Kevin Lamshöft

Kevin Lamshöft
Otto-von-Guericke-Universität Magdeburg | OvGU · Department of Technical & Operational Information Systems (ITI)

Master of Science

About

24
Publications
2,757
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
83
Citations
Citations since 2016
24 Research Items
82 Citations
2016201720182019202020212022010203040
2016201720182019202020212022010203040
2016201720182019202020212022010203040
2016201720182019202020212022010203040
Introduction
Hi! I am northern-germany based cyber security researcher and PhD student at the Otto-von-Guericke University in Magdeburg, Germany. In my research I mainly focus on cyber security and digital forensics in Industrial Control Systems (ICS) and Cyber-Physical Systems (CPS) and investigate highly-targeted, stealthy attacks using steganographic methods e.g., network covert channels.

Publications

Publications (24)
Preprint
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Conference Paper
Full-text available
The graded approach of the IAEA NSS 17-T, in conjunction with highly restricted and deterministic traffic in a computer network, increases the importance of Information Hiding (IH) technologies for attackers. Thus, it is necessary to provide detection mechanisms and resilience against IH in the architectural designs. We reflect hidden communication...
Preprint
Full-text available
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Preprint
A unified understanding of terms and their applicability is essential for every scientific discipline: steganography is no exception. Being divided into several domains (for instance, text steganography, digital media steganography, and network steganography), it is crucial to provide a unified terminology as well as a taxonomy that is not limited...
Article
Full-text available
In this paper we perform a threat analysis for a covert Command and Control (C2) channel using port scans as cover and syslog as carrier for data infiltration. We describe a theoretical threat scenario in which an adversary makes use of known covert channels in TCP and DNS, and propose a novel method for hiding information in TCP ports scans and th...
Article
Full-text available
Synchronized clocks are vital for most communication scenarios in networks of Information Technology (IT) and Operational Technology (OT). The process of time synchronisation requires transmission of high-precision timestamps often originating from external sources. In this paper, we analyze how time synchronization protocols impose a threat by bei...
Conference Paper
Full-text available
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...
Conference Paper
Full-text available
Covert channels in network protocols are a technique aiming to hide the very existence of secret communication in computer networks. In this work we present a systematic in-depth analysis of covert channels by modification for the Network Time Protocol (NTP). Our analysis results in the identification of 49 covert channels, by applying a covert cha...
Preprint
Full-text available
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, text steganography, cyber-physical systems steganography, network steganography (network covert channels), local covert channels, and out-of-band cove...
Conference Paper
Nuclear power plants (NPPs) are implementing or transitioning to digital instrumentation and control (I&C) systems to control underlying physical processes. Such systems present an attack surface of obvious interest to various subsets of potential attackers and hence lead to a relevance of cybersecurity in a nuclear context. This prompts the need f...
Article
Full-text available
Most search engines provide search suggestions and autocompletion mechanisms based on the partially typed search string. In order to implement such functionality, frequent requests are being sent to the search engine provider. Recent publications show that there is a risk that the user can be identified by observing the TLS encrypted traffic and an...
Conference Paper
Full-text available
This paper discusses the possibility to perform a forensic behavior analysis on the network recordings of video conferences in order to identify different activities taking part during such conferencing. This behavior analysis is based on the audio-and video streams of such software. While the connections are usually encrypted, the possibility of u...
Article
Full-text available
Nowadays, there are a lot of defense mechanisms to secure IT-systems against Cyber attacks. Thus, Cyber attacks have to be more sophisticated than they used to be in order to stay undetected as long as possible and to bypass defense mechanisms. As a result, current threats frequently use steganographic techniques to hide malicious functions in a ha...
Article
Full-text available
Abstract A feature of search engines is prediction and suggestion to complete or extend input query phrases, i.e. search suggestion functions (SSF). Given the immediate temporal nature of this functionality, alongside the character submitted to trigger each suggestion, adequate data is provided to derive keystroke features. The potential of such bi...
Article
Full-text available
Recent findings in research on malware threats indicate an increasing use of information hiding techniques as a novel approach for compromising IT-Systems by using covert functions and hidden channels. Especially in the context of covert intrusion and data exfiltration, networks of Industrial Control Systems (ICS) are a valuable target for informat...
Article
Embedded systems form the foundation for most electronic systems in our everyday environment. Complex systems of embedded systems, usually connected via communication buses, are fundamental for a broad range of applications like industrial control systems (ICS) or transportation. While the complexity of these systems of systems is ever increasing,...
Conference Paper
Der fortschreitende Wandel von isolierten IT-Systemen, Netzwerken und Produktionsanlagen hin zu komplexen Verbünden von interagierenden Industrie 4.0 Umgebungen führt zu neuen Herausforderungen u.a. im Bereich der IT-Sicherheit. Durch Vernetzung komplexer, heterogener Systemlandschaften vergrößert sich die Angriffsfläche und es ergeben sich erweite...
Conference Paper
Modern cars areveryc omplex systems operating in adiverse environment. Todaythey incorporate an internal networkc onnectinga na rrayofa ctuators ands ensors to ECUs (Electronic Control Units) which implement basic functions anda dvanced driver assistance systems. Opening thesenetworks to outsidecommunication channels (like Car-to-X-communication) n...
Conference Paper
Modern cars are very complex systems incorporating an internal network of connecting an array of actuators and sensors to ECUs (Electronic Control Units), which implement basic functions and advanced driver assistance systems. Opening these networks to outside communication channels (like Car-to-X-communication) new possibilities but also new attac...

Network

Cited By

Projects

Projects (4)