10.01.2018
German-Israeli Partnership Accelerator presents new ideas and solutions in Cybersecurity
Verification of Cloud Services, Internet Security and Protection of Spam and DoS attacks: Cyersecurity premiere of HIPA - Hessian-Israeli Partnership Accelerator
The first round of the Hessian-Israeli Partnership Accelerator (HIPA) ended on January 9th with the presentation of new cybersecurity developments. At the final event at the Hessian State Representation in Berlin, the participating project teams presented new approaches to the quality control of cloud services, the security of Internet infrastructures, and the prevention of spam attacks and denial of service attacks on e-mail accounts. HIPA is the first and only German-Israeli accelerator focusing on cybersecurity. The project teams consist of cybersecurity talents from both countries, solving important problems of daily business life. The Accelerator thus combines startup culture with the strengths of the cyber nation Israel and German applicated research in cybersecurity. The program is a joint activity of the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt and the Hebrew University in Jerusalem; the next round will start in the second half of 2018. Further information at www.cybertech.fraunhofer.de, applications are open now.
Innovative Security Solutions
Research partners of the first round were Allianz and Cisco, who also participated in the final evaluation of the project's results. The award for the best project team went to „Routing Security Against Prefix Hijacks“, a solution to make Internet infrastructures more secure: Routers governing Internet traffic are often vulnerable, as many network operators still use an unsecured routing protocols. The winning team therefore developed a solution to make routing between large parts of the Internet more secure. The tool helps to identify and fend off so-called prefix or BGP hijacks. With this type of attack, assailants hijack a specific range of IP addresses, gaining control over some of the Internet traffic. Attackers can eavesdrop on or alter the traffic, and redirect it, so that it does not arrive at its actual destination. However, it is also common that data traffic is inadvertently redirected due to a subnet misconfiguration. The tool can distinguish whether it is an attack or a misconfiguration. The solution will avert an attack, and in the case of a wrong configuration, assistance can be provided to the responsible administrator. An attack is averted by the solution, with a wrong configuration, one can assist the responsible network administrator. In the future the solution will be used by RIPE, which is coordinating the allocation of the European IP addresses.
One project team developed a quality check for cloud services. With this evaluation tool, a cloud provider's service offer can be automatically checked and evaluated: Will all my data packages arrive in the cloud? How long does it take? And are there bottlenecks on the way there? Users now have an independent testing tool for their cloud services at their fingertips.
The project team "superPHISHal" has been working on the quality control of spam filters: the security experts developed a solution that checks whether the various filter mechanisms for spam protection are set correctly and how many filter setups are faulty. superPHISHal can calculate the effects of the incorrect settings ("how much less spam mails would I get with a proper setup?") and automatically correct those incorrect settings. This significantly increases the accuracy and minimizes the risk of mails inadvertently classified as spam.
The fourth project team dealt with botnet-based attacks on email inboxes, so called email bombs: botnets register the victim's email address on newsletters and registration pages. Such a DoS attack can flood an email inbox with thousands of unwanted emails within minutes, so that the owner of the mailbox is not able to work with it anymore. The difficulty with this attack is to automatically distinguish wanted from unwanted email, because a newsletter is not per se spam. The HIPA participants first examined the attacks: which botnets are used, where are they located and which parts of the internet do attackers use. In addition, they looked at the victims of such attacks: which organizations were attacked in which countries. The team's solution developed during the startup accelerator will be able to ward off DoS attacks on email inboxes and filter out unwanted mail.
Prof. Asher Cohen, President of the Hebrew University of Jerusalem: "The Hebrew University of Jerusalem is proud to be a partner in the HIPA program. This program bridges the gap in cyber security between markets' needs and academia's knowledge and know-how. This program, a collaboration between Fraunhofer SIT and The Hebrew University in Jerusalem, exposes participants to both worlds and enables them to bring new ideas to this growing sector. We hope this partnership will lead to additional collaborations in the near future."
Lucia Puttrich, Hessian Minister of European and Federal Affairs: "The digitization of all areas of business and life offers great opportunities. But it also involves new risks. According to the European Commission, there were more than 4,000 blackmail Trojan attacks per day in 2016, and 80 per cent of European companies faced at least one cybersecurity incident. That's why cybersecurity is a cornerstone of our digitization strategy. Hesse is at the forefront of German cybersecurity, with the Hesse state government launching the extensive Cybersicherheit@Hessen agenda at an early stage. I am very pleased that the cooperation between the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt and the Hebrew University in Jerusalem has come about. Israel is a global leader in cybersecurity issues, and exchanges with scientists and creative minds from Hesse will be fruitful for both sides."
"Cybersecurity is the basic prerequisite for digitalization. Whether it is in automotive, production or critical infrastructures - digitalization cannot be successful without confidence in the safety and security of new technologies," said Prof. Reimund Neugebauer, President of the Fraunhofer-Gesellschaft."With our German-Israeli Accelerator, we combine the strengths of Israel as a cybernation with the excellent and application-oriented research of Fraunhofer."