Lehrstuhl
Hasso-Plattner-Institut
 
    • de
Hasso-Plattner-Institut
Prof. Dr. Christoph Meinel
 

schließen

schließen

schließen

schließen

schließen

schließen
  1. HOME
  2.  > Security Eng
  3.  > Security Analytics

Overview

Recent trends show an increasing frequency and complexity of attacks in Corporate Networks or IT systems. This happens due to constantly increasing number of new computer systems, services, development of the Internet of Things, growth of the mobile and wireless communications. All these trends make the protection of computer networks more complicated. The analysis of a single system is often not enough to detect all vulnerabilities since the majority of prevalent weaknesses result from the interaction of multiple systems. Additionally, attackers are harder to be identified because they are performing more targeted attacks and use ever more sophisticated methods and hacking tools. A modern security system must be prepared against these challenges and must fulfill stringent requirements for high security of its IT-Infrastructure.

Research Topics

  • Big Security Data Analytics Architectures (Pipelines)
  • High Performance Event Stream Processing with Deep Normalization and Fast Persistence
  • Enhanced Threat Intelligence Platform
  • Real-time Signature/Pattern Matching and Correlation
  • Advanced Analytical Approaches:
    • Automated and Comprehensive Correlations - Beaconing Detection, Multiple-source Statistical Analysis, Ad-hoc Data Science, etc.
    • Machine Learning Analytics - K-Means based, K-NN based, Poisson- and negative Binomial based, as well as User Behaviour based Anormaly Detection, Hybrid Outlier Detection, etc
    • Efficient Graph-based Investigation - MalRank, Belief Propagation, Semi Supervised Learning, Random Walk with Restart, etc.
    • Attack Graph Workflow - Gathering information, constructing an Attack Graph, as well as visualizing and analyzing the graph are the three steps of the workflow
    • Visualization and Collaboration - Visualizing the correlation results and the security-relevant events in general is essential for an effective defense of sophisticated attacks.

Selection of Relevant Publications

  • P. Najafi, D. Köhler, F. Cheng, and Ch. Meinel
    NLP-based Entity Behavior Analytics for Malware Detection,
    in Proceedings of the 40th IEEE International Performance Computing and Communications Conference (IPCCC'21), IEEE Press, October 28-30, 2021, Austin, Texas, USA (Short Paper, Online)
  • P. Najafi, F. Cheng, and Ch. Meinel
    SIEMA: Bringing Advanced Analytics to Legacy Security Information and Event Management,
    in Proceedings of  the17th EAI International Conference on Security and Privacy in Communication Networks (SecureComm'21), September 6-9, 2021, Canterbury, UK (Online)
  • P. Najafi, A. Muehle, W. Puenter, F. Cheng, and Ch. Meinel
    MalRank: A Measure of Maliciousness in SIEM-based Knowledge Graphs,
    in Proceedings of 2019 Annual Computer Security Applications Conference (ACSAC'19), ACM Press, December 9-13, 2019, San Juan, Puerto Rico
  • D. Jaeger, F. Cheng, and Ch. Meinel
    Accelerating Event Processing for Security Analytics on a Distributed In-Memory Platform,
    in Proceedings of the 16th IEEE Intl Conf on Dependable, Autonomic and Secure Computing (DASC'18) , IEEE Press, August 12-15, 2018, Athens, Greece
  • P. Najafi, A. Sapegin, F. Cheng, and Ch. Meinel
    Guilt-by-Association: Detecting Malicious Entities via Graph Mining,
    in Proceedings of the 13th EAI International Conference on Security and Privacy in Communication Networks (SecureComm'17), Springer LNICST 238, October 22-25, 2017 Niagara Falls, Canada
  • M. Gawron, F. Cheng, and Ch. Meinel
    Automatic Vulnerability Classification using Machine Learning,
    in Proceedings of the 12th International Conference on Risks and Security of Internet and Systems (CRITIS'17), Springer LNCS, September 19-21, 2017, Dinard, France (Best Paper Award)
  • M. Ussath, F. Cheng, and Ch. Meinel
    Enhanced Sinkhole System: Collecting System Details to Support Investigations,
    in Proceedings of the International Conference on Mobile, Secure and Programmable Networking (MSPN'17), Springer LNCS 10566, June 29-30, 2017, Paris, France
  • M. Ussath, D. Jaeger, F. Cheng, and Ch. Meinel
    Identifying Suspicious User Behavior with Neural Networks,
    in Proceedings of the 4th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud'17), IEEE Press, June 26-28, 2017, New York, USA)
  • M. Gawron, F. Cheng, and Ch. Meinel
    PVD: Passive Vulnerability Detection,
    in Proceedings of the International Conference on Information and Communication Systems (ICICS'17) , IEEE Press, April 4-6, 2017, Irbid, Jordan.
  • A. Sapegin, D. Jaeger, F. Cheng, and Ch. Meinel
    Towards a System for Complex Analysis of Security Events in Large-scale Networks.
    Computers & Security (COSE), Elsevier, 67 (6):16-34, 2017.
  • A. Sapegin, M. Gawron, D. Jeager, F. Cheng, and Ch. Meinel
    Evaluation of In-Memory Storage Engine for Machine Learning Analysis of Security Events,
    Journal of Concurrency and Computation: Practice and Experience (CCPE), Wiley Blackwell, 29(2), 2017.
  • A. Azodi, F. Cheng, and Ch. Meinel
    Event Driven Network Topology Discovery and Inventory Listing using REAMS,
    International Journal of Wireless Personal Communications (JoWPS), Springer,  94(3):415-430, 2017 .
  • D. Jaeger, H. Graupner, Ch. Pelchen, F. Cheng, and Ch. Meinel
    Fast Automated Processing and Evaluation of Identity Leaks,
    Internetional Journal of Parallel Programming (ICPP), Springer, 44(6), 2016.
  • F. Cheng, A. Azodi, D. Jaeger, Ch. Meinel
    Multi-Core Supported High Performance Security Analytics,
    Proc. of the 13th IEEE International Conference on Scalable Computing and Communication (ScalCom'13), Chengdu, China, December 20-22, 2013
  • S. Roschke, F. Cheng, and Ch. Meinel
    High Quality Attack Graph based IDS Correlation,
    Logic Journal of the IGPL (JIGPAL), Oxford University Press, 21(4), 2013.
  • F. Cheng, A. Azodi, D. Jaeger, Ch. Meinel
    Security Event Correlation Supported by Multi-Core Architecture,
    Proc. of the 3rd IEEE  International Conference on IT Convergence and Security (ICITS'13), Macau, China, December16-18, 2013

Deliverables

Team

  • Team leader: Prof. Dr. sc. nat., Dr.rer.nat. Christoph Meinel
  • Senior Researcher: Dr. rer. nat. Feng Cheng
  • Team members:
    • Pejman Najafi, MSc.
    • Seyed Ali Alhosseini, M.Sc.
    • Mehryar Majd, M.Sc.
    • Wenzel Pünter, M.Sc.
  • Former co-workers/PhD students, research students, and interns:
    • Dr. Sebastian Roschke (till Oct. 2012, now with Snap Inc.)
    • Dr. Amir Azodi (till Nov. 2015, now with DSGV)
    • Dr.-Ing. Martin Ussath (till Jul. 2017, now with Arvato Systems)
    • Dr.-Ing. David Jaeger (till Apr. 2019, now with Airbus Defence and Space)
    • Dr.-Ing. Marian Gawron (till Jun. 2019, now with DB Systel GmbH)
    • Dr. Andrey Sapegin (till Oct. 2019, now with Deutsche Telekom Technik GmbH, Berlin)
    • Chris Pelchen, MSc. (till Feb. 2022, now tith Stadt Brandenburg, Brandenburg)
    • Daniel Stelter-Glieset - MSc. Student (till Apr. 2017, now with Google Inc.)
    • Carl Ambroselli - Student Assistant (till Dec. 2014)
    • Richard Meissner - Student Assistant (till Jul. 2013)
    • Bjoern Groneberg - Student Assistant (till Sept. 2011)
    • Felix Leupold - Student Assistant (till Oct. 2010)
    • Martin Kreichgauer - Student (Masterprojekt)
    • Michael Frister - Student (Masterprojekt)
    • Florian Thomas - Student (Masterprojekt)

Other Links

... to our Research
              Security Engineering - Learning & Knowledge Tech - Design Thinking - former
... to our Teaching
              Tele-Lectures - MOOCs - Labs - Systems 
... to our Publications
              Books - Journals - Conference-Papers - Patents
... and to our Annual Reports.

Kontakt

Du möchtest mit uns in Austausch treten, oder hast andere Fragen? Schicke uns gern eine Mail an sec-eng-webadmin(at)hpi.de

News!

Juli 2022

HPI Cybersicherheitskurse für deutsch-chinesische Sommerschule der Universität Nanjing

Das HPI unterhält seit mehr als zwei Jahrzehnten enge Beziehungen zu bekannten chinesischen Universitäten und hat bereits 2011 eine eigene HPI Research School an der Universität Nanjing eröffnet. Im Rahmen einer interdisziplinären Sommerschule der Universität Nanjng bot das HPI vom 5. bis 7. Juli 2022 speziell eine Lecture Series zum Thema Cybersicherheit an.

 

Juni 2022

Ankündigung: Kostenloser Onlinekurs "Tatort Internet: Auflage 2022" startet im Oktober! im Kurs stellen Prof. Dr. Ch. Meinel und das Security-Team aktuelle und grundlegende Themen der Internetsicherheit vor! Melden Sie sich bereits heute an, um den Kursstart nicht zu verpassen!

 

Mai 2022

openHPI-Kurs: Cloud Computing durchgeführt von Prof. Meinel, Hendrik Steinbeck und Daniel Köhler. Neben der grundlegenden Funktionsweise des Cloud-Computings und der Enabler-Technologien steigt der Kurs auch in Risiken und Verantwortungen beim CC ein.

Nachtrag: Der Kurs ist abgeschlossen, aber die Lehrinhalte sind weiterhin im Selbststudium verfügbar!

 

März 2022

DDoS-Angriffe: Was sie sind und wie sie funktionieren

Der Krieg zwischen Russland und der Ukraine findet nicht mehr nur im physischen Raum statt. Die Cyberkriegsführung mit Angriffen auf gegnerische Systeme spielt für beide Seiten eine wichtige Rolle. Um der Ukraine zu helfen, startete die Online-Aktivisten-Gruppe Anonymous im Februar 2022 einen Aufruf, sich an DDos-Attacken gegen Russland zu beteiligen. Im Interview erklärt Daniel Köhler, was DDoS-Attacken sind, was ihr Ziel ist und ob man gegen sie vorgehen kann.

 

Januar 2022

Im Januar ist eine Wiederholung unserer englischsprachigen Cybersicherheits-Reihe auf openHPI mit dem Kurs Confidential Communication in the Internet gestartet.

Werde Teil unseres Teams!

Lehre

Sommersemester 2024

Wintersemester 2023/44

  • Bachelor Seminar: Big Data Security Analytics
  • Master Seminar: Network Security in Practice
  • Master Project
    • Towards Red Team Exercising

Team

  • Supervisor: Prof. Dr. sc. nat., Dr. rer. nat. Christoph Meinel
  • Head & Senior Researcher: Dr. rer. nat. Feng Cheng
  • PostDoc/PhD Students/Research Assistants:
    • Dr.-Ing. Pejman Najafi
    • Eric Klieme, M.Sc.
    • Alexander Mühle, M.Sc.
    • Daniel Köhler, M.Eng.
    • Mehryar Majd, M.Sc.
    • Farzad Motlagh, M.Sc.
    • Mehrdad Hajizadeh, M.Sc. (Visiting PhD Student, TU Chemnitz)
    • Dominic Schaa (Master student assistant)
    • Jonas Schmitz (ongoing Master thesis)
    • Lars Prepens (ongoing Master thesis)
    • Lieven Leue (ongoing Master thesis)
    • Mohamed Budagow (ongoing Master thesis)
  • External PhD Students: 
    • Hendrik Graupner M.Sc. (with Bundesdruckerei GmbH)
    • Kennedy Torkura, M.Sc. (external, Mitigant GmbH, Potsdam)
    • Kaja Schmidt, M.Sc. (with European Commision)
  • Former Team Members