The research project „Software Security Surveillance“ is part of the research in security monitoring and intrusion detection of the chair of Prof. Dr. Chirstoph Meinel. The goal is the development of high quality surveillance and correlation algorithms to improve the security of the SAP software NetWeaver by analyzing log events.
Within this project, the SAP NetWeaver suite will be analyzed in terms of logging capabilities and attack scenarios. A mapping between possible log events and attack scenarios will be designed and powerful correlation algorithms will be developed. The quality of these algorithms will be analyzed based on experiments with real attacks on SAP software systems. Log recommendations will be used to improve the quality of the correlation algorithms.
The developed algorithms will be implemented using HANA, an in-memory database technology developed by SAP. The final evaluation of the results will be done with the implemented prototypes in real attack scenarios.