HANNOVER MESSE 2020, 20 - 24 April
switch to:
Digital Ecosystems

DeepScan to detect manipulations in ERP software

Hardly any major company does not use enterprise resource planning (ERP) software — and yet the system is susceptible to fraud and manipulation. A new development from the University of Würzburg could provide the answer here.

25 Jan. 2019
DeepScan to detect manipulations in ERP software (picture: University of Würzburg (from left to right): Kevin Fuchs, Anna Fuchs, and Fabian Gwinner)

What is special about ERP software is that all a company’s processes are integrated in one single IT system, explain the scientists in Würzburg . They want to create an add-on toolbox: DeepScan , to promptly detect any attempted fraud and manipulations. As an example, they cite a repair department worker who flags a still-working product as ‘not repairable’ in the IT system, in order to sell it on for cash to line his own pocket. DeepScan leverages machine-learning to learn which processes are normal in a given company, and so to automatically report any abnormalities. Apart from attempts at manipulation, DeepScan’s security net also catches other abnormalities, including inadvertent errors. The researchers in Würzburg are still looking for industry partners to help further develop their toolbox. Interested parties can contact them here .

Back in 2015, German portal IT-Zoom warned of sabotage of ERP systems, describing such attacks as a “direct attack on a company’s expertise and the effectiveness of its processes”. While the focus then was on external attacks, the report also stated that a high level of complexity and lack of resources meant that many patches were not being installed in ERP systems, resulting in security vulnerabilities.