Further Information

Publications

• Landauer M., Skopik F., Frank M., Hotwagner W., Wurzenberger M., Rauber A. (2022): Maintainable Log Datasets for Evaluation of Intrusion Detection Systems. IEEE Transactions on Dependable and Secure Computing, forthcoming, IEEE.
• Skopik F., Wurzenberger M., Hoeld G., Landauer M., Kuhn W. (2022): Behavior-Based Anomaly Detection in Log Data of Physical Access Control Systems. IEEE Transactions on Dependable and Secure Computing, forthcoming, IEEE.
• Landauer M., Skopik F., Wurzenberger M., Rauber A. (2022): Dealing with Security Alert Flooding: Using Machine Learning for Domain-independent Alert Aggregation. [pdf] ACM Transactions on Privacy and Security, Volume 25, Issue 3. August 2022, pp. 1-36, ACM.
• Skopik F., Landauer M., Wurzenberger M. (2022): Blind spots of security monitoring in enterprise infrastructures: A survey. [pdf] IEEE Security & Privacy, Vol.20, Issue 6, pp. 18-26. IEEE.
• Skopik F., Landauer M., Wurzenberger M. (2022): Online Log Data Analysis With Efficient Machine Learning: A Review. [pdf] IEEE Security & Privacy, Vol.20, Issue 3, pp. 80-90. IEEE.
• Landauer M., Skopik F., Hoeld G., Wurzenberger M. (2022): A User and Entity Behavior Analytics Log Data Set for Anomaly Detection in Cloud Computing.2022 IEEE International Conference on Big Data – 6th International Workshop on Big Data Analytics for Cyber Intelligence and Defense (BDA4CID 2022), December 17-20, 2022, Osaka, Japan. IEEE.
• Landauer M., Frank M., Skopik F., Hotwagner W., Wurzenberger M., Rauber A. (2022): A Framework for Automatic Labeling of Log Datasets from Model-driven Testbeds for HIDS Evaluation. ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (ACM SaT-CPS 2022), April 27, 2022, Baltimore, MD, USA. ACM.
• Kern M., Skopik F., Landauer M., Weippl E. (2022): Strategic selection of data sources for cyber attack detection in enterprise networks: A survey and approach. The 37th ACM/SIGAPP Symposium On Applied Computing (ACM SAC 2022), April 25-29, 2022, Virtual Conference. ACM.
• Skopik F., Wurzenberger M., Landauer M. (2021): The Seven Golden Principles of Effective Anomaly-Based Intrusion Detection. [pdf] IEEE Security & Privacy, Vol.19, Sept./Oct. 2021, pp. 36-45. IEEE.
• Landauer M., Höld G., Wurzenberger M., Skopik F., Rauber A. (2021): Iterative Selection of Categorical Variables for Log Data Anomaly Detection. The 26th European Symposium on Research in Computer Security (ESORICS 2021), October 04-08, 2021, virtual. Springer.
• Landauer M., Skopik F., Wurzenberger M., Hotwagner W., Rauber A. (2021): Have It Your Way: Generating Customized Log Data Sets with a Model-driven Simulation Testbed. IEEE Transactions on Reliability, Vol.70, Issue 1, pp. 402-415. IEEE.
• Landauer M., Skopik F., Wurzenberger M., Rauber A. (2020): System Log Clustering Approaches for Cyber Security Applications: A Survey. [pdf] Elsevier Computers & Security Journal, Volume 92. May 2020, pp. 1-17. Elsevier.
• Wurzenberger M., Höld G., Landauer M., Skopik F., Kastner W. (2020): Creating Character-based Templates for Log Data to Enable Security Event Classification. 15th ACM ASIA Conference on Computer and Communications Security (ACM Asia CCS), October 05-09, 2020, Taipei, Taiwan. ACM.
• Wurzenberger M., Landauer M., Skopik F., Kastner W. (2019): AECID-PG: A Tree-Based Log Parser Generator To Enable Log Analysis. 4th IEEE/IFIP International Workshop on Analytics for Network and Service Management (AnNet 2019) in conjunction with the IFIP/IEEE International Symposium on Integrated Network Management (IM), April 8, 2019, Washington D.C., USA. IEEE.
• Landauer M., Wurzenberger M., Skopik F, Settanni G., Filzmoser P. (2018): Time Series Analysis: Unsupervised Anomaly Detection Beyond Outlier Detection. 14th International Conference on Information Security Practice and Experience (ISPEC), September 25-27, 2018, Tokyo, Japan. Springer LNCS.
• Wurzenberger M., Skopik F., Settanni G., Fiedler R. (2018): AECID: A Self-learning Anomaly Detection Approach Based on Light-weight Log Parser Models. 4th International Conference on Information Systems Security and Privacy (ICISSP 2018), January 22-24, 2018, Funchal, Madeira – Portugal. INSTICC
• Landauer M., Wurzenberger M., Skopik F., Settanni G., Filzmoser P. (2018): Dynamic Log File Analysis: An Unsupervised Cluster Evolution Approach for Anomaly Detection. [pdf] Elsevier Computers & Security Journal, Volume 79. November 2018, pp. 94-116. Elsevier.
• Wurzenberger M., Skopik F., Landauer M., Greitbauer P., Fiedler R., Kastner W. (2017): Incremental Clustering for Semi-Supervised Anomaly Detection applied on Log Data. 12th International Conference on Availability, Reliability and Security (ARES), August 29 – September 01, 2017, Reggio Calabria, Italy. ACM.
• Wurzenberger M., Skopik F., Fiedler R., Kastner W. (2017): Applying High-Performance Bioinformatics Tools for Outlier Detection in Log Data. 3rd IEEE International Conference on Cybernetics (CYBCONF) (CYBCONF), June 21-23, 2017, Exeter, UK. IEEE.
• Wurzenberger M., Skopik F., Fiedler R., Kastner W. (2016): Discovering Insider Threats from Log Data with High-Performance Bioinformatics Tools. 8th ACM CCS International Workshop on Managing Insider Security Threats (MIST 2016) colocated with the 23rd ACM Conference on Computer and Communications Security (CCS), October 24-28, 2016, Vienna, Austria. ACM.
• Wurzenberger M., Skopik F., Settanni G., Scherrer W. (2016): Complex Log File Synthesis for Rapid Sandbox-Benchmarking of Security- and Computer Network Analysis Tools. [pdf] Elsevier Information Systems (IS), Volume 60, Aug./Sept. 2016, pp. 13-33. Elsevier.
• Friedberg I., Skopik F., Settanni G., Fiedler R. (2015): Combating Advanced Persistent Threats: From Network Event Correlation to Incident Detection [pdf]. Elsevier Computers & Security Journal, Volume 48, pp. 35-57. Elsevier.
• Skopik F., Friedberg I., Fiedler R. (2014): Dealing with Advanced Persistent Threats in Smart Grid ICT Networks. 5th IEEE Innovative Smart Grid Technologies Conference, February 19-22, 2014, Washington DC, USA.
• Skopik F., Fiedler R. (2013): Intrusion Detection in Distributed Systems using Fingerprinting and Massive Event Correlation. Jahrestagung der Gesellschaft für Informatik e.V. (GI) (INFORMATIK 2013), September 16-20, 2013, Koblenz, Germany. GI.

Patents

• Landauer M., Skopik F., Wurzenberger M. (2019): EP19153037.7 – Method for detecting anormal operating states) (“Time Series Analysis EP”), European Patent pending, January 2019.
• Wurzenberger M., Landauer M., Skopik F., Fiedler R. (2018): A50461/2018 – Verfahren zur Charakterisierung des Zustands eines Computersystems (“Grammatikerkennung AT”), Austrian Patent pending, June 2018.
• Wurzenberger M., Skopik F. (2018): EP18160444.8 – Method for detecting normal operating states in a working process (“Maschinendatensaetze EP”), European Patent pending, March 2018.
• Landauer M., Skopik F., Wurzenberger M. (2018): A50156/2018 – Verfahren zur Erkennung von anormalen Betriebszuständen (engl.: Method for detecting anormal operating states) (“Time Series Analysis AT”), Austrian Patent pending, February 2018.
• Fiedler R., Skopik F., Wurzenberger M. (2017): EP3267625 – Method for detecting anomolous states in a computer network (“Bioclustering EP”), European Patent granted, September 2018.
• Wurzenberger M., Skopik F. (2017): A50233/2017 – Verfahren zur Erkennung des normalen Betriebszustands eines Arbeitsprozesses (engl.: Method for detecting normal operating states in a working process) (“Maschinendatensaetze AT”), Austrian Patent pending, March 2017.
• Fiedler R., Skopik F., Wurzenberger M. (2016): A50601/2016 (AT 518.805) – Verfahren zur Detektion von anomalen Zuständen in einem Computernetzwerk (engl.: Method for detecting anomolous states in a computer network) (“Bioclustering AT”), Austrian Patent granted, May 2018.
• Skopik F., Fiedler R. (2016): EP 1416597.2-1853 – Method for detecting deviations from a given standard state, June 2016.
• Skopik F., Fiedler R. (2013): A50292/2013 (AT 514.215) – Verfahren zur Feststellung von Abweichungen von einem vorgegebenen Normalzustand, April 2013.)

Datasets

• Landauer M., Skopik F., Hoeld G., Wurzenberger M. (2022): Cloud-based User Entity Behavior Analytics Log Data Set [Data set]. Zenodo, 2022. https://doi.org/10.5281/zenodo.7119952
  
• Soro F., Landauer M., Skopik F., Hotwagner W., Wurzenberger M. (2022): AIT Netflow Data Set [Data set]. Zenodo, 2022. https://doi.org/10.5281/zenodo.6610489
  
• Landauer M., Skopik F., Frank M., Hotwagner W., Wurzenberger M., Rauber A. (2022): AIT Log Data Set V2.0 (Version v2_0) [Data set]. Zenodo, 2022. https://doi.org/10.5281/zenodo.5789064
  
• Landauer M., Frank M., Skopik F., Hotwagner W., Wurzenberger M., Rauber A. (2021): Kyoushi Log Data Set [Data set]. Zenodo, 2021. https://doi.org/10.5281/zenodo.5779410
  
• Landauer M., Skopik F., Wurzenberger M., Hotwagner W., Rauber A. (2020): AIT Log Data Set V1.1 (Version v1_1) [Data set]. Zenodo, 2020. https://doi.org/10.5281/zenodo.4264796
  
• Landauer M., Skopik F., Wurzenberger M., Hotwagner W., Rauber A. (2020): AIT Log Data Set V1.0 (Version v1_0) [Data set]. Zenodo, 2020. https://doi.org/10.5281/zenodo.3723083

Downloads

•  Debian Package AMiner
•  GitHub AMiner