechnik und Informationstechnik 135, no. 3: 249-249.

Originalarbeit
Published: 05 June 2018 in e & i Elektrotechnik und Informationstechnik
Reads 0
Downloads 0

Smart power grids require a communication infrastructure to collect sensor data and to send control commands. The common trend for cost reduction influences the architecture, implementation, networking, and operation of smart grid devices. Whereas hardware and software reuse are imperative for vendors to lower device costs, utility companies substantially decrease their operational costs by deploying a homogeneous device base. Thousands of smart meters that feature identical hardware, firmware, and software, are one main prerequisite for automated maintenance, support, and device replacement. However, these cost savings create optimum conditions for malware propagation and infection in the grids’ control networks. In this paper we show how monocultures in device types can lead to critical situations if malware exploits a common vulnerability. Although we assume that classical defensive measures, e.g., firewalls, virtual networks, and intrusion detection, are in place, we argue that new or unpatched vulnerabilities cannot be ruled out and may lead to a very fast distribution of malware in large parts of the smart grids’ control network. Besides showing how fast malware can spread in device monocultures, we also discuss effective defensive measures that can support utility companies in preventing or containing malware distribution. Intelligente Stromnetze benötigen Kommunikationstechnologien, um Sensordaten und Kontrollinformationen zu übertragen. Der modulare Aufbau von Hardware, Firmware und Software sowie deren teilweise Wiederverwendung in verschiedenen Komponenten des Smart Grids ermöglichen eine Senkung der Herstellungs- und Investitionskosten. Je geringer die Anzahl ausgerollter Hardware-, Firmware- und Softwareversionen im Feld ist, desto geringer sind die zu erwartenden Betriebskosten wie etwa für automatisierte Updates, Gerätewartung, Geräteersatz und Schulung. Diese finanziellen Anreize haben eine äußerst homogene Gerätebasis im Smart Grid zur Folge. Das führt zu optimalen Bedingungen für die Ausbreitung von Malware in Smart Grid-Kommunikationsnetzen.

ACS Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. Malware propagation in smart grid monocultures. e & i Elektrotechnik und Informationstechnik 2018, 135, 264 -269.

AMA Style

Peter Eder-Neuhauser, Tanja Zseby, Joachim Fabini. Malware propagation in smart grid monocultures. e & i Elektrotechnik und Informationstechnik. 2018; 135 (3):264-269.

Chicago/Turabian Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. 2018. "Malware propagation in smart grid monocultures." e & i Elektrotechnik und Informationstechnik 135, no. 3: 264-269.

Journal article
Published: 17 May 2018 in Sustainability
Reads 0
Downloads 0

The increasing power in-feed of Non-Synchronous Renewable Energy Sources (NS-RES) in the grid has raised concerns about the frequency stability. The volatile RES power output and absence of inertia in many types of NS-RES affect the balance between power consumption and production. Therefore, the dynamics of the power grid frequency become more complex. Extreme grid frequency deviations and fast variations can lead to partitioning and load shedding in the case of under-frequency. In the case of over-frequency, it can lead to overloading, voltage collapse and blackouts. The Rate of Change of Frequency (RoCoF) reflects an aspect of the stability status of the grid and therefore its analysis with regard to Non-Synchronous Instant Penetration (NSIP) is of great importance. In this work, two months of high-resolution frequency synchrophasor measurements during 18 January 2018–18 March 2018 recorded in Austria were analyzed to investigate the impact of NS-RES on the frequency. The correlation of RoCoF with the NSIP in Austria and Germany and with the frequency deviation were examined. It was observed that with a maximum NSIP share up to 74% of the total power generation in these two countries, there was no critical increase of RoCoF or abnormal frequency deviation in the power grid.

ACS Style

Evangelia Xypolytou; Wolfgang Gawlik; Tanja Zseby; Joachim Fabini. Impact of Asynchronous Renewable Generation Infeed on Grid Frequency: Analysis Based on Synchrophasor Measurements. Sustainability 2018, 10, 1605 .

AMA Style

Evangelia Xypolytou, Wolfgang Gawlik, Tanja Zseby, Joachim Fabini. Impact of Asynchronous Renewable Generation Infeed on Grid Frequency: Analysis Based on Synchrophasor Measurements. Sustainability. 2018; 10 (5):1605.

Chicago/Turabian Style

Evangelia Xypolytou; Wolfgang Gawlik; Tanja Zseby; Joachim Fabini. 2018. "Impact of Asynchronous Renewable Generation Infeed on Grid Frequency: Analysis Based on Synchrophasor Measurements." Sustainability 10, no. 5: 1605.

Journal article
Published: 01 December 2017 in Sustainable Energy, Grids and Networks
Reads 0
Downloads 0
ACS Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini; Gernot Vormayr. Cyber attack models for smart grid environments. Sustainable Energy, Grids and Networks 2017, 12, 10 -29.

AMA Style

Peter Eder-Neuhauser, Tanja Zseby, Joachim Fabini, Gernot Vormayr. Cyber attack models for smart grid environments. Sustainable Energy, Grids and Networks. 2017; 12 ():10-29.

Chicago/Turabian Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini; Gernot Vormayr. 2017. "Cyber attack models for smart grid environments." Sustainable Energy, Grids and Networks 12, no. : 10-29.

Journal article
Published: 06 September 2017 in IEEE Communications Surveys & Tutorials
Reads 0
Downloads 0

Malicious botnets have become a common threat and pervade large parts of the Internet today. Existing surveys and taxonomies focus on botnet topologies, Command and Control (C&C) protocols, and botnet objectives. Building on these research results, network-based detection techniques have been proposed that are capable of detecting known botnets. Methods for botnet establishment and operation have evolved significantly over the past decade resulting in the need for detection methods that are capable of detecting new, previously unknown types of botnets. In this paper we present an in-depth analysis of all network communication aspects in botnet establishment and operation. We examine botnet topology, protocols, and analyze a large set of very different and highly sophisticated existing botnets from a network communication perspective. Based on our analysis, we introduce a novel taxonomy of generalized communication patterns for botnet communication using standardized Unified Modeling Language (UML) sequence diagrams. We furthermore examine data exchange options and investigate the influence of encryption and hiding techniques. Our generalized communication patterns provide a useful basis for the development of sophisticated network-based botnet detection mechanisms and can offer a key component for building protocol- and topology-independent network-based detectors.

ACS Style

Gernot Vormayr; Tanja Zseby; Joachim Fabini. Botnet Communication Patterns. IEEE Communications Surveys & Tutorials 2017, 19, 2768 -2796.

AMA Style

Gernot Vormayr, Tanja Zseby, Joachim Fabini. Botnet Communication Patterns. IEEE Communications Surveys & Tutorials. 2017; 19 (4):2768-2796.

Chicago/Turabian Style

Gernot Vormayr; Tanja Zseby; Joachim Fabini. 2017. "Botnet Communication Patterns." IEEE Communications Surveys & Tutorials 19, no. 4: 2768-2796.

Conference paper
Published: 01 September 2017 in 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)
Reads 0
Downloads 0

The increasing number of renewable energy sources and their fluctuating nature add significantly to the growing complexity of the power grid. Thus instabilities due to, e.g., line overload, occur more often, increasing the risk of failures. A single failure can originate cascading events and finally end up in a blackout. Reactive control actions aim to overcome such failures a posteriori, whereas proactive ones prevent failures, contributing towards a self-healing and self-organizing smart grid. Moreover, the involvement of communication networks into grid monitoring, management, and control introduces an interdependency between these two systems, which increases the risk of instabilities due to propagation of failures from one system to another. This paper gives an overview of detection and mitigation methods of cascading failures in power grids and communication networks and presents the challenges and open questions in managing such failures in interconnected networks.

ACS Style

Evangelia Xypolytou; Tanja Zseby; Joachim Fabini; Wolfgang Gawlik. Detection and mitigation of cascading failures in interconnected power systems. 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) 2017, 1 -6.

AMA Style

Evangelia Xypolytou, Tanja Zseby, Joachim Fabini, Wolfgang Gawlik. Detection and mitigation of cascading failures in interconnected power systems. 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). 2017; ():1-6.

Chicago/Turabian Style

Evangelia Xypolytou; Tanja Zseby; Joachim Fabini; Wolfgang Gawlik. 2017. "Detection and mitigation of cascading failures in interconnected power systems." 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) , no. : 1-6.

Originalarbeiten
Published: 03 February 2017 in e & i Elektrotechnik und Informationstechnik
Reads 0
Downloads 0

Reliable and efficient energy supply is based not only on local control but also on remote sensor data and measurements, making communication one of the important components. The increasing threat of possible attacks is the motivation behind the main purpose of the FUSE testbed—an experimental microgrid for smart grid research—to conduct experiments on smart grid security, grid optimization, stabilization and islanding. This work, after providing an insight of the current state of the art concerning research on microgrids, describes the FUSE experimental facility as well as first experiments including partial measurement equipment installation and data collection and analysis.

ACS Style

Evangelia Xypolytou; Joachim Fabini; Wolfgang Gawlik; Tanja Zseby. The FUSE testbed: establishing a microgrid for smart grid security experiments. e & i Elektrotechnik und Informationstechnik 2017, 134, 30 -35.

AMA Style

Evangelia Xypolytou, Joachim Fabini, Wolfgang Gawlik, Tanja Zseby. The FUSE testbed: establishing a microgrid for smart grid security experiments. e & i Elektrotechnik und Informationstechnik. 2017; 134 (1):30-35.

Chicago/Turabian Style

Evangelia Xypolytou; Joachim Fabini; Wolfgang Gawlik; Tanja Zseby. 2017. "The FUSE testbed: establishing a microgrid for smart grid security experiments." e & i Elektrotechnik und Informationstechnik 134, no. 1: 30-35.

Journal article
Published: 26 January 2017 in IEEE Communications Surveys & Tutorials
Reads 0
Downloads 0

The cloud concept promises computing as a utility. More and more functions are moved to cloud environments. But this transition comes at a cost: security and privacy solutions have to be adapted to new challenges in cloud environments. We investigate secret communication possibilities-data transmission concealing its mere existence or some of its characteristics-in clouds. The ability to establish such secret communication provides a powerful instrument to adversaries and can be used to gather information for attack preparation, to conceal the coordination of malicious instances or to leak sensitive data. In this paper, we investigate potentials for secret communication in cloud environments and show possible application scenarios. We survey current approaches of different kinds of secret communication including covert channels, side channels, and obfuscation techniques. While most existing work focuses on covert and side channels within a physical server (cross-VM channels), we place emphasis on network-based covert and side channels, which are rarely addressed in current literature about cloud security. We then discuss secret communication techniques with respect to the application scenarios and show their advantages and limitations.

ACS Style

Johanna Ullrich; Tanja Zseby; Joachim Fabini; Edgar Weippl. Network-Based Secret Communication in Clouds: A Survey. IEEE Communications Surveys & Tutorials 2017, 19, 1112 -1144.

AMA Style

Johanna Ullrich, Tanja Zseby, Joachim Fabini, Edgar Weippl. Network-Based Secret Communication in Clouds: A Survey. IEEE Communications Surveys & Tutorials. 2017; 19 (2):1112-1144.

Chicago/Turabian Style

Johanna Ullrich; Tanja Zseby; Joachim Fabini; Edgar Weippl. 2017. "Network-Based Secret Communication in Clouds: A Survey." IEEE Communications Surveys & Tutorials 19, no. 2: 1112-1144.

Journal article
Published: 01 October 2016 in Computer Networks
Reads 0
Downloads 0

This paper studies the temporal behavior of communication flows in the Internet. Characterization of flows by temporal patterns supports traffic classification and filtering for network management and network security in situations where full packet data is not accessible (e.g. obfuscated or encrypted traffic) or cannot be analyzed due to privacy concerns or resource limitations. In this paper we define a time activity feature vector that describes the temporal behavior of flows. Later, we use cluster analysis to capture the most common time activity patterns in real Internet traffic using traces from the MAWI dataset. We discovered a set of 7 time-activity footprints and show that 95.3% of the analyzed flows can be characterized based on such footprints, which represent different behaviors for the three main protocols (4 in TCP, 1 in ICMP and 2 in UDP). In addition, we found that the majority of the observed flows consisted of short, one-time bursts. An in-depth inspection revealed, besides some DNS traffic, the preponderance of a large number of scanning, probing, DoS attacks and backscatter traffic in the network. Flows transmitting meaningful data became outliers among short, one-time bursts of unwanted traffic.

ACS Style

Félix Iglesias; Tanja Zseby. Time-activity footprints in IP traffic. Computer Networks 2016, 107, 64 -75.

AMA Style

Félix Iglesias, Tanja Zseby. Time-activity footprints in IP traffic. Computer Networks. 2016; 107 ():64-75.

Chicago/Turabian Style

Félix Iglesias; Tanja Zseby. 2016. "Time-activity footprints in IP traffic." Computer Networks 107, no. : 64-75.

Journal article
Published: 18 February 2016 in IEEE Access
Reads 0
Downloads 0

Smart grids require information and communication technology (ICT) in order to control dynamics in the power grid. However, adding ICT creates additional entry points in vulnerable hard- and software, increasing the attack surface, and provides distribution paths that can be used by malware for attacks. This paper provides a qualitative evaluation of smart grid architectures for urban environments, comparing four topology types based on six quality indicators: resource control, security, resilience, quality of service, compatibility, and cost. The impact of each power grid topology on the applicability of ICT components in communication topologies is also considered. We summarize the benefits and drawbacks of each topology with a focus on the implementation of decentralized and self-organizing structures.

ACS Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. Resilience and Security: A Qualitative Survey of Urban Smart Grid Architectures. IEEE Access 2016, 4, 839 -848.

AMA Style

Peter Eder-Neuhauser, Tanja Zseby, Joachim Fabini. Resilience and Security: A Qualitative Survey of Urban Smart Grid Architectures. IEEE Access. 2016; 4 ():839-848.

Chicago/Turabian Style

Peter Eder-Neuhauser; Tanja Zseby; Joachim Fabini. 2016. "Resilience and Security: A Qualitative Survey of Urban Smart Grid Architectures." IEEE Access 4, no. : 839-848.

Journal article
Published: 29 July 2015 in IEEE/ACM Transactions on Networking
Reads 0
Downloads 0

Modern access network technologies like Long Term Evolution (LTE) and High Speed Packet Access (HSPA) use time-slotting mechanisms to optimize resource sharing and overall network performance. In time-slotted networks, the one-way delay of all packets in a packet stream depends on the absolute point in time when the first packet of the stream is sent. With appropriate feedback signals, applications can exploit this effect to reduce their effective end-to-end delay. Time-critical applications such as real-time sensor data acquisition or voice-over-IP (VoIP) communications can shift their acquisition interval in order to adapt to the network timing. Information about the actual time-slotting periods can be gathered by active network measurements or through implementation of cross-layer information exchange. In this paper, a method is proposed to determine the optimum send time for particular destinations and to support applications in adjusting their send time accordingly. Theoretical findings are supported by the offline analysis of measurement data and by a proof-of-concept implementation that confirms the feasibility and effectiveness of the proposed solution in operational LTE and HSPA networks.

ACS Style

Joachim Fabini; Tanja Zseby; Fabini J.; Zseby T.. The Right Time: Reducing Effective End-to-End Delay in Time-Slotted Packet-Switched Networks. IEEE/ACM Transactions on Networking 2015, 24, 2251 -2263.

AMA Style

Joachim Fabini, Tanja Zseby, Fabini J., Zseby T.. The Right Time: Reducing Effective End-to-End Delay in Time-Slotted Packet-Switched Networks. IEEE/ACM Transactions on Networking. 2015; 24 (4):2251-2263.

Chicago/Turabian Style

Joachim Fabini; Tanja Zseby; Fabini J.; Zseby T.. 2015. "The Right Time: Reducing Effective End-to-End Delay in Time-Slotted Packet-Switched Networks." IEEE/ACM Transactions on Networking 24, no. 4: 2251-2263.