Robert Koch

Forschung im Bereich Ein- und Ausbruchserkennung

Robert Koch

Dr. rer. nat. Dipl.-Inf. univ.

 

Wissenschaftlicher Mitarbeiter von Juli 2008 bis September 2011. Seit Oktober 2011

externer wissenschaftlicher Mitarbeiter am

Institut für Technische Informatik

E-Mail : Robert.Koch [at] unibw.de

 

 

Forschungsschwerpunkte

 

  • Cybersicherheit komplexer Systeme
  • Sicherheit von Netzen
  • Intrusion Detection mit den Aspekten Ein- und Ausbruchserkennung, Innentätererkennung sowie Detektion in verschlüsselten Netzen
  • Sicherheit bei Nutzung von COTS-Produkten
  • Sicherheit von ICSs
  • Verfahren der künstlichen Intelligenz
  • Visualisierung im Kontext von Netzsicherheit

 

Ausschreibungen

Nachfolgende Bachelor-/ Masterarbeiten sind derzeit zu vergeben. Bei Interesse, für weitere Informationen oder die Anfrage zusätzlicher Themen aus dem Bereich der IT-Sicherheit kontaktieren Sie mich bitte per Mail.

 

 

Bitte schauen Sie für weitere, aktuelle Ausschreibungen von mir auch auf die CODE-Homepage oder schreiben Sie mir eine Mail.

Veröffentlichungen

2017:

R. Koch, "Sicherheitsherausforderungen im Cyber- und Informationsraum," Crisis Prevention 1/2017, Sonderbeilage 31. AFCEA Fachausstellung.

R. Koch, "On the Future of Cybersecurity," 12th International Conference on Cyber Warfare and Security ICCWS, 2017.

V. Eiseler, R. Koch and G. D. Rodosek, "System Complexity Meets Decision Makers - A Framework for Level-Appropriate Information Processing," 12th International Conference on Cyber Warfare and Security ICCWS, 2017.

R. Koch, "Hunting Fake News: Automated Assessment System by Distributed News Analysis," poster presented at the 12th International Conference on Cyber Warfare and Security ICCWS, 2017. (Best Poster Award)

 

2016:

R. Koch, T. Kühn, M. Odenwald and G. D. Rodosek, "Dr. WATTson: Lightweight Current-Based Intrusion Detection (CBID)," in Privacy, Security and Trust (PST 2016), 14th Annual Conference on, 2016.

R. Koch, M. Golling, L. Stiemert and G. D. Rodosek, "Using Geolocation for
the Strategic Preincident Preparation of an IT Forensics Analysis
," IEEE Systems Journal, 10(4):1338–1349, Dec 2016.

M. Golling, R. Koch and G. D. Rodosek, "Fast, Trustworthy, Privacy-Aware Intrusion Detection in High-Speed Backbone Networks," in Research in Attacks, Intrusions and Defenses (RAID 2016), 19th International Symposium on, 2016.

R. Koch and G. D. Rodosek, ECCWS2016, Proceedings of the 15th European Conference on Cyber Warfare and Security. ACPIL, 2016. ISBN 9781910810934

R. Badonnel, R. Koch, A. Pras, M. Drašar, and B. Stiller, "Management and Security in the Age of Hyperconnectivity," 10th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2016, Vol. 9701, Springer, 2016.

R. Koch and M. Golling, "Weapons Systems and Cyber Security - A Challenging Union," in Cyber Conflict (CyCon), 8th International Conference
on, S. 191–203, NATO CCD COE, 2016.

M. Golling, R. Koch, and G. D. Rodosek, "Privacy-aware intrusion
detection in high-speed backbone networks-design and prototypical implementation of a multi-layered nids," in DFN-Forum Kommunikationstech-
nologien, ser. LNI. GI, 2016.

R. Koch, M. Golling, and G. D. Rodosek, "How Anonymous is the Tor Network? A Long-Term Black-Box Investigation," Cover Feature in IEEE Computer, Issue 3, March 2016. [PDF / Postprint]

 

2015:

M. Golling, R. Koch, P. Hillmann, V. Eiseler, L. Stiemert, and A. Rekker, "On the Evaluation of Military Simulations: Towards A Taxonomy of Assessment Criteria," in Military Communications and Information Systems (MilCIS) Conference, IEEE, 2015.

R. Koch, M. Golling, and G. D. Rodosek, “Disequilibrium: Tor’s Exit Node Selection Under the Stereoscope,” in 2015 IEEE International Symposium on Recent Advances of Trust, Security and Privacy in Computing and Communications (RATSP), 2015.

M. Golling, R. Koch, L. Stiemert, F. Tietze, V. Eiseler, and G. D. Rodosek, “A Decentralized Framework for Geolocation-based Pre-Incident Network Forensics,” in 7th International Symposium on Cyberspace Safety and Security (CSS 2015), IEEE, 2015.

M. Golling, R. Koch, F. Tietze, S. D. Hein, M. Kretzschmar, and G. D. Rodosek, “An Agent-based Framework for a Decentralized Reconstruction of Attack Paths,” in DFN- Forum Kommunikationstechnologien, ser. LNI, P. Müller, B. Neumair, H. Reiser, und G. D. Rodosek, Eds. GI, 2015.

R. Koch and M. Golling, “Blackout and Now? - Network Centric Warfare in an Anti-Access Area-Denial Theatre,” in Proceedings of the 7th International Conference on Cyber Conflict (CyCon), IEEE, 2015.

R. Koch, M. Golling, L. Stiemert, and G. D. Rodosek, “Using Geolocation for the Strategic Pre-Incident Preparation of an IT Forensics Analysis,” IEEE Systems Journal Special Issue On ”Traffic Forensics: Systems, Tools, and Experimentations”, IEEE, 2015,

 

2014

M. Golling, R. Koch, P. Hillmann, R. R. Hofstede, and F. Tietze, “YANG2UML: Bijective Transformation and Simplification of YANG to UML,” in Proceedings of the 10th International Conference on Network and Service Management (CNSM). IEEE, 2014.

R. Koch, M. Golling, and G. D. Rodosek, “Behavior-based Intrusion Detection in Encrypted Environments," in IEEE Communications Magazine, Network & Services Management Series, 2014.

R. Koch, M. Golling, and G. D. Rodosek, “Towards Comparability of Intrusion Detection Systems: New Data Sets,” in TERENA Networking Conference (TNC) - TNC2014, 2014.

M. Golling, R. Koch und L. Stiemert, “Architektur zur mehrstufigen Angriffserkennung in Hochgeschwindigkeits-Nackbone-Netzen,” in DFN- Forum Kommunikationstechnologien, ser. LNI, P. Müller, B. Neumair, H. Reiser, und G. D. Rodosek, Eds. GI, 2014.

R. Koch, M. Golling, and G. D. Rodosek, “Smart Defence: An Architecture for new Challenges to Cyber Security,” in DFN-Forum Kommunikationstechnologien, ser. LNI, P. Müller, B. Neumair, H. Reiser, und G. D. Rodosek, Eds. GI, 2014.

M. Golling, R. Koch, and G. D. Rodosek, “From Just-in-Time Intrusion Detection to Pro-Active Response by Means of Collaborated Cross- Domain Multilayered Intrusion Detection,” 2014, poster presented at the 9th International Conference on Cyber Warfare and Security ICCWS- 2014. (Best Poster Award)

M. Golling, R. Hofstede, and R. Koch, “Towards Multi-layered Intrusion Detection in High-Speed Backbone Networks,” in Proceedings of the 6th International Conference on Cyber Conflict (CyCon). IEEE, 2014.

R. Koch, M. Golling, and G. D. Rodosek, “Geolocation and Verification of IP-Addresses with Specific Focus on IPv6,” Journal of Communication and Computer, 2014.

R. Koch, M. Golling, and G. D. Rodosek, “Using Layer 1 Signal Analysis for the Supervision of COTS Products,” in 9th International Conference on Cyber Warfare and Security ICCWS-2014, 2014, pp. 1–4. (Certificate of Merit)

R. Koch, M. Golling, and G. D. Rodosek, “Towards Smart Network Defense,” 2014, poster presented at the 9th International Conference on Cyber Warfare and Security ICCWS-2014.

R. Koch, M. Golling, and G. D. Rodosek, “Applying Case-Based Reasoning to Intrusion Detection,” 2014, poster presented at the 9th International Conference on Cyber Warfare and Security ICCWS-2014.

 

2013

R. Koch, M. Golling, and G. D. Rodosek, “Geolocation and Verification of IP-Addresses with Specific Focus on IPv6,” in 5th International Symposium on Cyberspace Safety and Security (CSS 2013). Springer, 2013.

G. D. Rodosek, R. Koch, M. Golling, and D. Kergl, “Seminar Cyber Defense FT2013,” Universität der Bundeswehr München, Tech. Rep. 2013-02, 2013.

R. Koch, M. Golling, and G. D. Rodosek, “An Architecture for Supervising COTS Products,” in First IEEE Conference on Communications and Network Security (IEEE CNS 2013), 2013.

R. Koch, M. Golling, and G. D. Rodosek, “Attracting Sophisticated Attacks to Secure Systems: A new Honeypot Architecture,” in First IEEE Conference on Communications and Network Security (IEEE CNS 2013), 2013.

R. Koch, M. Golling, and G. D. Rodosek, “Advanced Geolocation of IP Addresses,” in International Conference on Communication and Network Security (ICCNS), 2013.

R. Koch, M. Golling, and G. D. Rodosek, “Evaluation of State of the Art IDS Message Exchange Protocols,” in International Conference on Communication and Network Security (ICCNS), 2013.

R. Koch and M. Golling, “Architecture for Evaluating and Correlating NIDS in Real-World networks,” in Proceedings of the 5th International Conference on Cyber Conflict (CyCon). IEEE, 2013.

M. Golling, R. Koch, P. Hillmann, and G. D. Rodosek, “Ganzheitliche Architektur zur Entwicklung und Analyse sicherheitskritischer Systeme und Anwendungen,” in 6. DFN-Forum Kommunikationstechnologien, Beiträge der Fachtagung, ser. LNI, vol. 217, Gesellschaft für Informatik (GI). GI, 2013.

 

2012

Koch, R., Dreo, G., “The Role of COTS Products in High Security Systems,” 4th International Conference on Cyber Conflict (CyCon), IEEE, 2012.

Koch, R., Stelte, B., Golling, M., “Attack Trends in Present Computer Networks,” 4th International Conference on Cyber Conflict (CyCon), IEEE, 2012.

Koch, R., Dreo, G., “Fast Network-Based Brute-Force Detection,” Eighth Advanced International Conference on Telecommunications (AICT), 2012.

 

2011

Koch, R., “Systemarchitektur zur Ein- und Ausbruchserkennung in verschlüsselten Umgebungen”, Dissertation, Universität der Bundeswehr München, 2011.

Koch, R., “Start Catching Up: Towards Next-Generation Intrusion Detection, GOVCERT.NL Symposium 2011: Decade of Challenges, 2011.

Koch, R., Holzapfel, D., Dreo, G., “Data Control in Social Networks,” Proceedings of the 5th International Conference on Network and System Security (NSS), IEEE, 2011.

Koch, R., “Towards Next-Generation Intrusion Detection,” Proceedings of the 3rd International Conference on Cyber Conflict (ICCC), IEEE, 2011.

Stelte, B., Koch, R., “Bot-Netz ohne Fritz - Ein Frühwarn- und Abwehrsystem für ISPs basierend auf in DSL-Routern platzierten Sensoren,” Sicherheit in vernetzten Systemen, 18. DFN Workshop, 2011.

 

2010

Stelte, B., Koch, R., Ullmann, M., “Towards integrity measurement in virtualized environments - A hypervisor based sensory integrity measurement architecture (SIMA),” International Conference on Technologies for Homeland Security (HST), IEEE, 2010.

Koch, R., Dreo, G., “User Identification in Encrypted Network Communications,” International Conference on Network and Service Management (CNSM), IEEE, 2010.

Koch, R., Dreo, G., “Security System for Encrypted Environments (S2E2),” Proceedings of the 13th International Conference on Recent Advances in Intrusion Detection (RAID), Springer Verlag, 2010.

Kretzschmar, M., Stelte, B., Koch, R., “Cyber Defence in Future Communication Networks – A Multilayer Security Architecture,” Poster at 6th Security Research Conference (Future Security 2010), 2010.

Koch, R., Dreo, G., “ Command Evaluation in Encrypted Remote Sessions,” Proceedings of th e 4th International Conference on Network and System Security (NSS), IEEE, 2010.

Stelte, B., Koch, R., “Absicherung von Xen-basierten Virtualisierungen – Selbstschutz durch den Einsatz von Sensoragenten,” 17. DFN CERT Workshop Sicherheit in vernetzten Systemen, C. Paulsen (Ed.), 2010.

 

2009

Koch, R., “Changing Network Behavior,” Proceedings of the 3rd International Conference on Network and System Security (NSS), IEEE, 2009.

Koch, R., Dreo, G., “Fast Learning Neural Network Intrusion Detection System,” Proceedings of the 3rd International Conference on Autonomous Infrastructure, Management and Security: Scalability of Networks and Services, Springer-Verlag, 2009.

U. Helmbrecht, G. D. Rodosek, B. Stelte und R. Koch, “Sichere und integre IT-Systeme, Universität der Bundeswehr München, Tech. Rep. 2009-2, 2009.