CRJan 20, 2021
Epidemic? The Attack Surface of German Hospitals during the COVID-19 PandemicJohannes Klick, Robert Koch, Thomas Brandstetter
In our paper we analyze the attack surface of German hospitals and healthcare providers in 2020 during the COVID-19 Pandemic. The analysis looked at the publicly visible attack surface utilizing a Distributed Cyber Recon System, utilizing distributed Internet scanning, Big Data methods and scan data of 1,483 GB from more than 89 different global Internet scans. From the 1,555 identified German clinical entities, security posture analysis was conducted by looking at more than 13,000 service banners for version identification and subsequent CVE-based vulnerability identification. Primary analysis shows that 32 percent of the analyzed services were determined as vulnerable to various degrees and 36 percent of all hospitals showed numerous vulnerabilities. Further resulting vulnerability statistics were mapped against size of organization and hospital bed count.
SEMay 7, 2020
YANG2UML: Bijective Transformation and Simplification of YANG to UMLMario Golling, Robert Koch, Peter Hillmann et al.
Software Defined Networking is currently revolutionizing computer networking by decoupling the network control (control plane) from the forwarding functions (data plane) enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. Next to the well-known OpenFlow protocol, the XML-based NETCONF protocol is also an important means for exchanging configuration information from a management platform and is nowadays even part of OpenFlow. In combination with NETCONF, YANG is the corresponding protocol that defines the associated data structures supporting virtually all network configuration protocols. YANG itself is a semantically rich language, which -- in order to facilitate familiarization with the relevant subject -- is often visualized to involve other experts or developers and to support them by their daily work (writing applications which make use of YANG). In order to support this process, this paper presents an novel approach to optimize and simplify YANG data models to assist further discussions with the management and implementations (especially of interfaces) to reduce complexity. Therefore, we have defined a bidirectional mapping of YANG to UML and developed a tool that renders the created UML diagrams. This combines the benefits to use the formal language YANG with automatically maintained UML diagrams to involve other experts or developers, closing the gap between technically improved data models and their human readability.