How can you recognise a cyber-attack? Which vulnerabilities are targeted in particular? How can devices and systems be better protected?
The Hacking Lab project provides a safe, controlled and real-time environment in which to simulate, monitor and evaluate real cyber attacks. Together with two of his students, inIT professor Henning Trsek is collaborating closely with the project's partner company, rt-solutions GmbH. The cyber security consulting firm is providing the project with premises, as well as the necessary technical and infrastructural equipment.
One of the project's goals is to provide students with an in-depth understanding of current threat scenarios and prepare them for the specific challenges of cyber security by giving them practical experience in attack detection, IT forensics, and system monitoring. The data collected comes from targeted, staged attacks on devices and systems, some of which are real and provided by regional companies, which makes this project particularly exciting. According to Prof. Dr. Henning Trsek, this provides a real-world connection that links theory and reality: ‘Through active involvement in the development process of the hacking lab, students not only link theory and practice, but also develop proven knowledge about the real challenges of cyber security – from attack detection to the implementation of tailored protective measures.’
This, in turn, directly benefits the project partner, RT-Solutions GmbH: the security insights gained in the hacking lab feed directly into the security specialist's range of services and consulting offerings, helping to continuously improve the security maturity levels of its customers' systems. Contact with tomorrow's specialists is also a great benefit for the company: 'The direct exchange with students is particularly valuable for us,' says Dr Daniel Mahrenholz. ‘It allows us to get to know talented individuals at an early stage and select the best candidates.’
The project focuses on two central subtasks:
Open honeypot – welcome attacks!
In a controlled system, targeted attacks from outside are provoked and documented on the honeypot. A honeypot is a deliberately vulnerable system or software environment designed to attract cyber-attackers. Students can then investigate how attacks proceed, which vulnerabilities are exploited, and what traces are left behind, all without causing any real damage. They collect data and observations that can be analysed and evaluated in detail. For example, it has recently been observed that attackers are increasingly attempting to attack industrial control systems in order to prepare sabotage operations.
Cyberattack stress test: monitoring infrastructure for manufacturer devices
Additionally, the project participants are setting up a comprehensive monitoring infrastructure to test attack hardware and software components provided by customers of rt-solutions.de. Controlled hacking reveals real attack paths, pinpoints vulnerabilities, and informs the development of concrete protective measures – all without damaging the devices, software, or productive environments.
This project forms part of a series of practical events offered by the Department of Electrical Engineering and Computer Science, each of which is carried out with different partners from the Centrum Industrial IT in Lemgo. These projects take place in the fourth semester and are aimed at computer engineering and data science students. In the hacking lab, Malte Jochim and Lasse Meckelburg work in the ‘forensic department’, analysing attacks, documenting results, and contributing to the further development of the monitoring infrastructure. Malte Jochim reports: “In the Hacking Lab, we can directly apply what we learn in our studies. We work on real security issues, which gives us a realistic idea of what to expect later in our careers.”
The result is a transfer project with a dual purpose: it strengthens cyber security in the region and qualifies young talent for a growing professional field of increasing social and economic relevance.