Researchers from H-BRS honored for their work on greater security on the Internet

"We are very pleased to receive this award and see it as a confirmation of our work," commented Professor Lo Iacono about receiving the Open Data Impact Award. "Stephan Wiefling was the first to develop and make openly available a comprehensive body of knowledge on this security technology. Scientifically verifiable new RBA solutions can now benefit the entire digital society; billions of people worldwide will be effectively protected from cyberattacks on their Internet accounts in the future."

Risk-based authentication is based on the principle that a website accepts username and password entries as long as the system does not detect any anomalies. Only when the login attempt is accompanied by unusual circumstances does the system ask for confirmation that the login is legitimate. The system might consider logging in from a previously unused device or from a previously unknown location as unusual. RBA technology is thus convenient for users in that they usually only have to enter their password once.

"With RBA, we can protect many users from cyberattacks without them noticing any difference in how they use it," Stephan Wiefling adds. "But for this to work effectively, development and research teams need real-world test data. Until now, however, this has only been possible for large Internet corporations like Google, Amazon and Meta, which have the necessary resources and - most importantly - data. Now, with our data set, the general public can explore RBA and make it better. And feedback so far also already shows that the data set is being gratefully received by the research and development community."

The data set, which the researchers at Bonn-Rhein-Sieg University of Applied Sciences have published on various platforms under a Creative Commons license, is the data from more than 33 million login attempts by more than three million users of the multinational telecommunications company Telenor. The data was collected over the course of a year and anonymized and synthesized for publication. Developers can use this data set to create more effective security solutions for digital accounts and test them under real conditions.
The Institute for Cyber Security & Privacy intends to use the prize money for the further development of RBA solutions. It will also help companies, organizations and government agencies implement RBA technology. The initial RBA data set will be continuously expanded in the process - especially to include data on attack attempts - in order to provide standardized test procedures for evaluating RBA implementations.

The Open Data Impact Award was presented for the third time by the Stifterverband in cooperation with DUZ 2022 magazine. It is endowed with a total funding amount of 30,000 euros, which was distributed among three projects. By awarding the prize, the association aims to promote the subsequent use of research data. The first prize went to the "Open Sense Map" project at the University of Münster, while the third prize was awarded to Dr. Sean Fobbe from the Ludwig Maximilian University of Munich.

The Stifterverband für die Deutsche Wissenschaft is a joint initiative of companies and foundations. Headquartered in Essen, the association provides funding in the fields of education, science and innovation. The patron of the Stifterverband has traditionally been the German President since 1949, currently Frank-Walter Steinmeier.