This file was created by the TYPO3 extension bib --- Timezone: CEST Creation date: 2024-04-23 Creation time: 14-54-04 --- Number of references 44 article 2023_pennekamp_purchase_inquiries ACM Transactions on Internet Technology 2023 11 17 23 4 Dynamic and flexible business relationships are expected to become more important in the future to accommodate specialized change requests or small-batch production. Today, buyers and sellers must disclose sensitive information on products upfront before the actual manufacturing. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness. Related work overlooks this issue so far: Existing approaches only protect the information of a single party only, hindering dynamic and on-demand business relationships. To account for the corresponding research gap of inadequately privacy-protected information and to deal with companies without an established trust relation, we pursue the direction of innovative privacy-preserving purchase inquiries that seamlessly integrate into today's established supplier management and procurement processes. Utilizing well-established building blocks from private computing, such as private set intersection and homomorphic encryption, we propose two designs with slightly different privacy and performance implications to securely realize purchase inquiries over the Internet. In particular, we allow buyers to consider more potential sellers without sharing sensitive information and relieve sellers of the burden of repeatedly preparing elaborate yet discarded offers. We demonstrate our approaches' scalability using two real-world use cases from the domain of production technology. Overall, we present deployable designs that offer two-way privacy for purchase inquiries and, in turn, fill a gap that currently hinders establishing dynamic and flexible business relationships. In the future, we expect significantly increasing research activity in this overlooked area to address the needs of an evolving production landscape. bootstrapping procurement; secure industrial collaboration; private set intersection; homomorphic encryption; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-purchase-inquiries.pdf ACM 1533-5399 10.1145/3599968 1 JanPennekamp MarkusDahlmanns FrederikFuhrmann TimoHeutmann AlexanderKreppein DennisGrunert ChristophLange Robert H.Schmitt KlausWehrle inproceedings 2023_pennekamp_benchmarking_comparison 2023 6 15 13901 489-505 Benchmarking is an essential tool for industrial organizations to identify potentials that allows them to improve their competitive position through operational and strategic means. However, the handling of sensitive information, in terms of (i) internal company data and (ii) the underlying algorithm to compute the benchmark, demands strict (technical) confidentiality guarantees—an aspect that existing approaches fail to address adequately. Still, advances in private computing provide us with building blocks to reliably secure even complex computations and their inputs, as present in industry benchmarks. In this paper, we thus compare two promising and fundamentally different concepts (hardware- and software-based) to realize privacy-preserving benchmarks. Thereby, we provide detailed insights into the concept-specific benefits. Our evaluation of two real-world use cases from different industries underlines that realizing and deploying secure information systems for industry benchmarking is possible with today's building blocks from private computing. Lecture Notes in Computer Science (LNCS), Volume 13901 real-world computing; trusted execution environments; homomorphic encryption; key performance indicators; benchmarking internet-of-production https://jpennekamp.de/wp-content/papercite-data/pdf/plv+23.pdf Springer Proceedings of the 35th International Conference on Advanced Information Systems Engineering (CAiSE '23), June 12-16, 2023, Zaragoza, Spain Zaragoza, Spain 35th International Conference on Advanced Information Systems Engineering (CAiSE '23) June 12-16, 2023 978-3-031-34559-3 0302-9743 10.1007/978-3-031-34560-9_29 1 JanPennekamp JohannesLohmöller EduardVlad JoschaLoos NiklasRodemann PatrickSapel Ina BereniceFink SethSchmitz ChristianHopmann MatthiasJarke GüntherSchuh KlausWehrle MartinHenze inproceedings 2023-lorz-cired 2023 3286-3290 ven2us 27th International Conference on Electricity Distribution (CIRED 2023), Rome, Italy, June 12-15, 2023 Rome, Italy International Conference & Exhibition on Electricity Distribution (CIRED) June 12-15, 2023 10.1049/icp.2023.0864 1 TobiasLorz JohannJaeger AntigonaSelimaj ImmanuelHacker AndreasUlbig Jan-PeterHeckel ChristianBecker MarkusDahlmanns Ina BereniceFink KlausWehrle GerritErichsen MichaelSchindler RainerLuxenburger GuosongLin proceedings 2022-wolsing-radarsec 2022 9 rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-radar.pdf IEEE Edmonton, Canada 47th IEEE Conference on Local Computer Networks (LCN) September 26-29, 2022 10.1109/LCN53696.2022.9843801 1 KonradWolsing AntoineSaillard JanBauer EricWagner Christianvan Sloun Ina BereniceFink MariSchmidt KlausWehrle MartinHenze inproceedings 2022_kus_iids_generalizability 2022 5 30 73-84 Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 %. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 % and 14.7 % for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks. anomaly detection; machine learning; industrial control system internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf ACM Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan 978-1-4503-9176-4/22/05 10.1145/3494107.3522773 1 DominikKus EricWagner JanPennekamp KonradWolsing Ina BereniceFink MarkusDahlmanns KlausWehrle MartinHenze inproceedings lorenz-ven2us-2022 2022 Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development. In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests. ven2us Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal Porto CIRED workshop on E-mobility and power distribution systems 2022 June 2-3, 2022 10.1049/icp.2022.0768 1 MatthiasLorenz Tobias MarkusPletzer MalteSchuhmacher TorstenSowa MichaelDahms SimonStock DavoodBabazadeh ChristianBecker JohannJaeger TobiasLorz MarkusDahlmanns Ina BereniceFink KlausWehrle AndreasUlbig PhilippLinnartz AntigonaSelimaj ThomasOffergeld inproceedings 2021-krude-nfp-pred 2021 12 7 maki https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-krude-nfp-pred.pdf ACM The 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT '21) 978-1-4503-9098-9/21/12 10.1145/3485983.3494842 1 JohannesKrude JanRüth DanielSchemmel FelixRath Iohannes-HeorhFolbort KlausWehrle inproceedings 2021_pennekamp_bootstrapping 2021 11 15 RWTH-2021-09499 In addition to quality improvements and cost reductions, dynamic and flexible business relationships are expected to become more important in the future to account for specific customer change requests or small-batch production. Today, despite reservation, sensitive information must be shared upfront between buyers and sellers. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness following information leaks or breaches of their privacy. To address this issue, the concepts of confidential computing and cloud computing come to mind as they promise to offer scalable approaches that preserve the privacy of participating companies. In particular, designs building on confidential computing can help to technically enforce privacy. Moreover, cloud computing constitutes an elegant design choice to scale these novel protocols to industry needs while limiting the setup and management overhead for practitioners. Thus, novel approaches in this area can advance the status quo of bootstrapping new relationships as they provide privacy-preserving alternatives that are suitable for immediate deployment. bootstrapping procurement; business relationships; secure industrial collaboration; privacy; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-bootstrapping.pdf RWTH Aachen University Blitz Talk at the 2021 Cloud Computing Security Workshop (CCSW '21), co-located with the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea RWTH Aachen University Seoul, Korea November 14, 2021 10.18154/RWTH-2021-09499 JanPennekamp FrederikFuhrmann MarkusDahlmanns TimoHeutmann AlexanderKreppein DennisGrunert ChristophLange Robert H.Schmitt KlausWehrle proceedings fink-lcn-demons-2021 2021 10 4 nerd-nrw https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-fink-lcn-demons.pdf IEEE online Edmonton, Canada 46th IEEE Conference on Local Computer Networks (LCN) October 4-7, 2021 10.1109/LCN52139.2021.9524879 1 Ina BereniceFink MartinSerror KlausWehrle inproceedings 2021_dahlmanns_entrust 2021 4 28 78–87 The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems. cyber-physical system security; publish-subscribe security; end-to-end security internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-dahlmanns-entrust.pdf ACM Proceedings of the 1st ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SaT-CPS '21), co-located with the 11th ACM Conference on Data and Application Security and Privacy (CODASPY '21), April 26-28, 2021, Virtual Event, USA Virtual Event, USA ACM Workshop on Secure and Trustworthy Cyber-Physical Systems April 28, 2021 978-1-4503-8319-6/21/04 10.1145/3445969.3450423 1 MarkusDahlmanns JanPennekamp Ina BereniceFink BerndSchoolmann KlausWehrle MartinHenze article 2021-jakobs-engineering IEEE Transactions on Engineering Management 2021 2 1 68 1 75-86 1558-0040 10.1109/TEM.2020.2976640 1 ErwinFolmer KaiJakobs inproceedings 2020_pennekamp_benchmarking 2020 12 15 31-44 Benchmarking the performance of companies is essential to identify improvement potentials in various industries. Due to a competitive environment, this process imposes strong privacy needs, as leaked business secrets can have devastating effects on participating companies. Consequently, related work proposes to protect sensitive input data of companies using secure multi-party computation or homomorphic encryption. However, related work so far does not consider that also the benchmarking algorithm, used in today's applied real-world scenarios to compute all relevant statistics, itself contains significant intellectual property, and thus needs to be protected. Addressing this issue, we present PCB — a practical design for Privacy-preserving Company Benchmarking that utilizes homomorphic encryption and a privacy proxy — which is specifically tailored for realistic real-world applications in which we protect companies' sensitive input data and the valuable algorithms used to compute underlying key performance indicators. We evaluate PCB's performance using synthetic measurements and showcase its applicability alongside an actual company benchmarking performed in the domain of injection molding, covering 48 distinct key performance indicators calculated out of hundreds of different input values. By protecting the privacy of all participants, we enable them to fully profit from the benefits of company benchmarking. practical encrypted computing; homomorphic encryption; algorithm confidentiality; benchmarking; key performance indicators; industrial application; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-company-benchmarking.pdf https://eprint.iacr.org/2020/1512 HomomorphicEncryption.org Proceedings of the 8th Workshop on Encrypted Computing & Applied Homomorphic Cryptography (WAHC '20), December 15, 2020, Virtual Event Virtual Event December 15, 2020 978-3-00-067798-4 10.25835/0072999 1 JanPennekamp PatrickSapel Ina BereniceFink SimonWagner SebastianReuter ChristianHopmann KlausWehrle MartinHenze inproceedings 2020_pennekamp_parameter_exchange 2020 12 10 510-525 Nowadays, collaborations between industrial companies always go hand in hand with trust issues, i.e., exchanging valuable production data entails the risk of improper use of potentially sensitive information. Therefore, companies hesitate to offer their production data, e.g., process parameters that would allow other companies to establish new production lines faster, against a quid pro quo. Nevertheless, the expected benefits of industrial collaboration, data exchanges, and the utilization of external knowledge are significant. In this paper, we introduce our Bloom filter-based Parameter Exchange (BPE), which enables companies to exchange process parameters privacy-preservingly. We demonstrate the applicability of our platform based on two distinct real-world use cases: injection molding and machine tools. We show that BPE is both scalable and deployable for different needs to foster industrial collaborations. Thereby, we reward data-providing companies with payments while preserving their valuable data and reducing the risks of data leakage. secure industrial collaboration; Bloom filter; oblivious transfer; Internet of Production internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-parameter-exchange.pdf ACM Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA Austin, TX, USA December 7-11, 2020 978-1-4503-8858-0/20/12 10.1145/3427228.3427248 1 JanPennekamp ErikBuchholz YannikLockner MarkusDahlmanns TiandongXi MarcelFey ChristianBrecher ChristianHopmann KlausWehrle proceedings fink-lcn-demons-2020 2020 11 15 nerd-nrw https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-fink-lcn-mud-smartphone.pdf IEEE online Sydney, Australia 45th IEEE Conference on Local Computer Networks (LCN) November 16-19, 2020 10.1109/LCN48667.2020.9314782 1 Ina BereniceFink MartinSerror KlausWehrle inproceedings 2020_delacadena_trafficsliver 2020 11 12 1971-1985 Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only. To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98% to less than 16% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network. Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf https://github.com/TrafficSliver ACM Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA Virtual Event, USA November 9-13, 2020 978-1-4503-7089-9/20/11 10.1145/3372297.3423351 1 WladimirDe la Cadena AsyaMitseva JensHiller JanPennekamp SebastianReuter JulianFilter KlausWehrle ThomasEngel AndriyPanchenko inproceedings 2020-henze-ccs-cybersecurity 2020 11 9 Mitigating cybersecurity threats in power distribution grids requires a testbed for cybersecurity, e.g., to evaluate the (physical) impact of cyberattacks, generate datasets, test and validate security approaches, as well as train technical personnel. In this paper, we present a blueprint for such a testbed that relies on network emulation and power flow computation to couple real network applications with a simulated power grid. We discuss the benefits of our approach alongside preliminary results and various use cases for cybersecurity research and training for power distribution grids. https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-henze-ccs-cybersecurity.pdf ACM

New York, NY, USA

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ’20), November 9–13, 2020, Virtual Event, USA. Virtual Event, USA November 9-13, 2020 10.1145/3372297.3420016 1 MartinHenze LennartBader JulianFilter OlavLamberts SimonOfner Dennisvan der Velde inproceedings 2020-dahlmanns-imc-opcua 2020 10 27 101-110 Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24% of hosts), disabled security functionality (24%), or use of deprecated cryptographic primitives (25%) on in total 92% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols. industrial communication; network security; security configuration internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf ACM Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA Pittsburgh, PA, USA ACM Internet Measurement Conference 2020 October 27-29, 2020 978-1-4503-8138-3/20/10 10.1145/3419394.3423666 1 MarkusDahlmanns JohannesLohmöller Ina BereniceFink JanPennekamp KlausWehrle MartinHenze inproceedings 2020_roepert_opcua 2020 4 2 To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors. internet-of-production, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf en University of Tübingen Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, Tübingen, Germany Tübingen, Germany April 2-3, 2020 10.15496/publikation-41813 1 LinusRoepert MarkusDahlmanns Ina BereniceFink JanPennekamp MartinHenze article 2020_mann_welding_layers Advanced Structured Materials 2020 4 1 125 101-118 A connected, digitalized welding production unlocks vast and dynamic potentials: from improving state of the art welding to new business models in production. For this reason, offering frameworks, which are capable of addressing multiple layers of applications on the one hand and providing means of data security and privacy for ubiquitous dataflows on the other hand, is an important step to enable the envisioned advances. In this context, welding production has been introduced from the perspective of interlaced process layers connecting information sources across various entities. Each layer has its own distinct challenges from both a process view and a data perspective. Besides, investigating each layer promises to reveal insight into (currently unknown) process interconnections. This approach has been substantiated by methods for data security and privacy to draw a line between secure handling of data and the need of trustworthy dealing with sensitive data among different parties and therefore partners. In conclusion, the welding production has to develop itself from an accumulation of local and isolated data sources towards a secure industrial collaboration in an Internet of Production. Proceedings of the 1st International Conference on Advanced Joining Processes (AJP '19) Welding Production; Industrie 4.0; Internet of Production; Data Security; Data Privacy Internet-of-Production https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-welding-layers.pdf Springer Ponta Delgada, Azores, Portugal October 24-25, 2019 978-981-15-2956-6 1869-8433 10.1007/978-981-15-2957-3_8 1 SamuelMann JanPennekamp TobiasBrockhoff AnahitaFarhang MahsaPourbafrani LukasOster Merih SeranUysal RahulSharma UweReisgen KlausWehrle Wilvan der Aalst inproceedings 2019_pennekamp_dataflows 2019 11 11 27-38 The Internet of Production (IoP) envisions the interconnection of previously isolated CPS in the area of manufacturing across institutional boundaries to realize benefits such as increased profit margins and product quality as well as reduced product development costs and time to market. This interconnection of CPS will lead to a plethora of new dataflows, especially between (partially) distrusting entities. In this paper, we identify and illustrate these envisioned inter-organizational dataflows and the participating entities alongside two real-world use cases from the production domain: a fine blanking line and a connected job shop. Our analysis allows us to identify distinct security and privacy demands and challenges for these new dataflows. As a foundation to address the resulting requirements, we provide a survey of promising technical building blocks to secure inter-organizational dataflows in an IoP and propose next steps for future research. Consequently, we move an important step forward to overcome security and privacy concerns as an obstacle for realizing the promised potentials in an Internet of Production. Internet of Production; dataflows; Information Security internet-of-production https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-dataflows.pdf ACM Proceedings of the 5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC '19), co-located with the 26th ACM SIGSAC Conference on Computer and Communications Security (CCS '19), November 11-15, 2019, London, United Kingdom London, United Kingdom November 11-15, 2019 978-1-4503-6831-5/19/11 10.1145/3338499.3357357 1 JanPennekamp MartinHenze SimoSchmidt PhilippNiemietz MarcelFey DanielTrauth ThomasBergs ChristianBrecher KlausWehrle inproceedings 2019_wagner_dispute_resolution 2019 5 Blockchain systems promise to mediate interactions of mutually distrusting parties without a trusted third party. However, protocols with full smart contract-based security are either limited in functionality or complex, with high costs for secured interactions. This observation leads to the development of protocol-specific schemes to avoid costly dispute resolution in case all participants remain honest. In this paper, we introduce SmartJudge, an extensible generalization of this trend for smart contract-based two-party protocols. SmartJudge relies on a protocol-independent mediator smart contract that moderates two-party interactions and only consults protocol-specific verifier smart contracts in case of a dispute. This way, SmartJudge avoids verification costs in absence of disputes and sustains interaction confidentiality among honest parties. We implement verifier smart contracts for cross-blockchain trades and exchanging digital goods and show that SmartJudge can reduce costs by 46-50% and 22% over current state of the art, respectively. Ethereum,Bitcoin,smart contracts,two-party protocols,dispute resolution,cross-blockchain trades mynedata, impact-digital, rfc https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-wagner-dispute.pdf IEEE IEEE International Conference on Blockchain and Cryptocurrency 2019 (ICBC 2019) Seoul, South Korea IEEE International Conference on Blockchain and Cryptocurrency 2019 English 10.1109/BLOC.2019.8751312 1 EricWagner AchimVölker FrederikFuhrmann RomanMatzutt KlausWehrle article 2019_wehrle_dagstuhl_beginners ACM SIGCOMM Computer Communication Review 2019 1 49 1 24-30 Reproducibility is one of the key characteristics of good science, but hard to achieve for experimental disciplines like Internet measurements and networked systems. This guide provides advice to researchers, particularly those new to the field, on designing experiments so that their work is more likely to be reproducible and to serve as a foundation for follow-on work by others. 0146-4833 10.1145/3314212.3314217 VaibhavBajpai AnnaBrunstrom AnjaFeldmann WolfgangKellerer AikoPras HenningSchulzrinne GeorgiosSmaragdakis MatthiasWählisch KlausWehrle inproceedings 2017-henze-mobiquitous-comparison 2017 11 7 543-544 trinics https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-comparison.pdf Online ACM Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous) - Poster Session, Melbourne, VIC, Australia en 978-1-4503-5368-7 10.1145/3144457.3144511 1 MartinHenze RitsumaInaba Ina BereniceFink Jan HenrikZiegeldorf conference 2017-fink-brainlab-gmds 2017 8 29 Best Abstract Award https://www.egms.de/static/en/meetings/gmds2017/17gmds137.shtml 06.09.19 German Medical Science GMS Publishing House (2017) 62. Jahrestagung der Deutschen Gesellschaft für Medizinische Informatik, Biometrie und Epidemiologie e.V. (GMDS). Oldenburg GMDS 2017 17-21 September 2017 10.3205/17gmds137 1 Ina BereniceFink BerndHankammer ThomasStopinski YannicTitgemeyer RoannRamos EkaterinaKutafina Jó AgilaBitsch Stephan MichaelJonas inproceedings 2017-maurer-trustcom-coinjoin 2017 8 1 522-529 https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-maurer-trustcom-coinjoin.pdf Online IEEE 2017 IEEE Trustcom/BigDataSE/ICESS Sydney, NSW, Australia 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom) 1. - 4. August 2017 978-1-5090-4906-6 2324-9013 10.1109/Trustcom/BigDataSE/ICESS.2017.280 1 Felix KonstantinMaurer TillNeudecker MartinFlorian conference 2017-fink-brainlab 2017 4 24 2 /fileadmin/papers/2017/2017-fink-brainlab.pdf http://informaticsforhealth.org/wp-content/uploads/2017/04/IFH2017-Digital-Programme.pdf 2017-05-09 Online Informatics for Health 2017, Manchester UK Manchester, UK Informatics for Health 2017, Manchester UK 24-26 April 2017 en 1 Ina BereniceFink BerndHankammer ThomasStopinsky RoannRamos EkaterinaKutafina Jó AgilaBitsch Link StephanJonas conference 2016-hohlfeld-qcman 2016 9 Assessing the impact of network delay on perceived quality of gaming has been subject to many studies involving different genres ranging from fast-paced first-person shooters to strategy games. This paper assesses the impact of network latency on the Quality of Experience (QoE) of casual gamers playing Minecraft. It is based on a user study involving 12 casual gamers with no prior experience with Minecraft. QoE is assessed using the Game Experience Questionnaire (GEQ) and dedicated questions for the overall perceived quality and experienced gameplay interruptions. The main finding is that casual Minecraft players are rather insensitive to network delay of up to 1 sec. https://i-teletraffic.org/_Resources/Persistent/bc99ba4324ebc7cf1369f09a6caa334c0203943f/Hohlfeld2016.pdf http://ieeexplore.ieee.org/abstract/document/7810715/?reload=true IEEE QCMan IEEE QCMan 10.1109/ITC-28.2016.313 OliverHohlfeld HannesFiedler EnricPujol DennisGuse inproceedings 2016-zimmermann-remp 2016 5 IEEE Proceedings of the IEEE International Conference on Communications (ICC 2016), Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia ICC 2016 23.-27.5.2016 978-1-4799-6664-6 1938-1883 10.1109/ICC.2016.7510787 1 AlexanderFrömmgen TobiasErbshäuser TorstenZimmermann KlausWehrle AlejandroBuchmann conference 2016-erwin 2016 http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7498938&tag=1 IEEE QoMEX IEEE QoMEX 10.1109/QoMEX.2016.7498938 ThomasZinner MatthiasHirth ValentinFischer OliverHohlfeld inproceedings 2015-zimmermann-remp 2015 12 1 ACM Proceedings of the 2015 CoNEXT on Student Workshop, CoNEXT Student Workshop, Heidelberg, Germany Heidelberg, Germany CoNEXT 2015 1.-4.12.2015 1 AlexanderFrömmgen TobiasErbshäuser TorstenZimmermann KlausWehrle AlejandroBuchmann inproceedings 2015-bitsch-phealth-piap 2015 6 2 211 153 --159 Depression is the most prevalent clinical disorder and one of the main causes of disability. This makes early detection of depressive symptoms critical in its prevention and management. This paper presents and discusses the development of Psychologist in a Pocket (PiaP), a mental mHealth application for Android which screens and monitors for these symptoms, and–given the explicit permission of the user–alerts a trusted contact such as the mental health professional or a close friend, if it detects symptoms. All text inputted electronically–such as short message services, emails, social network posts–is analyzed based on keywords related to depression based on DSM-5 and ICD criteria as well as Beck's Cognitive Theory of Depression and the Self-Focus Model. Data evaluation and collection happen in the background, on- device, without requiring any user involvement. Currently, the application is in an early prototype phase entering initial clinical validation. fileadmin/papers/2015/2015-bitsch-phealth-piap.pdf Print Blobel, Bernd and Lindén, Maria and Ahmed, Mobyen Uddin IOS Press

Amsterdam

Studies in Health Technology and Informatics Proceedings of the 12th International Conference on Wearable Micro and Nano Technologies for Personalized Health Västerås, Sweden 12th International Conference on Wearable Micro and Nano Technologies for Personalized Health June 2-4, 2015 en 978-1-61499-515-9 0926-9630 10.3233/978-1-61499-516-6-153 1 Jó AgilaBitsch Link RoannRamos TimIx Paula GlendaFerrer Cheng KlausWehrle conference HohlfeldIMC 2014 11 ACM Internet Measurement Conference accepted OliverHohlfeld EnricPujol FlorinCiucu AnjaFeldmann PaulBarford article 2014-cheng-acta-geodyn-geomater Acta Geodynamica et Geomaterialia 2014 10 8 11 4 1--12 Accelerometer and inclinometer are inertial sensors capable of measuring corresponding magnitude of Earth gravitational field along the direction of each axis. By means of rotation matrices related to inertial navigation methods, the output values of a three-dimensional accelerometer or a two-dimensional inclinometer can be transformed and processed into the azimuth and dip angle of the monitored target. With the rapid growth in development and cost reduction of Micro Electro Mechanical Systems (MEMS) and Wireless Sensor Network (WSN) in recent years, the engineers are able to carry out real-time wireless geotechnical monitoring during construction. In this paper, we set up a one-day measurement implemented by a self- developed wireless MEMS monitoring system on the surface in the construction site of South Hongmei Road super high way tunnel in Shanghai, by making use of rotation matrices in specific ways, the raw data are processed to expressions of three-dimensional normal vectors that represent the change of the ground. After unifying the vectors in the same coordinate system, we conduct a brief ground settlement analysis by means of an evaluation of the dip angles in the cross section and the azimuths of the sensor nodes. http://www.irsm.cas.cz/index_en.php?page=acta_detail_doi&id=96 Online Institute of Rock Structure and Mechanics of the ASCR, v.v.i.

Prague, Czech Republic

Online en 2336-4351 10.13168/AGG.2014.0015 1 ChengLi TomásFernández-Steeger Jó AgilaBitsch Link MatthiasMay RafigAzzam article HohlfeldCCR14 ACM SIGCOMM Computer Communication Review 2014 44 3 http://www.sigcomm.org/sites/default/files/ccr/papers/2014/July/0000000-0000013.pdf http://www.sigcomm.org/ccr/papers/2014/July ThomasKrenc OliverHohlfeld AnjaFeldmann article 2013-fernandez-ceriotti-bitsch-and-then-the-weekend-jsan Journal of Sensor and Actuator Networks 2013 3 11 2 1 156--171 Wireless Sensor Networks (WSNs) are versatile monitoring systems that can provide a large amount of real-time data in scenarios where wired infrastructures are inapplicable or expensive. This technology is expected to be handled by domain experts, who perceive a WSN as a (promised to be) easy to deploy black box. This work presents the deployment experience of a WSN, as conducted by domain experts, in a ground improvement area. Building upon off-the-shelf solutions, a fuel cell powered gateway and 21 sensor devices measuring acceleration, inclination, temperature and barometric pressure were installed to monitor ground subsidence. We report about how poor GSM service, malfunctioning hardware, unknown communication patterns and obscure proprietary software required in-field ad-hoc solutions. Through the lessons learned, we look forward to investigating how to make the deployment of these systems an easier task. sensor network deployment; experiences; in-field debugging http://www.mdpi.com/2224-2708/2/1/156 Online en 2224-2708 10.3390/jsan2010156 1 TomásFernández-Steeger MatteoCeriotti Jó AgilaBitsch Link MatthiasMay KlausHentschel KlausWehrle inproceedings 2012-IPIN-Peter-Versatile-Maps 2012 11 13 1--4 fileadmin/papers/2012/2012-bitsch-IPIN-vegemite.pdf http://www.surveying.unsw.edu.au/ipin2012/proceedings/session.php?code=6C&name=SLAM Online Li, Binghao Li and Gallagher, Thomas School of Surveying and Geospatial Engineering, University of New South Wales, Sydney, Australia Proceedings of the 2012 International Conference on Indoor Positioning and Indoor Navigation (IPIN), Sydney, Australia Sydney, Australia 2012 International Conference on Indoor Positioning and Indoor Navigation November 13--15, 2012 en 978-0-646-57851-4 1 MichaelPeter DieterFritsch BernhardtSchäfer AlfredKleusberg Jó AgilaBitsch Link KlausWehrle inproceedings 2010-bitsch-link-iq2s-burrowview 2010 3 29 56 -- 61 For a long time, life sciences were restricted to look at animal habitats only post-factum. Pervasive computing puts us in the novel position to gain live views. In this paper we present BurrowView, an application that tracks the movement of rats in their natural habitat and reconstructs the underground tunnel system. To make reliable statements, special consideration has been taken with regard to the information quality. Our system is able to reconstruct paths up to a resolution of 20 cm, the length of a rat without its tail. RatPack fileadmin/papers/2010/2010-03-IQ2S-link-burrowview.pdf http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5470603 Online IEEE

New York City, NY, USA

Proceedings of the Second IEEE International Workshop on Information Quality and Quality of Service for Pervasive Computing (IQ2S 2010), Mannheim, Germany IEEE Mannheim, Germany Second IEEE International Workshop on Information Quality and Quality of Service for Pervasive Computing (IQ2S 2010) March 29 to April 2, 2010 en 978-1-4244-6605-4 10.1109/PERCOMW.2010.5470603 1 Jó AgilaBitsch Link GregorFabritius Muhammad HamadAlizai KlausWehrle proceedings 2009-aktas-maple-ModeldrivenSupportforSourceCodeVariabilityinAutomotiveSoftwareEngineering-Workshop 2009 8 44-51 Variability on source code level in automotive soft- ware engineering is handled by C/C++ preprocessing directives. It provides fine-grained definition of variation points, but brings highly complex structures into the source code. The software gets more difficult to understand, to maintain and to integrate changes. Current approaches for modeling and managing vari- ability on source code do not consider the specific requirements of the automotive domain. To close this gap, we propose a model- driven approach to support software engineers in handling source code variability and configuration of software variants. For this purpose, a variability model is developed that is linked with the source code. Using this approach, a software engineer can shift work steps to the variability model in order to model and manage variation points and implement their variants in the source code. automotive software engineering; programming; model-driven engineering; variability modeling; Online CEUR 1st International Workshop on Model-driven Approaches in Software Product Line Engineering (MAPLE), San Francisco, CA, USA 1613-0073 1 CemMengi ChristianFuß RubenZimmermann IsmetAktas inproceedings securityforpervasivemedicalsensornetworks 2009 7 13 1 http://www.comsys.rwth-aachen.de/fileadmin/papers/2009/2009-garcia-mobiq.pdf Print IEEE Press

Washington, DC, USA

6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009), Toronto ICST/IEEE Toronto, CAN 6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009) en 978-963-9799-59-2 10.4108/ICST.MOBIQUITOUS2009.6832 1 OscarGarcia-Morchon ThomasFalck TobiasHeer KlausWehrle conference 200803riechemmvecluster 2008 3 18 9-13 Massively Multiplayer Online Games (MMOGs) have become increasingly popular in the last years. So far the distribution of load, caused by the players in these games, is not distributed dynamically. After the launch of a new game, the introduction of new content, during special ingame events, or also during normal operations, players tend to concentrate in certain regions of the game worlds and cause overload conditions. Therefore we propose the use of structured P2P technology for the server infrastructure of the MMOGs to improve the reliability and scalability. Previous work segmented the game work into rectangular areas; however this approach often split a group of players to different servers, causing additional overhead. This work presents a cluster-based Peer-to-Peer approach, which can be used for load balancing in MMOGs or in other virtual worlds. The system is able to dynamically adapt to the current state of the game and handle uneven distributions of the players in the game world. We show through simulation, also with traces from real online games, that the cluster-based approach performs better than the previous P2P-based systems, which split the world in rectangular areas. RWTH Aachen University - Distributed Systems Group http://www.pap.vs.uni-due.de/MMVE08/papers/proceedings.pdf http://www.pap.vs.uni-due.de/MMVE08/ Online Gregor Schiele, Daniel Weiskopf, Ben Leong, Shun-Yun Hu Proceedings of 1st International Workshop on Massively Multiuser Virtual Environments at IEEE Virtual Reality 2008 (MMVE 2008) Reno, Nevada, USA 1st International Workshop on Massively Multiuser Virtual Environments at IEEE Virtual Reality 2008 (MMVE 2008) March 8th, 2008 en 1 SimonRieche KlausWehrle MarcFouquet HeikoNiedermayer TimoTeifel GeorgCarle article 200812riecheIJAMCcluster International Journal of Advanced Media and Communication (IJAMC) 2008 2 4 351-363 In current Massively Multiplayer Online Games (MMOGs) the distribution of load is not distributed dynamically. But players tend to concentrate in certain regions of the game world and cause overload conditions. Therefore we propose the use of structured Peer-to-Peer technology for the server infrastructure of the MMOGs to improve the reliability and scalability. Previous work segmented the game work into rectangular areas but often split a group of players to different servers. This work presents a cluster-based P2P approach, which is able to dynamically adapt to the current state of the game and handle uneven distributions of players.Weshow through simulation, also with traces from real online games, that the cluster-based approach performs better than the previous P2P-based system. RWTH Aachen University - Distributed Systems Group http://www.inderscience.com/browse/index.php?journalID=67 print en 1462-4613 1 SimonRieche KlausWehrle MarcFouquet HeikoNiedermayer TimoTeifel GeorgCarle conference 200701riecheccncmmog 2007 1 11 763-767 Online games are an interesting challenge and chance for the future development of the Peer-to-Peer paradigm. Massively multiplayer online games (MMOGs) are becoming increasingly popular today. However, even high-budget titles like World of Warcraft that have gone through extensive betatesting suffer from downtimes because of hard- and software problems. Our approach is to use structured P2P technology for the server infrastructure of MMOGs to improve their reliability and scalability. Such P2P networks are also able to adapt to the current state of the game and handle uneven distributions of the players in the game world. Another feature of our approach is being able to add supplementary servers at runtime. Our system allows using off-the-shelf PCs as infrastructure peers for participation in different game worlds as needed. Due to the nature of the Economy of Scale the same number of hosts will provide a better service than dedicated servers for each game world. RWTH Aachen University - Distributed Systems Group http://ieeexplore.ieee.org/xpls/abs_all.jsp?isnumber=4199088&arnumber=4199243&count=254&index=154 http://www.ieee-ccnc.org/2007/ Print IEEE Press Proceedings of 4th Annual IEEE Consumer Communications and Networking Conference (CCNC 2007) IEEE Las Vegas, Nevada, USA 4th Annual IEEE Consumer Communications and Networking Conference (CCNC 2007) 11-13 January 2007 en 1-4244-0667-6 10.1109/CCNC.2007.155 1 SimonRieche KlausWehrle MarcFouquet HeikoNiedermayer LeoPetrak GeorgCarle techreport 200608riechetrmmog 2006 8 WSI-2006-04 Online games are an interesting challenge and chance for the future development of the Peer-to-Peer paradigm. Massively multiplayer online games (MMOGs) are becoming increasingly popular today. However, even high-budget titles like World of Warcraft that have gone through extensive beta-testing suffer from downtimes because of hard- and software problems. Our approach is to use structured P2P technology for the server infrastructure of MMOGs to improve their reliability and scalability. Such P2P networks are also able to adapt to the current state of the game and handle uneven distributions of the players in the game world. Another feature of our approach is being able to add supplementary servers at runtime. Our system allows using off-the-shelf PCs as infrastructure peers for participation in different game worlds as needed. Due to the nature of the Economy of Scale the same number of hosts will provide a better service than dedicated servers for each game world. RWTH Aachen University - Distributed Systems Group http://www.rieche.net/pdf/wsi-2006-04.pdf Online

Tübingen, Germany

Wilhelm-Schickard-Institute for Computer Science, University of Tübingen Technical Report en SimonRieche MarcFouquet HeikoNiedermayer LeoPetrak KlausWehrle GeorgCarle inproceedings 200507riecheipgames 2005 3 Massively multiplayer games are becoming increasingly popular today. However, even high-budget titles suffer from downtimes because of hard- and software problems. Our approach is to use structured Peer-to-Peer technology for the server infrastructure of massively multiplayer online games, which improves reliability and scalability of these applications. 5. Würzburger "Workshop IP Netzmanagement, IP Netzplanung und Optimierung" Würzburg, Germany 5. Würzburger "Workshop IP Netzmanagement, IP Netzplanung und Optimierung" March 2005 SimonRieche MarcFouquet HeikoNiedermayer KlausWehrle GeorgCarle