Secure and Efficient Internet Operation

This research area directed by Dr. Elmar Gerhards-Padilla includes activities aiming at a more secure and a more efficient operation of network components inside the Internet or of systems attached to the Internet. The basic principle of these activities is a systematic approach to the detection of threats and shortcomings and – where possible – to healing mechanisms. Due to the real-world orientation, technical and mathematical/theoretical issues are accompanied by legal and economical aspects which can only be successfully addressed in close co-operation with government agencies or institutions.

Special Topics

The Conficker worm has infected several million computers since it first started spreading in late 2008 but attempts to mitigate Conficker have not yet proved very successful. Together with the renowned Honeynet Project we developed several methods to contain Conficker and published our findings in a technical paper. The publication and reports about our Conficker network scanner raised quite some media attention.

We have put together a dedicated page that contains all our research findings about Conficker, intrusion detection signatures, a link to our online infection test, all tools we have developed (including source code) etc.

We have been able to help several sites to identify and clean Conficker machines in their network. It turned out that the methods developed against the virus allow for reliable identification, removal and also preventive protection of other systems.

Related Teaching

Each summer term, we offer a lecture “network security” which is related to this field. We also offer labs, project groups and seminars, a "Malware Bootcamp" and Training for Professionals.

More links to news agencies, journals, broadcasting stations, etc reporting on our activities are available >>> here.

 

For further information please contact: SEIO@REMOVETHISPART.cs.uni-bonn.de