IDAACS Wireless as virtual conference in Dortmund - GLACIER project presented

IDAACS Wireless already took place in Offenburg (Germany) in 2012, 2014, 2016 and in Lviv (Ukraine) in 2018. Best contributions were published on IEEE Xplore, Web of Science - Conference Proceedings Citation Index- Science (CPCI-S) und Scopus. This year’s new venue, Dortmund, is located in the Ruhr area being the home to several research institutes such as Technical University Dortmund, Dortmund University of Applied Sciences and Arts, Max Planck Institute und Fraunhofer Institute. Prior to the conference DECOIT^® GmbH took part in reviews and the technical committee. The virtual format of the conference was a great success: 270 authors from 23 countries handed in 90 contributions of which 67 % were accepted. The conference itself counted 76 participants from 17 countries, though the majority came from Germany and Ukraine. 58 presentations were held in three different ways: live-, video- and poster-session. Thanks to the outstanding organization team of the Dortmund University of Applied Sciences and Arts there were no technical breakdowns so that the Symposium started and ended on time.

On the first day Dr. Daniel Mahrenholz from rt-solutions.de GmbH presented the GLACIER project in form of a poster session (see figure 2). The example was set in the field of industrial automation which is undergoing a paradigm shift from rigid structures to dynamically growing plants. Traditionally, industrial automation relies on wired communication connections, which however, represent a high-cost factor. There is a need here to establish cost-effective communication through wireless connections. However, there is a decisive difference between wireless and wired     connections. Wireless based communications  are  available  as  exposed  interfaces not only  to  authorized  communication  partners  but  also  to malicious attackers . It also shows that the security of industrial plants has not been given sufficient consideration in recent years. New types of research, for example by the search engine Shodan, illustrate the high risk that companies are facing if security is not taken into account from the outset. This shows the need for secure implementations of wireless communication in industrial environments.

An example attack scenario on wireless infrastructures in industrial environments is the use of rogue access points (AP).  Here, an attacker installs a wireless AP that pretends to be a valid AP of an existing industrial infrastructure. By sending deauthentication packages, the attacker can bring the victims wireless clients, like PLCs, HMIs or SCADA systems, to connect to the rogue AP. The usage of a wireless attack scenario allows the attacker to operate from a much higher distance without the need for directly accessing the plant. The SIEM system which is developed by the GLACIER project team is able to detect those rogue AP before they cause harm thus improving the infrastructure’s security. GLACIER is going to be suitable for both wired and wireless networks.

The second keynote by Prof. Dr. Kai-Oliver Detken (managing director of DECOIT^® GmbH) which started off the second day was about the security topic SIEM (GLACIER). During the last few years   companies and organizations were faced with an increase of IT security threats which led to compromising sensitive data, interruptions of daily operations and ultimately to financial damage. Meanwhile, attacks have become more diverse making it harder to recognize them. In order to contain these threats it is necessary to combine high qualified staff with sophisticated intrusion detection software connected to powerful hardware all of which is hard to implement especially for small and medium sized enterprises (SME).

In order to solve these problems the GLACIER project was initiated. Part of the project is a newly developed architecture which can be run as SIEM system within SME infrastructures. Aside from SIEM related tasks such as collection, normalization, enrichment and storage of network data, the main purpose of this system is the provision of data for advanced multidimensional analysis algorithms. These offer a novel possibility to reliably detect anomalies. The architecture can be implemented by solely using free and open source components. It is suitable for both information and operation technology.

The symposium was a good opportunity for the project partners to call attention to GLACIER and to exchange ideas with other scientists – even if only virtually.