Modern networks keep growing in complexity and are rather dynamic by nature. On the other hand, due to legal requirements on information security, appro-priate protective measures have to be identified, im-plemented, sustained, enforced and documented. To this end, network administrators are confronted with the effortful task of gaining an overview over their net-work, dividing the communicating devices into mean-ingful groups and tracking changes. Hitherto existing research approaches usually suffer from a lack of readily available and used domain knowledge, fail to obtain acceptance of the derived device classes from the users or require either active network scans or agents running on managed devices. In our approach, this classification shall be guided by the pre-specified technical and infrastructural aspects of a methodol-ogy for information security management systems, namely the modules of the German IT Basic Protec-tion, and achieved by passive observation of the net-work traffic. This paves the way to a continuous con-trol over the network.

Authors: Stephan Schwinger, Alexandra Meyer, Arnold Krille

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2023)

  • Date of Conference: 13-15 November 2023
  • DOI: 10.20533/ICITST.2023.0006
  • ISBN: 978-1-913572-63-1
  • Conference Location: St Anne’s College, Oxford University, UK