Research Seminar on 17.04.2024 16:00
Room 03.07.023

Tracking the Lifetime of Domains

Intermediate talk for Master's Thesis
Christian Benedikt Dietze (Zirngibl, Sattler)

Evaluation of AS Relationships based on Different Datasets and Approaches

Final talk for Bachelor's Thesis
Benedict Schaschko (Zirngibl, Sattler)

Thesis announcement
(Reserved) Design and Implementation of a Practical Lab Assignment for IoT and Smart Home

Contact: Christoph Schwarzenberg, Stefan Lachnit, Marcel Kempf, Christian Lübben

Type:
  • Bachelor's Thesis

01.03.2024
Passive and Active Measurement Conference (PAM)

QUIC Hunter: Finding QUIC Deployments and Identifying Server Libraries Across the Internet

Authors: Johannes Zirngibl, Florian Gebauer, Patrick Sattler, Markus Sosnowski, Georg Carle

01.03.2024
3rd International Workshop on Negative Results in Pervasive Computing (PerFail 2024)

Context Matters: Lessons Learned from Emulated and Simulated TSN Environments

Authors: Filip Rezabek*, Marcin Bosk*, Leander Seidlitz, Jörg Ott, Georg Carle

01.02.2024

EFACTLS: Effective Active TLS Fingerprinting for Large-scale Server Deployment Characterization

Active measurements allow the collection of server characteristics on a large scale that can aid in discovering hidden relations and commonalities among server deployments. Finding these relations opens up new possibilities for clustering and classifying server deployments; for example, identifying a previously unknown cybercriminal infrastructure can be valuable cyber-threat intelligence. In this work, we propose a methodology based on active measurements to acquire Transport Layer Security (TLS) metadata from servers and leverage it for fingerprinting. Our fingerprints capture characteristic behavior of the TLS stack, primarily influenced by the server’s implementation, configuration, and hardware support. Using an empirical optimization strategy that maximizes information gained from every handshake to minimize measurement costs, we generated 10 general-purpose Client Hellos. They served as scanning probes to create an extensive database of TLS configurations to classify servers. We propose the Shannon Entropy to measure collected information and compare different approaches. This study fingerprinted 8 million servers from the Tranco top list and two Command and Control (C2) blocklists over 60 weeks with weekly snapshots. The resulting data formed the foundation for two long-term case studies: classification of Content Delivery Network and C2 servers. Moreover, the detection was fine-grained enough to detect C2 server families. The proposed methodology demonstrated a precision of 99% and enabled a stable identification of new servers over time. This study shows how active measurements can provide valuable security-relevant insights and improve our understanding of the Internet.

Authors: Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Georg Carle, Claas Grohnfeldt, Michele Russo, Daniele Sgandurra

01.01.2024
2024 19th Wireless On-Demand Network Systems and Services Conference (WONS)

The pos Experiment Controller: Reproducible & Portable Network Experiments

Authors: Henning Stubbe, Sebastian Gallenmüller, Georg Carle

01.01.2024

Playing the MEV Game on a First-Come-First-Served Blockchain

Authors: Burak Öz, Jonas Gebele, Parshant Singh, Filip Rezabek, Florian Matthes

01.12.2023
Proceedings of the 2nd on Graph Neural Networking Workshop 2023

Predicting Latency Quantiles using Network Calculus-assisted GNNs

Authors: Max Helm, Georg Carle

01.12.2023

Packed to the Brim: Investigating the Impact of Highly Responsive Prefixes on Internet-wide Measurement Campaigns

Authors: Patrick Sattler, Johannes Zirngibl, Mattijs Jonker, Oliver Gasser, Georg Carle, Ralph Holz

01.12.2023
Proc. International Conference on emerging Networking EXperiments and Technologies (CoNEXT)

The Performance of Post-Quantum TLS 1.3

Quantum Computers (QCs) differ radically from traditional computers and can efficiently solve mathematical problems fundamental to our current cryptographic algorithms. Although existing QCs need to accommodate more qubits to break cryptographic algorithms, the concern of "Store-Now-Decrypt-Later" (i.e., adversaries store encrypted data today and decrypt them once powerful QCs become available) highlights the necessity to adopt quantum-safe approaches as soon as possible. In this work, we investigate the performance impact of Post-Quantum Cryptography (PQC) on TLS 1.3. Different signature algorithms and key agreements (as proposed by the National Institute of Standards and Technology (NIST)) are examined through black- and white-box measurements to get precise handshake latencies and computational costs per participating library. We emulated loss, bandwidth, and delay to analyze constrained environments. Our results reveal that HQC and Kyber are on par with our current state-of-the-art, while Dilithium and Falcon are even faster. We observed no performance drawback from using hybrid algorithms; moreover, on higher NIST security levels, PQC outperformed any algorithm in use today. Hence, we conclude that post-quantum TLS is suitable for adoption in today’s systems.

Authors: Markus Sosnowski, Florian Wiedner, Eric Hauser, Lion Steger, Dimitrios Schoinianakis, Sebastian Gallenmüller, Georg Carle

01.11.2023
2023 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

Control Groups Added Latency in NFVs: An Update Needed?

Authors: Florian Wiedner, Alexander Daichendt, Jonas Andre, Georg Carle

01.11.2023

Multilayer Environment and Toolchain for Holistic NetwOrk Design and Analysis

Authors: Filip Rezabek, Kilian Glas, Richard Von Seck, Achraf Aroua, Tizian Leonhardt, Georg Carle

30.01.2024
NetSec Guest Lecture: Cyber Security Assessments in Practice

Abstract

At universities, cyber security is often viewed solely from the perspective of the attackers and defenders. In their guest lecture "Cyber Security Assessments in Practice", Nico Fechtner and Merten Nagel from usd AG shed light on a new perspective: They outline how compliance with legal and regulatory requirements ...

30.06.2023
WueWoWas'23: Best Workshop Contribution Award

Best Contribution Award at WueWoWas 2023

Our publication "Never Miss Twice - Add-On-Miss Table Updates in Software Data Planes" has been awarded as the one Best Workshop Contribution at the KuVS Fachgespräch - Würzburg Workshop on Modeling, Analysis and Simulation of Next-Generation Communication Networks 2023 (WueWoWas’23).

...

29.06.2023
TMA'23: Best Paper Award

Best Paper Award at TMA 2023

Our publication "Target Acquired? Evaluating Target Generation Algorithms for IPv6" has been awarded with the Best Paper Award at the Network Traffic Measurement and Analysis Conference (TMA 2023).

The publication is a collaboration with Oliver Gasser from the Max ...

20.03.2023
PerFail'23: Best Paper Award

Best Paper Award at the PerFail 2023

Our publication "TSN Experiments Using COTS Hardware and Open-Source Solutions: Lessons Learned" has been awarded with the Best Paper Award at the Second International Workshop on Negative Results in Pervasive Computing (PerFail 2023), co-located with IEEE Pervasive Computing (PerCom) 2023, ...

04.08.2022
TUM ACE SUPPRA Project

TUM Research Groups Selected as Global Winners for Blockchain and Education Program offered by Algorand Foundation

The Algorand protocol [1] is a carbon-zero Layer 1 Blockchain technology, founded by the Turing Award winner and MIT professor Silvio Micali. Based on pure Proof-of-Stake (POS) consensus, Algorand currently supports 1000 ...