GINO
Global INternet Observatory
| Scientists: | Dipl.-Ing. Univ. Quirin Scheitle, Oliver Gasser, M.Sc., Minoo Rouhi, M. Sc., Johannes Naab, M.Sc., Edwin Cordeiro, M.Sc., Dr. Heiko Niedermayer, Florian Wohlfart, M.Sc. |
| Since: | 01.11.2016 |
Motivation
Internet measurements have long been a research priority at our chair. These measurements help us better understand the Internet and its security.
GINO is a research group for exchanging ongoing research, concepts, and ideas in the Internet measurement domain. Researchers and students meet once every month to discuss current topics, advancements, tools, and best practices in measurements.
Internet-wide scans
We conduct various regular and ad-hoc Internet-wide scans for protocols such as HTTPS, DNS, and BACnet.
These are purely scientific and we never attempt to intrude into any system.
We follow best practices laid out by the scientific community such as by Dittrich et al. 1, and Partridge and Allman 2.
If you are affected by these, e.g., because of IDS alerts, please contact us and we will be happy to blacklist you immediately.
The involved machines are:
| Host | IPv6 address | IPv4 address |
|---|---|---|
| planetlabX.net.in.tum.de | 2001:4ca0:108:42::X | 138.246.253.X |
| dallas | 2600:3c00::f03c:91ff:fe3b:d2d | 45.33.5.55 |
| singapore | 2400:8901::f03c:91ff:fe3b:d08 | 139.162.29.117 |
For a brief time in February 2018, the rDNS pointer for planetlab19.net.in.tum.de. points to researchscan19.netintum.umbrellastudy.com.
IPv6 Hitlist
We provide a daily updated IPv6 hitlist which can be downloaded by interested researchers. Find more information on our dedicated IPv6 hitlist page.
Monthly GINO meeting
We meet every month for about one hour. The audience of the monthly meetings are:
- Interested researchers from the chair
- Interested researchers from other chairs
- Students currently doing a thesis or project in the area of Internet-wide measurements
- Students who are interested in doing a thesis in the Internet-measurement domain
Contact
If this sounds interesting to you, feel free to contact us:
References
Related publications
| 2018-11-01 | Oliver Gasser, Quirin Scheitle, Pawel Foremski, Qasim Lone, Maciej Korczynski, Stephen D. Strowes, Luuk Hendriks, Georg Carle, “Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists,” in Proceedings of the 2018 Internet Measurement Conference, New York, NY, USA, Nov. 2018. [Pdf] [Slides] [Homepage] [Rawdata] [Arxiv] [Blog] [DOI] [Bib] |
| 2018-11-01 | Quirin Scheitle, Oliver Gasser, Theodor Nolte, Johanna Amann, Lexi Brent, Georg Carle, Ralph Holz, Thomas C. Schmidt, Matthias Wählisch, “The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem,” in Internet Measurement Conference (2018), Boston, USA, Nov. 2018, pp. 343–349. [Rawdata] [Arxiv] [DOI] [Bib] |
| 2018-11-01 | Quirin Scheitle, Oliver Hohlfeld, Julien Gamba, Jonas Jelten, Torsten Zimmermann, Stephen D. Strowes, Narseo Vallina-Rodriguez, “A Long Way to the Top: Significance, Structure, and Stability of Internet Top Lists,” in Internet Measurement Conference (IMC’18), IMC’18 Community Contribution Award, Boston, USA, Nov. 2018, pp. 478–493. [Homepage] [Rawdata] [Arxiv] [DOI] [Bib] |
| 2018-10-01 | Paul Emmerich, Maximilian Pudelko, Quirin Scheitle, Georg Carle, “Efficient Dynamic Flow Tracking for Packet Analyzers,” in CloudNet, Tokyo, Japan, Oct. 2018. [Pdf] [Bib] |
| 2018-04-01 | Quirin Scheitle, Taejoong Chung, Jens Hiller, Oliver Gasser, Johannes Naab, Roland van Rijswijk-Deij, Oliver Hohlfeld, Ralph Holz, Dave Choffnes, Alan Mislove, Georg Carle, “A First Look at Certification Authority Authorization (CAA),” ACM SIGCOMM Computer Communications Review (CCR), Apr. 2018. [Url] [Pdf] [Preprint] [Homepage] [Rawdata] [Bib] |
| 2018-03-01 | Tobias Brunnwieser, Oliver Gasser, Sree Harsha Totakura, Georg Carle, “Live Detection and Analysis of HTTPS Interceptions,” in Passive and Active Measurement Conference (PAM), Poster, Berlin, Germany, Mar. 2018. [Pdf] [Bib] |
| 2018-03-01 | Oliver Gasser, Benjamin Hof, Max Helm, Maciej Korczynski, Ralph Holz, Georg Carle, “In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements,” in Proceedings of the Passive and Active Measurement Conference (PAM 2018), Best Paper Award, Berlin, Germany, Mar. 2018. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Blog] [Bib] |
| 2018-03-01 | Quirin Scheitle, Jonas Jelten, Oliver Hohlfeld, Luca Ciprian, Georg Carle, “Structure and Stability of Internet Top Lists,” in PAM’18 Poster, Berlin, Mar. 2018. [Arxiv] [Bib] |
| 2017-11-01 | Patricia Callejo, Connor Kelton, Narseo Vallina-Rodriguez, Rubén Cuevas, Oliver Gasser, Christian Kreibich, Florian Wohlfart, Ángel Cuevas, “Opportunities and Challenges of Ad-based Measurements from the Edge of the Network,” in Proc. of the 16th ACM Workshop on Hot Topics in Networks, Nov. 2017. [Pdf] [Bib] |
| 2017-11-01 | Johanna Amann*, Oliver Gasser*, Quirin Scheitle*, Lexi Brent, Georg Carle, Ralph Holz, “Mission Accomplished? HTTPS Security after DigiNotar,” in Proceedings of the Internet Measurement Conference (IMC 2017), IMC’17 Community Contribution Award, IRTF Applied Networking Research Prize (ANRP) 2018, London, UK, Nov. 2017. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Bib] |
| 2017-10-01 | Oliver Gasser, Quirin Scheitle, Benedikt Rudolph, Carl Denis, Nadja Schricker, Georg Carle, “The Amplification Threat Posed by Publicly Reachable BACnet Devices,” Journal of Cyber Security and Mobility, Oct. 2017. [Url] [Pdf] [Bib] |
| 2017-08-01 | Quirin Scheitle, Matthias Wählisch, Oliver Gasser, Thomas C. Schmidt, Georg Carle, “Towards an Ecosystem for Reproducible Research in Computer Networking,” in ACM SIGCOMM Reproducibility Workshop, Los Angeles, USA, Aug. 2017. [Pdf] [Slides] [Bib] |
| 2017-06-01 | Matthias Wachs, Quirin Scheitle, Georg Carle, “Push Away Your Privacy: Precise User Tracking Based on TLS Client Certificate Authentication,” in Network Traffic Measurement and Analysis Conference (TMA), Best Paper Award TMA’17, IEEE ComSoc ITC Best Paper Award 2017, Jun. 2017. [Pdf] [Slides] [Recording] [Bib] |
| 2017-06-01 | Quirin Scheitle, Oliver Gasser, Patrick Sattler, Georg Carle, “HLOC: Hints-Based Geolocation Leveraging Multiple Measurement Frameworks,” in Network Traffic Measurement and Analysis Conference (TMA), Best Dataset Award, Dublin, Ireland, Jun. 2017. [Pdf] [Slides] [Rawdata] [Arxiv] [Bib] |
| 2017-06-01 | Quirin Scheitle, Oliver Gasser, Minoo Rouhi, Georg Carle, “Large-Scale Classification of IPv6-IPv4 Siblings with Variable Clock Skew,” in Network Traffic Measurement and Analysis Conference (TMA), Jun. 2017. [Pdf] [Slides] [Rawdata] [Recording] [Arxiv] [Bib] |
| 2017-05-01 | Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Security Implications of Publicly Reachable Building Automation Systems,” in Proc. 2nd Int. Workshop on Traffic Measurements for Cybersecurity, San Jose, CA, USA, May 2017. [Pdf] [Bib] |
| 2017-02-01 | Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Öffentlich erreichbare Gebäudeautomatisierung: Amplification-Anfälligkeit von BACnet und Deployment-Analyse im Internet und DFN,” in 24. DFN-Konferenz Sicherheit in vernetzten Systemen, Hamburg, Germany, Feb. 2017. [Pdf] [Bib] |
| 2016-04-01 | Oliver Gasser, Quirin Scheitle, Sebastian Gebhard, Georg Carle, “Scanning the IPv6 Internet: Towards a Comprehensive Hitlist,” in Proc. 8th Int. Workshop on Traffic Monitoring and Analysis, Louvain-la-Neuve, Belgium, Apr. 2016. [Url] [Pdf] [Slides] [Bib] |
| 2016-03-01 | Quirin Scheitle, Matthias Wachs, Johannes Zirngibl, Georg Carle, “Analyzing Locality of Mobile Messaging Traffic using the MATAdOR Framework,” in Passive and Active Measurements Conference (PAM) 2016 , Heraklion, Greece, Mar. 2016, pp. 190–202. [Pdf] [Preprint] [Slides] [Homepage] [Rawdata] [DOI] [Bib] |
Finished student theses
| Author | Title | Type | Advisors | Year | Links |
| Johannes Schleger | Detection and Characterization of TLS Interception in Access Networks | MA | Jonas Jelten, Florian Wohlfart, Quirin Scheitle | 2018 | |
| Glenn Skjong | Internet Toplists: Creating an Alternative Internet Top List Service | MA | Quirin Scheitle, Jonas Jelten | 2018 | |
| Ralf Baun | Performance and Security Analysis of Alternative DNS Transports | BA | Quirin Scheitle, Johannes Naab | 2018 |
|
| Felix Beil | Long Term Analysis of HTTP Strict Transport Security | BA | Quirin Scheitle, Oliver Gasser | 2018 | |
| Jan-Philipp Lauinger | Evaluating Client Discrimination in Anonymization Networks Using Active Network Scans | Forschungspraxis | Oliver Gasser, Sree Harsha Totakura | 2017 |
|
| Florens Werner | Finding Active IPv6 Addresses | BA | Quirin Scheitle, Oliver Gasser, Johannes Naab | 2017 |
|
| Alexander Schulz | Identification of IPv6-IPv4 Sibling Pairs from Passive Observations | BA | Quirin Scheitle, Oliver Gasser, Minoo Rouhi | 2017 |
|
| Thomas Bachmaier | Scanning for TCP SYN Proxy Implementations | BA | Dominik Scholz, Paul Emmerich, Quirin Scheitle, Minoo Rouhi | 2017 |
|
| Tobias Brunnwieser | A Framework for Detection and Analysis of HTTPS Interception | MA | Oliver Gasser, Sree Harsha Totakura, Florian Wohlfart | 2017 | |
| Max Helm | Traceable Measurement Result Publication in Append-only Ledgers | MA | Oliver Gasser, Benjamin Hof, Quirin Scheitle | 2017 |
|
| Emanuel Vintila | Continuous Development of Open Source C++ Flow Toolkit | HiWi | Oliver Gasser, Johannes Naab | 2017 |
|
| Samy el Deib | Detecting IPv6-IPv4 Sibling Pairs Based on few Data Points | BA | Quirin Scheitle, Oliver Gasser, Minoo Rouhi | 2017 |
|
| Hendrik Eichner | Revisiting SSH Security in the Internet | BA | Oliver Gasser, Minoo Rouhi | 2017 |
|
| Markus Sosnowski | Internet-Wide Assessment of TCP Options | BA | Quirin Scheitle, Oliver Gasser, Minoo Rouhi, Paul Emmerich, Dominik Scholz | 2017 |
|
| Max Helm | Evaluating TLS Certificate Transparency Logs using Active Scans | IDP | Oliver Gasser, Benjamin Hof | 2017 |
|
| Maximilian Pudelko | Payload Extraction for Flows with Anomalous TTL Behaviour | IDP | Quirin Scheitle, Paul Emmerich | 2017 |
|
| Pirmin Blanz | IPv6 TLS Security Scanning | MA | Oliver Gasser, Quirin Scheitle | 2016 | |
| Michael Köpferl | Evaluation of amplification attacks in large-scale networks to improve detection performance | IDP | Oliver Gasser, Stefan Metzger | 2016 | |
| Frank Schmidt | Large Scale DNS Scanner in Go | MA | Johannes Naab, Oliver Gasser | 2016 | |
| Patrick Sattler | Parsing geographical locations from DNS names | GR | Quirin Scheitle, Oliver Gasser | 2016 | |
| Sven Hertle | Analysis of cellular ISP networks | MA | Florian Wohlfart | 2016 |
|
| Jonas Heintzenberg | Browser-based Internet connection testing | BA | Florian Wohlfart, Oliver Gasser | 2016 |
|
| Johannes Fischer | Browser-based Internet connection testing | MA | Florian Wohlfart, Oliver Gasser | 2016 |
|
Open and running student theses
| Author | Title | Type | Advisors | Year | Links |
| Hamza Zafar | Amplification Attack Detection using Active Measurements | MA | Simon Bauer, Oliver Gasser, Stefan Metzger | 2018 |
|
| Fabian Raab | Influence of BGP Community Attributes on Routing and Internet Traffic | IDP | Oliver Gasser, Quirin Scheitle, Christoph Dietzel | 2017 |
|