% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-04-25 % Creation time: 09-36-56 % --- Number of references % 104 % @Article { 2024_lohmoeller_sovereignty-survey, title = {The Unresolved Need for Dependable Guarantees on Security, Sovereignty, and Trust in Data Ecosystems}, journal = {Data \& Knowledge Engineering}, year = {2024}, month = {5}, day = {1}, volume = {151}, abstract = {Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning their reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts.}, keywords = {Data sharing; Confidentiality; Integrity protection; Data Markets; Distributed databases}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-data-sovereignty-survey.pdf}, publisher = {Elsevier}, ISSN = {0169-023X}, DOI = {10.1016/j.datak.2024.102301}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Pennekamp, Jan and Matzutt, Roman and Schneider, Carolin Victoria and Vlad, Eduard and Trautwein, Christian and Wehrle, Klaus} } @Incollection { 2024_pennekamp_blockchain-industry, title = {Blockchain Technology Accelerating Industry 4.0}, year = {2024}, month = {3}, day = {7}, volume = {105}, pages = {531-564}, abstract = {Competitive industrial environments impose significant requirements on data sharing as well as the accountability and verifiability of related processes. Here, blockchain technology emerges as a possible driver that satisfies demands even in settings with mutually distrustful stakeholders. We identify significant benefits achieved by blockchain technology for Industry 4.0 but also point out challenges and corresponding design options when applying blockchain technology in the industrial domain. Furthermore, we survey diverse industrial sectors to shed light on the current intersection between blockchain technology and industry, which provides the foundation for ongoing as well as upcoming research. As industrial blockchain applications are still in their infancy, we expect that new designs and concepts will develop gradually, creating both supporting tools and groundbreaking innovations.}, tags = {internet-of-production}, publisher = {Springer}, series = {Advances in Information Security}, chapter = {17}, booktitle = {Blockchains – A Handbook on Fundamentals, Platforms and Applications}, ISBN = {978-3-031-32145-0}, DOI = {10.1007/978-3-031-32146-7_17}, reviewed = {1}, author = {Pennekamp, Jan and Bader, Lennart and Wagner, Eric and Hiller, Jens and Matzutt, Roman and Wehrle, Klaus} } @Incollection { 2024_matzutt_blockchain-content, title = {Illicit Blockchain Content – Its Different Shapes, Consequences, and Remedies}, year = {2024}, month = {3}, day = {7}, volume = {105}, pages = {301-336}, abstract = {Augmenting public blockchains with arbitrary, nonfinancial content fuels novel applications that facilitate the interactions between mutually distrusting parties. However, new risks emerge at the same time when illegal content is added. This chapter thus provides a holistic overview of the risks of content insertion as well as proposed countermeasures. We first establish a simple framework for how content is added to the blockchain and subsequently distributed across the blockchain’s underlying peer-to-peer network. We then discuss technical as well as legal implications of this form of content distribution and give a systematic overview of basic methods and high-level services for inserting arbitrary blockchain content. Afterward, we assess to which extent these methods and services have been used in the past on the blockchains of Bitcoin Core, Bitcoin Cash, and Bitcoin SV, respectively. Based on this assessment of the current state of (unwanted) blockchain content, we discuss (a) countermeasures to mitigate its insertion, (b) how pruning blockchains relates to this issue, and (c) how strategically weakening the otherwise desired immutability of a blockchain allows for redacting objectionable content. We conclude this chapter by identifying future research directions in the domain of blockchain content insertion.}, keywords = {Blockchain content insertion; Illicit content; Pruning; Redaction}, publisher = {Springer}, series = {Advances in Information Security}, chapter = {10}, booktitle = {Blockchains – A Handbook on Fundamentals, Platforms and Applications}, ISBN = {978-3-031-32145-0}, DOI = {10.1007/978-3-031-32146-7_10}, reviewed = {1}, author = {Matzutt, Roman and Henze, Martin and M{\"u}llmann, Dirk and Wehrle, Klaus} } @Article { 2024_pennekamp_supply-chain-survey, title = {An Interdisciplinary Survey on Information Flows in Supply Chains}, journal = {ACM Computing Surveys}, year = {2024}, month = {2}, day = {1}, volume = {56}, number = {2}, abstract = {Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.}, keywords = {information flows; data communication; supply chain management; data security; data sharing; systematic literature review}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf}, publisher = {ACM}, ISSN = {0360-0300}, DOI = {10.1145/3606693}, reviewed = {1}, author = {Pennekamp, Jan and Matzutt, Roman and Klinkm{\"u}ller, Christopher and Bader, Lennart and Serror, Martin and Wagner, Eric and Malik, Sidra and Spi{\ss}, Maria and Rahn, Jessica and G{\"u}rpinar, Tan and Vlad, Eduard and Leemans, Sander J. J. and Kanhere, Salil S. and Stich, Volker and Wehrle, Klaus} } @Article { 2024_pennekamp_supply-chain-sensing, title = {Securing Sensing in Supply Chains: Opportunities, Building Blocks, and Designs}, journal = {IEEE Access}, year = {2024}, month = {1}, day = {8}, volume = {12}, pages = {9350-9368}, abstract = {Supply chains increasingly develop toward complex networks, both technically in terms of devices and connectivity, and also anthropogenic with a growing number of actors. The lack of mutual trust in such networks results in challenges that are exacerbated by stringent requirements for shipping conditions or quality, and where actors may attempt to reduce costs or cover up incidents. In this paper, we develop and comprehensively study four scenarios that eventually lead to end-to-end-secured sensing in complex IoT-based supply chains with many mutually distrusting actors, while highlighting relevant pitfalls and challenges—details that are still missing in related work. Our designs ensure that sensed data is securely transmitted and stored, and can be verified by all parties. To prove practical feasibility, we evaluate the most elaborate design with regard to performance, cost, deployment, and also trust implications on the basis of prevalent (mis)use cases. Our work enables a notion of secure end-to-end sensing with minimal trust across the system stack, even for complex and opaque supply chain networks.}, keywords = {blockchain technology; reliability; security; trust management; trusted computing; trusted execution environments}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-secure-sensing.pdf}, ISSN = {2169-3536}, DOI = {10.1109/ACCESS.2024.3350778}, reviewed = {1}, author = {Pennekamp, Jan and Alder, Fritz and Bader, Lennart and Scopelliti, Gianluca and Wehrle, Klaus and M{\"u}hlberg, Jan Tobias} } @Inproceedings { 2024-dahlmanns-fps, title = {Collectively Enhancing IoT Security: A Privacy-Aware Crowd-Sourcing Approach}, year = {2024}, volume = {14551}, abstract = {Security configurations remain challenging for trained administrators. Nowadays, due to the advent of the Internet of Things (IoT), untrained users operate numerous and heterogeneous Internet-facing services in manifold use case-specific scenarios. In this work, we close the growing gap between the complexity of IoT security configuration and the expertise of the affected users. To this end, we propose ColPSA, a platform for collective and privacy-aware security advice that allows users to optimize their configuration by exchanging information about what security can be realized given their IoT deployment and scenario.}, editor = {Mohamed Mosbah, Florence S{\`e}des, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens, Joaquin Garcia-Alfaro}, publisher = {Springer Cham}, series = {Lecture Notes in Computer Science}, booktitle = {Proceedings of the 16th International Symposium on Foundations and Practice of Security (FPS '23), December 11-13, 2023, Bordeaux, France}, event_place = {Bordeaux, France}, event_name = {International Symposium on Foundations and Practice of Security 2023 (FPS 23)}, event_date = {December 11-13, 2023}, state = {unpublished}, DOI = {10.1007/978-3-031-57540-2_2}, reviewed = {1}, author = {Dahlmanns, Markus and Matzutt, Roman and Dax, Chris and Wehrle, Klaus} } @Inproceedings { 2023_matzutt_street_problems, title = {Poster: Accountable Processing of Reported Street Problems}, year = {2023}, month = {11}, day = {27}, pages = {3591-3593}, abstract = {Municipalities increasingly depend on citizens to file digital reports about issues such as potholes or illegal trash dumps to improve their response time. However, the responsible authorities may be incentivized to ignore certain reports, e.g., when addressing them inflicts high costs. In this work, we explore the applicability of blockchain technology to hold authorities accountable regarding filed reports. Our initial assessment indicates that our approach can be extended to benefit citizens and authorities in the future.}, keywords = {street problems; accountability; consortium blockchain; privacy}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-matzutt-street-problems.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23), November 26-30, 2023, Copenhagen, Denmark}, event_place = {Copenhagen, Denmark}, event_date = {November 26-30, 2023}, ISBN = {979-8-4007-0050-7/23/11}, DOI = {10.1145/3576915.3624367}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Wehrle, Klaus} } @Inproceedings { 2023-redefine-mpc-cosimulation, title = {Delay-aware Model Predictive Control for Fast Frequency Control}, journal = {Proceedings of the 14th IEEE International Conference on Smart Grid Communications (SmartGridComm 2023)}, year = {2023}, month = {10}, tags = {redefine}, publisher = {IEEE}, booktitle = {Proceedings of the 14th IEEE International Conference on Smart Grid Communications (SmartGridComm 2023)}, state = {accepted}, reviewed = {1}, author = {Heins, Tobias and Glebke, Ren{\'e} and Stoffers, Mirko and Gurumurthy, Sriram and Heesemann, Jan and Josevski, Martina and Monti, Antonello and Wehrle, Klaus} } @Inproceedings { 2023_bodenbenner_fairsensor, title = {FAIR Sensor Ecosystem: Long-Term (Re-)Usability of FAIR Sensor Data through Contextualization}, year = {2023}, month = {7}, day = {20}, abstract = {The long-term utility and reusability of measurement data from production processes depend on the appropriate contextualization of the measured values. These requirements further mandate that modifications to the context need to be recorded. To be (re-)used at all, the data must be easily findable in the first place, which requires arbitrary filtering and searching routines. Following the FAIR guiding principles, fostering findable, accessible, interoperable and reusable (FAIR) data, in this paper, the FAIR Sensor Ecosystem is proposed, which provides a contextualization middleware based on a unified data metamodel. All information and relations which might change over time are versioned and associated with temporal validity intervals to enable full reconstruction of a system's state at any point in time. A technical validation demonstrates the correctness of the FAIR Sensor Ecosystem, including its contextualization model and filtering techniques. State-of-the-art FAIRness assessment frameworks rate the proposed FAIR Sensor Ecosystem with an average FAIRness of 71\%. The obtained rating can be considered remarkable, as deductions mainly result from the lack of fully appropriate FAIRness metrics and the absence of relevant community standards for the domain of the manufacturing industry.}, keywords = {FAIR Data; Cyber-Physical Systems; Data Management; Data Contextualization; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-bodenbenner-fair-ecosystem.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 21th IEEE International Conference on Industrial Informatics (INDIN '23), July 17-20, 2023, Lemgo, Germany}, event_place = {Lemgo, Germany}, event_date = {July 17-20, 2023}, ISBN = {978-1-6654-9313-0}, ISSN = {2378-363X}, DOI = {10.1109/INDIN51400.2023.10218149}, reviewed = {1}, author = {Bodenbenner, Matthias and Pennekamp, Jan and Montavon, Benjamin and Wehrle, Klaus and Schmitt, Robert H.} } @Article { Jakobs_2023_3, title = {Preserving the Royalty-Free Standards Ecosystem}, journal = {European Intellectual Property Review}, year = {2023}, month = {7}, volume = {45}, number = {7}, pages = {371-375}, abstract = {It has long been recognized in Europe and elsewhere that standards-development organizations (SDOs) may adopt policies that require their participants to license patents essential to the SDO’s standards (standards-essential patents or SEPs) to manufacturers of standardized products (“implementers”) on a royalty-free (RF) basis. This requirement contrasts with SDO policies that permit SEP holders to charge implementers monetary patent royalties, sometimes on terms that are specified as “fair, reasonable and nondiscriminatory” (FRAND). As demonstrated by two decades of intensive litigation around the world, FRAND royalties have given rise to intractable disputes regarding the manner in which such royalties should be calculated and adjudicated. In contrast, standards distributed on an RF basis are comparatively free from litigation and the attendant transaction costs. Accordingly, numerous SDOs around the world have adopted RF licensing policies and many widely adopted standards, including Bluetooth, USB, IPv6, HTTP, HTML and XML, are distributed on an RF basis. This note briefly discusses the commercial considerations surrounding RF standards, the relationship between RF standards and open source software (OSS) and the SDO policy mechanisms – including “universal reciprocity” -- that enable RF licensing to succeed in the marketplace.}, ISSN = {0142-0461}, DOI = {10.2139/ssrn.4235647}, reviewed = {1}, author = {Contreras, Jorge and Bekkers, Rudi and Biddle, Brad and Bonadio, Enrico and Carrier, Michael A. and Chao, Bernard and Duan, Charles and Gilbert, Richard and Henkel, Joachim and Hovenkamp, Erik and Husovec, Martin and Jakobs, Kai and Kim, Dong-hyu and Lemley, Mark A. and Love, Brian J. and McDonagh, Luke and Scott Morton, Fiona M. and Schultz, Jason and Simcoe, Timothy and Urban, Jennifer M. and Xiang, Joy Y} } @Incollection { 2023_rueppel_crd-b2.ii, title = {Model-Based Controlling Approaches for Manufacturing Processes}, year = {2023}, month = {2}, day = {8}, pages = {221-246}, abstract = {The main objectives in production technology are quality assurance, cost reduction, and guaranteed process safety and stability. Digital shadows enable a more comprehensive understanding and monitoring of processes on shop floor level. Thus, process information becomes available between decision levels, and the aforementioned criteria regarding quality, cost, or safety can be included in control decisions for production processes. The contextual data for digital shadows typically arises from heterogeneous sources. At shop floor level, the proximity to the process requires usage of available data as well as domain knowledge. Data sources need to be selected, synchronized, and processed. Especially high-frequency data requires algorithms for intelligent distribution and efficient filtering of the main information using real-time devices and in-network computing. Real-time data is enriched by simulations, metadata from product planning, and information across the whole process chain. Well-established analytical and empirical models serve as the base for new hybrid, gray box approaches. These models are then applied to optimize production process control by maximizing the productivity under given quality and safety constraints. To store and reuse the developed models, ontologies are developed and a data lake infrastructure is utilized and constantly enlarged laying the basis for a World Wide Lab (WWL). Finally, closing the control loop requires efficient quality assessment, immediately after the process and directly on the machine. This chapter addresses works in a connected job shop to acquire data, identify and optimize models, and automate systems and their deployment in the Internet of Production (IoP).}, keywords = {Process control; Model-based control; Data aggregation; Model identification; Model optimization}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-rueppel-iop-b2.i.pdf}, publisher = {Springer}, series = {Interdisciplinary Excellence Accelerator Series}, booktitle = {Internet of Production: Fundamentals, Applications and Proceedings}, ISBN = {978-3-031-44496-8}, DOI = {10.1007/978-3-031-44497-5_7}, reviewed = {1}, author = {R{\"u}ppel, Adrian Karl and Ay, Muzaffer and Biernat, Benedikt and Kunze, Ike and Landwehr, Markus and Mann, Samuel and Pennekamp, Jan and Rabe, Pascal and Sanders, Mark P. and Scheurenberg, Dominik and Schiller, Sven and Xi, Tiandong and Abel, Dirk and Bergs, Thomas and Brecher, Christian and Reisgen, Uwe and Schmitt, Robert H. and Wehrle, Klaus} } @Incollection { 2023_pennekamp_crd-a.i, title = {Evolving the Digital Industrial Infrastructure for Production: Steps Taken and the Road Ahead}, year = {2023}, month = {2}, day = {8}, pages = {35-60}, abstract = {The Internet of Production (IoP) leverages concepts such as digital shadows, data lakes, and a World Wide Lab (WWL) to advance today’s production. Consequently, it requires a technical infrastructure that can support the agile deployment of these concepts and corresponding high-level applications, which, e.g., demand the processing of massive data in motion and at rest. As such, key research aspects are the support for low-latency control loops, concepts on scalable data stream processing, deployable information security, and semantically rich and efficient long-term storage. In particular, such an infrastructure cannot continue to be limited to machines and sensors, but additionally needs to encompass networked environments: production cells, edge computing, and location-independent cloud infrastructures. Finally, in light of the envisioned WWL, i.e., the interconnection of production sites, the technical infrastructure must be advanced to support secure and privacy-preserving industrial collaboration. To evolve today’s production sites and lay the infrastructural foundation for the IoP, we identify five broad streams of research: (1) adapting data and stream processing to heterogeneous data from distributed sources, (2) ensuring data interoperability between systems and production sites, (3) exchanging and sharing data with different stakeholders, (4) network security approaches addressing the risks of increasing interconnectivity, and (5) security architectures to enable secure and privacy-preserving industrial collaboration. With our research, we evolve the underlying infrastructure from isolated, sparsely networked production sites toward an architecture that supports high-level applications and sophisticated digital shadows while facilitating the transition toward a WWL.}, keywords = {Cyber-physical production systems; Data streams; Industrial data processing; Industrial network security; Industrial data security; Secure industrial collaboration}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-iop-a.i.pdf}, publisher = {Springer}, series = {Interdisciplinary Excellence Accelerator Series}, booktitle = {Internet of Production: Fundamentals, Applications and Proceedings}, ISBN = {978-3-031-44496-8}, DOI = {10.1007/978-3-031-44497-5_2}, reviewed = {1}, author = {Pennekamp, Jan and Belova, Anastasiia and Bergs, Thomas and Bodenbenner, Matthias and B{\"u}hrig-Polaczek, Andreas and Dahlmanns, Markus and Kunze, Ike and Kr{\"o}ger, Moritz and Geisler, Sandra and Henze, Martin and L{\"u}tticke, Daniel and Montavon, Benjamin and Niemietz, Philipp and Ortjohann, Lucia and Rudack, Maximilian and Schmitt, Robert H. and Vroomen, Uwe and Wehrle, Klaus and Zeng, Michael} } @Incollection { 2023_klugewilkes_crd-b2.iv, title = {Modular Control and Services to Operate Line-less Mobile Assembly Systems}, year = {2023}, month = {2}, day = {8}, pages = {303-328}, abstract = {The increasing product variability and lack of skilled workers demand for autonomous, flexible production. Since assembly is considered a main cost driver and accounts for a major part of production time, research focuses on new technologies in assembly. The paradigm of Line-less Mobile Assembly Systems (LMAS) provides a solution for the future of assembly by mobilizing all resources. Thus, dynamic product routes through spatiotemporally configured assembly stations on a shop floor free of fixed obstacles are enabled. In this chapter, we present research focal points on different levels of LMAS, starting with the macroscopic level of formation planning, followed by the mesoscopic level of mobile robot control and multipurpose input devices and the microscopic level of services, such as interpreting autonomous decisions and in-network computing. We provide cross-level data and knowledge transfer through a novel ontology-based knowledge management. Overall, our work contributes to future safe and predictable human-robot collaboration in dynamic LMAS stations based on accurate online formation and motion planning of mobile robots, novel human-machine interfaces and networking technologies, as well as trustworthy AI-based decisions.}, keywords = {Lineless mobile assembly systems (LMAS); Formation planning; Online motion planning; In-network computing; Interpretable AI; Human-machine collaboration; Ontology-based knowledge management}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-klugewilkes-iop-b2.iv.pdf}, publisher = {Springer}, series = {Interdisciplinary Excellence Accelerator Series}, booktitle = {Internet of Production: Fundamentals, Applications and Proceedings}, ISBN = {978-3-031-44496-8}, DOI = {10.1007/978-3-031-44497-5_13}, reviewed = {1}, author = {Kluge-Wilkes, Aline and Baier, Ralph and Gossen, Daniel and Kunze, Ike and M{\"u}ller, Aleksandra and Shahidi, Amir and Wolfschl{\"a}ger, Dominik and Brecher, Christian and Corves, Burkhard and H{\"u}sing, Mathias and Nitsch, Verena and Schmitt, Robert H. and Wehrle, Klaus} } @Inproceedings { 2022-rechenberg-cim, title = {Guiding Ship Navigators through the Heavy Seas of Cyberattacks}, year = {2022}, month = {10}, keywords = {Maritime Cybersecurity, Intrusion Detection System, Integrated Bridge System, IEC 61162-450, NMEA 0183}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-rechenberg-guiding.pdf}, web_url = {https://zenodo.org/record/7148794}, publisher = {Zenodo}, booktitle = {European Workshop on Maritime Systems Resilience and Security (MARESEC 2022)}, event_place = {Bremerhaven, Germany}, DOI = {10.5281/zenodo.7148794}, reviewed = {1}, author = {von Rechenberg, Merlin and R{\"o}{\ss}ler, Nina and Schmidt, Mari and Wolsing, Konrad and Motz, Florian and Bergmann, Michael and Padilla, Elmar and Bauer, Jan} } @Inproceedings { 2022_lohmoeller_sovereignty, title = {On the Need for Strong Sovereignty in Data Ecosystems}, year = {2022}, month = {9}, day = {5}, volume = {3306}, pages = {51-63}, abstract = {Data ecosystems are the foundation of emerging data-driven business models as they (i) enable an automated exchange between their participants and (ii) provide them with access to huge and heterogeneous data sources. However, the corresponding benefits come with unforeseen risks as also sensitive information is potentially exposed. Consequently, data security is of utmost importance and, thus, a central requirement for the successful implementation of these ecosystems. Current initiatives, such as IDS and GAIA-X, hence foster sovereign participation via a federated infrastructure where participants retain local control. However, these designs place significant trust in remote infrastructure by mostly implementing organizational security measures such as certification processes prior to admission of a participant. At the same time, due to the sensitive nature of involved data, participants are incentivized to bypass security measures to maximize their own benefit: In practice, this issue significantly weakens sovereignty guarantees. In this paper, we hence claim that data ecosystems must be extended with technical means to reestablish such guarantees. To underpin our position, we analyze promising building blocks and identify three core research directions toward stronger data sovereignty, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. We conclude that these directions are critical to securely implement data ecosystems in data-sensitive contexts.}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-lohmoeller-deco.pdf}, publisher = {CEUR Workshop Proceedings}, booktitle = {Proceedings of the 1st International Workshop on Data Ecosystems (DEco '22), co-located with the 48th International Conference on Very Large Databases (VLDB '22), September 5-9, 2022, Sydney, Australia,}, event_place = {Sydney, Australia}, event_name = {International Workshop on Data Ecosystems (DEco '22)}, event_date = {September 5, 2022}, ISSN = {1613-0073}, reviewed = {1}, author = {Lohm{\"o}ller, Johannes and Pennekamp, Jan and Matzutt, Roman and Wehrle, Klaus} } @Article { 2022-henze-tii-prada, title = {Complying with Data Handling Requirements in Cloud Storage Systems}, journal = {IEEE Transactions on Cloud Computing}, year = {2022}, month = {9}, volume = {10}, number = {3}, pages = {1661-1674}, abstract = {In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today’s cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with data handling requirements becomes a crucial property for cloud storage systems. We present Prada , a practical approach to account for compliance with data handling requirements in key-value based cloud storage systems. To achieve this goal, Prada introduces a transparent data handling layer, which empowers clients to request specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement Prada on top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage systems is practical in real-world cloud deployments as used for microblogging, data sharing in the Internet of Things, and distributed email storage.}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-henze-tii-prada.pdf}, misc2 = {Online}, language = {en}, ISSN = {2168-7161}, DOI = {10.1109/TCC.2020.3000336}, reviewed = {1}, author = {Henze, Martin and Matzutt, Roman and Hiller, Jens and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and van der Giet, Johannes and Wehrle, Klaus} } @Inproceedings { 2022_wagner_ccchain, title = {Scalable and Privacy-Focused Company-Centric Supply Chain Management}, year = {2022}, month = {5}, day = {4}, abstract = {Blockchain technology promises to overcome trust and privacy concerns inherent to centralized information sharing. However, current decentralized supply chain management systems do either not meet privacy and scalability requirements or require a trustworthy consortium, which is challenging for increasingly dynamic supply chains with constantly changing participants. In this paper, we propose CCChain, a scalable and privacy-aware supply chain management system that stores all information locally to give companies complete sovereignty over who accesses their data. Still, tamper protection of all data through a permissionless blockchain enables on-demand tracking and tracing of products as well as reliable information sharing while affording the detection of data inconsistencies. Our evaluation confirms that CCChain offers superior scalability in comparison to alternatives while also enabling near real-time tracking and tracing for many, less complex products.}, keywords = {supply chain management; blockchain; permissionless; deployment; tracing and tracking; privacy}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wagner-ccchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805503}, reviewed = {1}, author = {Wagner, Eric and Matzutt, Roman and Pennekamp, Jan and Bader, Lennart and Bajelidze, Irakli and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_matzutt_redactchain, title = {A Moderation Framework for the Swift and Transparent Removal of Illicit Blockchain Content}, year = {2022}, month = {5}, day = {3}, abstract = {Blockchains gained tremendous attention for their capability to provide immutable and decentralized event ledgers that can facilitate interactions between mutually distrusting parties. However, precisely this immutability and the openness of permissionless blockchains raised concerns about the consequences of illicit content being irreversibly stored on them. Related work coined the notion of redactable blockchains, which allow for removing illicit content from their history without affecting the blockchain's integrity. While honest users can safely prune identified content, current approaches either create trust issues by empowering fixed third parties to rewrite history, cannot react quickly to reported content due to using lengthy public votings, or create large per-redaction overheads. In this paper, we instead propose to outsource redactions to small and periodically exchanged juries, whose members can only jointly redact transactions using chameleon hash functions and threshold cryptography. Multiple juries are active at the same time to swiftly redact reported content. They oversee their activities via a global redaction log, which provides transparency and allows for appealing and reversing a rogue jury's decisions. Hence, our approach establishes a framework for the swift and transparent moderation of blockchain content. Our evaluation shows that our moderation scheme can be realized with feasible per-block and per-redaction overheads, i.e., the redaction capabilities do not impede the blockchain's normal operation.}, keywords = {redactable blockchain; illicit content; chameleon hash functions; threshold cryptography}, tags = {mynedata; impact-digital; digital-campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-matzutt-redactchain.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC '22), May 2-5, 2022, Shanghai, China}, event_place = {Shanghai, China}, event_date = {May 2-5, 2022}, ISBN = {978-1-6654-9538-7/22}, DOI = {10.1109/ICBC54727.2022.9805508}, reviewed = {1}, author = {Matzutt, Roman and Ahlrichs, Vincent and Pennekamp, Jan and Karwacik, Roman and Wehrle, Klaus} } @Article { 2022_brauner_iop, title = {A Computer Science Perspective on Digital Transformation in Production}, journal = {ACM Transactions on Internet of Things}, year = {2022}, month = {5}, day = {1}, volume = {3}, number = {2}, abstract = {The Industrial Internet-of-Things (IIoT) promises significant improvements for the manufacturing industry by facilitating the integration of manufacturing systems by Digital Twins. However, ecological and economic demands also require a cross-domain linkage of multiple scientific perspectives from material sciences, engineering, operations, business, and ergonomics, as optimization opportunities can be derived from any of these perspectives. To extend the IIoT to a true Internet of Production, two concepts are required: first, a complex, interrelated network of Digital Shadows which combine domain-specific models with data-driven AI methods; and second, the integration of a large number of research labs, engineering, and production sites as a World Wide Lab which offers controlled exchange of selected, innovation-relevant data even across company boundaries. In this article, we define the underlying Computer Science challenges implied by these novel concepts in four layers: Smart human interfaces provide access to information that has been generated by model-integrated AI. Given the large variety of manufacturing data, new data modeling techniques should enable efficient management of Digital Shadows, which is supported by an interconnected infrastructure. Based on a detailed analysis of these challenges, we derive a systematized research roadmap to make the vision of the Internet of Production a reality.}, keywords = {Internet of Production; World Wide Lab; Digital Shadows; Industrial Internet of Things}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-brauner-digital-transformation.pdf}, publisher = {ACM}, ISSN = {2691-1914}, DOI = {10.1145/3502265}, reviewed = {1}, author = {Brauner, Philipp and Dalibor, Manuela and Jarke, Matthias and Kunze, Ike and Koren, Istv{\'a}n and Lakemeyer, Gerhard and Liebenberg, Martin and Michael, Judith and Pennekamp, Jan and Quix, Christoph and Rumpe, Bernhard and van der Aalst, Wil and Wehrle, Klaus and Wortmann, Andreas and Ziefle, Martina} } @Techreport { draft-irtf-coinrg-use-cases-02, title = {Use Cases for In-Network Computing}, year = {2022}, month = {3}, number = {draft-irtf-coinrg-use-cases-02}, note = {expires: 8 September 2022 (work in progress)}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/draft-irtf-coinrg-use-cases-02.pdf}, web_url = {https://datatracker.ietf.org/doc/draft-irtf-coinrg-use-cases/}, misc2 = {Online}, publisher = {IETF Trust}, series = {Internet Drafts}, organization = {Internet Engineering Task Force}, institution = {Internet Engineering Task Force}, author = {Kunze, Ike and Wehrle, Klaus and Trossen, Dirk and Montpetit, Marie-Jos{\'e} and de Foy, Xavier and Griffin, David and Rio, Miguel} } @Inproceedings { 2021_mitseva_sequences, title = {POSTER: How Dangerous is My Click? Boosting Website Fingerprinting By Considering Sequences of Webpages}, year = {2021}, month = {11}, day = {17}, pages = {2411-2413}, abstract = {Website fingerprinting (WFP) is a special case of traffic analysis, where a passive attacker infers information about the content of encrypted and anonymized connections by observing patterns of data flows. Although modern WFP attacks pose a serious threat to online privacy of users, including Tor users, they usually aim to detect single pages only. By ignoring the browsing behavior of users, the attacker excludes valuable information: users visit multiple pages of a single website consecutively, e.g., by following links. In this paper, we propose two novel methods that can take advantage of the consecutive visits of multiple pages to detect websites. We show that two up to three clicks within a site allow attackers to boost the accuracy by more than 20\% and to dramatically increase the threat to users' privacy. We argue that WFP defenses have to consider this new dimension of the attack surface.}, keywords = {Traffic Analysis; Website Fingerprinting; Web Privacy}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mitseva-fingerprinting-sequences.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea}, event_place = {Seoul, Korea}, event_date = {November 15-19, 2021}, ISBN = {978-1-4503-8454-4/21/11}, DOI = {10.1145/3460120.3485347}, reviewed = {1}, author = {Mitseva, Asya and Pennekamp, Jan and Lohm{\"o}ller, Johannes and Ziemann, Torsten and Hoerchner, Carl and Wehrle, Klaus and Panchenko, Andriy} } @Article { 2021_pennekamp_accountable_manufacturing, title = {The Road to Accountable and Dependable Manufacturing}, journal = {Automation}, year = {2021}, month = {9}, day = {13}, volume = {2}, number = {3}, pages = {202-219}, abstract = {The Internet of Things provides manufacturing with rich data for increased automation. Beyond company-internal data exploitation, the sharing of product and manufacturing process data along and across supply chains enables more efficient production flows and product lifecycle management. Even more, data-based automation facilitates short-lived ad hoc collaborations, realizing highly dynamic business relationships for sustainable exploitation of production resources and capacities. However, the sharing and use of business data across manufacturers and with end customers add requirements on data accountability, verifiability, and reliability and needs to consider security and privacy demands. While research has already identified blockchain technology as a key technology to address these challenges, current solutions mainly evolve around logistics or focus on established business relationships instead of automated but highly dynamic collaborations that cannot draw upon long-term trust relationships. We identify three open research areas on the road to such a truly accountable and dependable manufacturing enabled by blockchain technology: blockchain-inherent challenges, scenario-driven challenges, and socio-economic challenges. Especially tackling the scenario-driven challenges, we discuss requirements and options for realizing a blockchain-based trustworthy information store and outline its use for automation to achieve a reliable sharing of product information, efficient and dependable collaboration, and dynamic distributed markets without requiring established long-term trust.}, keywords = {blockchain; supply chain management; Industry 4.0; manufacturing; secure industrial collaboration; scalability; Industrial Internet of Things; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-manufacturing.pdf}, publisher = {MDPI}, ISSN = {2673-4052}, DOI = {10.3390/automation2030013}, reviewed = {1}, author = {Pennekamp, Jan and Matzutt, Roman and Kanhere, Salil S. and Hiller, Jens and Wehrle, Klaus} } @Article { 2021_matzutt_coinprune_v2, title = {CoinPrune: Shrinking Bitcoin's Blockchain Retrospectively}, journal = {IEEE Transactions on Network and Service Management}, year = {2021}, month = {9}, day = {10}, volume = {18}, number = {3}, pages = {3064-3078}, abstract = {Popular cryptocurrencies continue to face serious scalability issues due to their ever-growing blockchains. Thus, modern blockchain designs began to prune old blocks and rely on recent snapshots for their bootstrapping processes instead. Unfortunately, established systems are often considered incapable of adopting these improvements. In this work, we present CoinPrune, our block-pruning scheme with full Bitcoin compatibility, to revise this popular belief. CoinPrune bootstraps joining nodes via snapshots that are periodically created from Bitcoin's set of unspent transaction outputs (UTXO set). Our scheme establishes trust in these snapshots by relying on CoinPrune-supporting miners to mutually reaffirm a snapshot's correctness on the blockchain. This way, snapshots remain trustworthy even if adversaries attempt to tamper with them. Our scheme maintains its retrospective deployability by relying on positive feedback only, i.e., blocks containing invalid reaffirmations are not rejected, but invalid reaffirmations are outpaced by the benign ones created by an honest majority among CoinPrune-supporting miners. Already today, CoinPrune reduces the storage requirements for Bitcoin nodes by two orders of magnitude, as joining nodes need to fetch and process only 6 GiB instead of 271 GiB of data in our evaluation, reducing the synchronization time of powerful devices from currently 7 h to 51 min, with even larger potential drops for less powerful devices. CoinPrune is further aware of higher-level application data, i.e., it conserves otherwise pruned application data and allows nodes to obfuscate objectionable and potentially illegal blockchain content from their UTXO set and the snapshots they distribute.}, keywords = {blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin}, tags = {mynedata; impact_digital; digital_campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-matzutt-coinprune-v2.pdf}, language = {English}, ISSN = {1932-4537}, DOI = {10.1109/TNSM.2021.3073270}, reviewed = {1}, author = {Matzutt, Roman and Kalde, Benedikt and Pennekamp, Jan and Drichel, Arthur and Henze, Martin and Wehrle, Klaus} } @Inproceedings { 2021_mangel_reshare, title = {Data Reliability and Trustworthiness through Digital Transmission Contracts}, year = {2021}, month = {6}, day = {8}, volume = {12731}, pages = {265-283}, abstract = {As decision-making is increasingly data-driven, trustworthiness and reliability of the underlying data, e.g., maintained in knowledge graphs or on the Web, are essential requirements for their usability in the industry. However, neither traditional solutions, such as paper-based data curation processes, nor state-of-the-art approaches, such as distributed ledger technologies, adequately scale to the complex requirements and high throughput of continuously evolving industrial data. Motivated by a practical use case with high demands towards data trustworthiness and reliability, we identify the need for digitally-verifiable data immutability as a still insufficiently addressed dimension of data quality. Based on our discussion of shortcomings in related work, we thus propose ReShare, our novel concept of digital transmission contracts with bilateral signatures, to address this open issue for both RDF knowledge graphs and arbitrary data on the Web. Our quantitative evaluation of ReShare’s performance and scalability reveals only moderate computation and communication overhead, indicating significant potential for cost-reductions compared to today’s approaches. By cleverly integrating digital transmission contracts with existing Web-based information systems, ReShare provides a promising foundation for data sharing and reuse in Industry 4.0 and beyond, enabling digital accountability through easily-adoptable digitally-verifiable data immutability and non-repudiation.}, note = {Lecture Notes in Computer Science (LNCS), Volume 12731}, keywords = {Digital transmission contracts; Trust; Data immutability; Non-repudiation; Accountability; Data dynamics; Linked Data; Knowledge graphs}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-mangel-eswc-reshare.pdf}, publisher = {Springer}, booktitle = {Proceedings of the 18th Extended Semantic Web Conference (ESWC '21), June 6-10, 2021, Heraklion, Greece}, event_place = {Heraklion, Greece}, event_date = {June 6-10, 2021}, ISBN = {978-3-030-77384-7}, ISSN = {0302-9743}, DOI = {10.1007/978-3-030-77385-4_16}, reviewed = {1}, author = {Mangel, Simon and Gleim, Lars and Pennekamp, Jan and Wehrle, Klaus and Decker, Stefan} } @Article { 2021_buckhorst_lmas, title = {Holarchy for Line-less Mobile Assembly Systems Operation in the Context of the Internet of Production}, journal = {Procedia CIRP}, year = {2021}, month = {5}, day = {3}, volume = {99}, pages = {448-453}, abstract = {Assembly systems must provide maximum flexibility qualified by organization and technology to offer cost-compliant performance features to differentiate themselves from competitors in buyers' markets. By mobilization of multipurpose resources and dynamic planning, Line-less Mobile Assembly Systems (LMASs) offer organizational reconfigurability. By proposing a holarchy to combine LMASs with the concept of an Internet of Production (IoP), we enable LMASs to source valuable information from cross-level production networks, physical resources, software nodes, and data stores that are interconnected in an IoP. The presented holarchy provides a concept of how to address future challenges, meet the requirements of shorter lead times, and unique lifecycle support. The paper suggests an application of decision making, distributed sensor services, recommender-based data reduction, and in-network computing while considering safety and human usability alike.}, note = {Proceedings of the 14th CIRP Conference on Intelligent Computation in Manufacturing Engineering (ICME '20), July 14-17, 2020, Gulf of Naples, Italy}, keywords = {Internet of Production; Line-less Mobile Assembly System; Industrial Assembly; Smart Factory}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-buckhorst-holarchy.pdf}, publisher = {Elsevier}, event_place = {Gulf of Naples, Italy}, event_date = {July 14-17, 2020}, ISSN = {2212-8271}, DOI = {10.1016/j.procir.2021.03.064}, reviewed = {1}, author = {Buckhorst, Armin F. and Montavon, Benjamin and Wolfschl{\"a}ger, Dominik and Buchsbaum, Melanie and Shahidi, Amir and Petruck, Henning and Kunze, Ike and Pennekamp, Jan and Brecher, Christian and H{\"u}sing, Mathias and Corves, Burkhard and Nitsch, Verena and Wehrle, Klaus and Schmitt, Robert H.} } @Article { 2021_bader_privaccichain, title = {Blockchain-Based Privacy Preservation for Supply Chains Supporting Lightweight Multi-Hop Information Accountability}, journal = {Information Processing \& Management}, year = {2021}, month = {5}, day = {1}, volume = {58}, number = {3}, abstract = {The benefits of information sharing along supply chains are well known for improving productivity and reducing costs. However, with the shift towards more dynamic and flexible supply chains, privacy concerns severely challenge the required information retrieval. A lack of trust between the different involved stakeholders inhibits advanced, multi-hop information flows, as valuable information for tracking and tracing products and parts is either unavailable or only retained locally. Our extensive literature review of previous approaches shows that these needs for cross-company information retrieval are widely acknowledged, but related work currently only addresses them insufficiently. To overcome these concerns, we present PrivAccIChain, a secure, privacy-preserving architecture for improving the multi-hop information retrieval with stakeholder accountability along supply chains. To address use case-specific needs, we particularly introduce an adaptable configuration of transparency and data privacy within our design. Hence, we enable the benefits of information sharing as well as multi-hop tracking and tracing even in supply chains that include mutually distrusting stakeholders. We evaluate the performance of PrivAccIChain and demonstrate its real-world feasibility based on the information of a purchasable automobile, the e.GO Life. We further conduct an in-depth security analysis and propose tunable mitigations against common attacks. As such, we attest PrivAccIChain's practicability for information management even in complex supply chains with flexible and dynamic business relationships.}, keywords = {multi-hop collaboration; tracking and tracing; Internet of Production; e.GO; attribute-based encryption}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-bader-ipm-privaccichain.pdf}, publisher = {Elsevier}, ISSN = {0306-4573}, DOI = {10.1016/j.ipm.2021.102529}, reviewed = {1}, author = {Bader, Lennart and Pennekamp, Jan and Matzutt, Roman and Hedderich, David and Kowalski, Markus and Lücken, Volker and Wehrle, Klaus} } @Article { 2021_schomakers_insights, title = {Insights on Data Sensitivity from the Technical, Legal and the Users' Perspectives}, journal = {Computer Law Review International}, year = {2021}, month = {2}, day = {15}, volume = {22}, number = {1}, pages = {8-15}, abstract = {Social media, cloud computing, and the Internet of Things connect people around the globe, offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for users' privacy. From the users' perspective, the consequences of data disclosure depend on the perceived sensitivity of that data. But in light of the new technological opportunities to process and combine data, it is questionable whether users can adequately evaluate risks of data disclosures. As mediating authority, data protection laws such as the European General Data Protection Regulation try to protect user data, granting enhanced protection to ''special categories'' of data. This article assesses the legal, technological, and users' perspectives on information sensitivity and their interplay. Technologically, all data can be referred to as ''potentially sensitive.'' The legal and users' perspective on information sensitivity deviate from this standpoint, as some data types are granted special protection by law but are not perceived as very sensitive by users and vice versa. The key findings here suggest the GDPR adequately protecting users' privacy but for small adjustments.}, tags = {Information Sensitivity, Privacy, European Data Protection Law}, ISSN = {1610-7608}, DOI = {10.9785/cri-2021-220103}, reviewed = {1}, author = {Schomakers, Eva-Maria and Lidynia, Chantal and M{\"u}llmann, Dirk and Matzutt, Roman and Wehrle, Klaus and Spiecker gen. D{\"o}hmann, Indra and Ziefle, Martina} } @Inproceedings { 2019_rut_schomakers_privacy, title = {Putting Privacy into Perspective -- Comparing Technical, Legal, and Users' View of Information Sensitivity}, year = {2021}, month = {1}, day = {27}, pages = {857-870}, abstract = {Social media, cloud computing, and the Internet of Things connect people around the globe, offering manifold benefits. However, the technological advances and increased user participation generate novel challenges for users' privacy. From the users' perspective, the consequences of data disclosure depend on the perceived sensitivity of that data. But in light of the new technological opportunities to process and combine data, it is questionable whether users can adequately evaluate risks of data disclosures. As mediating authority, data protection laws such as the European General Data Protection Regulation try to protect user data, granting enhanced protection to ''special categories'' of data. In this paper, we assess the legal, technological, and users' perspectives on information sensitivity and their interplay. Technologically, all data can be referred to as ''potentially sensitive.'' The legal and users' perspective on information sensitivity deviate from this standpoint, as some data types are granted special protection by law but are not perceived as very sensitive by users and vice versa. Our key findings still suggest the GDPR adequately protecting users' privacy but for small adjustments.}, keywords = {Information Sensitivity,Privacy,European Data Protection Law}, tags = {mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-schomakers-3perspectives.pdf}, web_url = {https://dl.gi.de/handle/20.500.12116/34788}, web_url2 = {https://arxiv.org/abs/1911.06569}, publisher = {Gesellschaft f{\"u}r Informatik}, address = {Bonn}, booktitle = {INFORMATIK 2020}, event_place = {Karlsruhe, Germany}, event_name = {INFORMATIK 2020}, event_date = {2020-09-28 to 2020-10-01}, language = {English}, DOI = {10.18420/inf2020_76}, reviewed = {1}, author = {Schomakers, Eva-Maria and Lidynia, Chantal and M{\"u}llmann, Dirk and Matzutt, Roman and Wehrle, Klaus and Spiecker gen. D{\"o}hmann, Indra and Ziefle, Martina} } @Article { 2021-wehrle-energy, title = {A Novel Receiver Design for Energy Packet‐Based Dispatching}, journal = {Energy Technology}, year = {2021}, volume = {9}, number = {2}, DOI = {10.1002/ente.202000937}, reviewed = {1}, author = {Wiegel, Friedirch and De Din, Edoardo and Monti, Antonello and Wehrle, Klaus and Hiller, Marc and Zitterbart, Martina and Hagenmeyer, Veit} } @Inproceedings { 2020_delacadena_trafficsliver, title = {TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting}, year = {2020}, month = {11}, day = {12}, pages = {1971-1985}, abstract = {Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only. To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98\% to less than 16\% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network.}, keywords = {Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf}, web_url = {https://github.com/TrafficSliver}, publisher = {ACM}, booktitle = {Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA}, event_place = {Virtual Event, USA}, event_date = {November 9-13, 2020}, ISBN = {978-1-4503-7089-9/20/11}, DOI = {10.1145/3372297.3423351}, reviewed = {1}, author = {De la Cadena, Wladimir and Mitseva, Asya and Hiller, Jens and Pennekamp, Jan and Reuter, Sebastian and Filter, Julian and Wehrle, Klaus and Engel, Thomas and Panchenko, Andriy} } @Inproceedings { 2020_matzutt_anonboot, title = {Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity Services}, year = {2020}, month = {10}, day = {7}, pages = {531-542}, abstract = {Distributed anonymity services, such as onion routing networks or cryptocurrency tumblers, promise privacy protection without trusted third parties. While the security of these services is often well-researched, security implications of their required bootstrapping processes are usually neglected: Users either jointly conduct the anonymization themselves, or they need to rely on a set of non-colluding privacy peers. However, the typically small number of privacy peers enable single adversaries to mimic distributed services. We thus present AnonBoot, a Sybil-resistant medium to securely bootstrap distributed anonymity services via public blockchains. AnonBoot enforces that peers periodically create a small proof of work to refresh their eligibility for providing secure anonymity services. A pseudo-random, locally replicable bootstrapping process using on-chain entropy then prevents biasing the election of eligible peers. Our evaluation using Bitcoin as AnonBoot's underlying blockchain shows its feasibility to maintain a trustworthy repository of 1000 peers with only a small storage footprint while supporting arbitrarily large user bases on top of most blockchains.}, keywords = {anonymization; bootstrapping; public blockchain; Sybil attack; anonymity network; cryptocurrency tumbler; Bitcoin; Tor}, tags = {impact_digital; digital_campus}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-anonboot.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 15th ACM ASIA Conference on Computer and Communications Security (ASIACCS '20), October 5-9, 2020, Taipei, Taiwan}, event_place = {Taipei, Taiwan}, event_name = {ASIACCS 2020}, event_date = {October 5-9, 2020}, ISBN = {978-1-4503-6750-9/20/10}, DOI = {10.1145/3320269.3384729}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Buchholz, Erik and Wehrle, Klaus} } @Inproceedings { 2020_pennekamp_supply_chain_sensing, title = {Secure End-to-End Sensing in Supply Chains}, year = {2020}, month = {7}, day = {1}, abstract = {Trust along digitalized supply chains is challenged by the aspect that monitoring equipment may not be trustworthy or unreliable as respective measurements originate from potentially untrusted parties. To allow for dynamic relationships along supply chains, we propose a blockchain-backed supply chain monitoring architecture relying on trusted hardware. Our design provides a notion of secure end-to-end sensing of interactions even when originating from untrusted surroundings. Due to attested checkpointing, we can identify misinformation early on and reliably pinpoint the origin. A blockchain enables long-term verifiability for all (now trustworthy) IoT data within our system even if issues are detected only after the fact. Our feasibility study and cost analysis further show that our design is indeed deployable in and applicable to today's supply chain settings.}, keywords = {supply chain; trusted computing; trusted execution; blockchain; Internet of Production; condition monitoring}, tags = {internet-of-production}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-supply-chain-sensing.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 5th International Workshop on Cyber-Physical Systems Security (CPS-Sec '20), co-located with the 8th IEEE Conference on Communications and Network Security (CNS '20), June 29-July 1, 2020, Avignon, France}, event_place = {Avignon, France}, event_date = {June 29-July 1, 2020}, ISBN = {978-1-7281-4760-4}, DOI = {10.1109/CNS48642.2020.9162337}, reviewed = {1}, author = {Pennekamp, Jan and Alder, Fritz and Matzutt, Roman and M{\"u}hlberg, Jan Tobias and Piessens, Frank and Wehrle, Klaus} } @Inproceedings { 2020_matzutt_coinprune, title = {How to Securely Prune Bitcoin’s Blockchain}, year = {2020}, month = {6}, day = {24}, pages = {298-306}, abstract = {Bitcoin was the first successful decentralized cryptocurrency and remains the most popular of its kind to this day. Despite the benefits of its blockchain, Bitcoin still faces serious scalability issues, most importantly its ever-increasing blockchain size. While alternative designs introduced schemes to periodically create snapshots and thereafter prune older blocks, already-deployed systems such as Bitcoin are often considered incapable of adopting corresponding approaches. In this work, we revise this popular belief and present CoinPrune, a snapshot-based pruning scheme that is fully compatible with Bitcoin. CoinPrune can be deployed through an opt-in velvet fork, i.e., without impeding the established Bitcoin network. By requiring miners to publicly announce and jointly reaffirm recent snapshots on the blockchain, CoinPrune establishes trust into the snapshots' correctness even in the presence of powerful adversaries. Our evaluation shows that CoinPrune reduces the storage requirements of Bitcoin already by two orders of magnitude today, with further relative savings as the blockchain grows. In our experiments, nodes only have to fetch and process 5 GiB instead of 230 GiB of data when joining the network, reducing the synchronization time on powerful devices from currently 5 h to 46 min, with even more savings for less powerful devices.}, keywords = {blockchain; block pruning; synchronization; bootstrapping; scalability; velvet fork; Bitcoin}, tags = {mynedata; impact_digital; digital_campus}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coinprune.pdf}, web_url = {https://coinprune.comsys.rwth-aachen.de}, publisher = {IEEE}, booktitle = {Proceedings of the 19th IFIP Networking 2020 Conference (NETWORKING '20), June 22-26, 2020, Paris, France}, event_place = {Paris, France}, event_name = {NETWORKING 2020}, event_date = {June 22-26, 2020}, ISBN = {978-3-903176-28-7}, reviewed = {1}, author = {Matzutt, Roman and Kalde, Benedikt and Pennekamp, Jan and Drichel, Arthur and Henze, Martin and Wehrle, Klaus} } @Inproceedings { 2020_pennekamp_supply_chain_accountability, title = {Private Multi-Hop Accountability for Supply Chains}, year = {2020}, month = {6}, day = {7}, abstract = {Today's supply chains are becoming increasingly flexible in nature. While adaptability is vastly increased, these more dynamic associations necessitate more extensive data sharing among different stakeholders while simultaneously overturning previously established levels of trust. Hence, manufacturers' demand to track goods and to investigate root causes of issues across their supply chains becomes more challenging to satisfy within these now untrusted environments. Complementarily, suppliers need to keep any data irrelevant to such routine checks secret to remain competitive. To bridge the needs of contractors and suppliers in increasingly flexible supply chains, we thus propose to establish a privacy-preserving and distributed multi-hop accountability log among the involved stakeholders based on Attribute-based Encryption and backed by a blockchain. Our large-scale feasibility study is motivated by a real-world manufacturing process, i.e., a fine blanking line, and reveals only modest costs for multi-hop tracing and tracking of goods.}, keywords = {supply chain; multi-hop tracking and tracing; blockchain; attribute-based encryption; Internet of Production}, tags = {internet-of-production}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-supply-chain-privacy.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2020 IEEE International Conference on Communications Workshops (ICC Workshops '20), 1st Workshop on Blockchain for IoT and Cyber-Physical Systems (BIoTCPS '20), June 7-11, 2020, Dublin, Ireland}, event_place = {Dublin, Ireland}, event_date = {June 7-11, 2020}, ISBN = {978-1-7281-7440-2}, ISSN = {2474-9133}, DOI = {10.1109/ICCWorkshops49005.2020.9145100}, reviewed = {1}, author = {Pennekamp, Jan and Bader, Lennart and Matzutt, Roman and Niemietz, Philipp and Trauth, Daniel and Henze, Martin and Bergs, Thomas and Wehrle, Klaus} } @Inproceedings { 2020-mann-ur-weldseamstudy, title = {Study on weld seam geometry control for connected gas metal arc welding systems}, year = {2020}, month = {6}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-weld-seam-geometry-control.pdf}, booktitle = {Proceedings of the 2020 Internal Conference on Ubiquitous Robots}, event_name = {Internal Conference on Ubiquitous Robots}, event_date = {June 22-26, 2020}, DOI = {10.1109/UR49135.2020.9144839}, reviewed = {1}, author = {Mann, Samuel and Glebke, Ren{\'e} and Kunze, Ike and Scheurenberg, Dominik and Sharma, Rahul and Reisgen, Uwe and Wehrle, Klaus and Abel, Dirk} } @Article { 2020_mann_welding_layers, title = {Connected, digitalized welding production — Secure, ubiquitous utilization of data across process layers}, journal = {Advanced Structured Materials}, year = {2020}, month = {4}, day = {1}, volume = {125}, pages = {101-118}, abstract = {A connected, digitalized welding production unlocks vast and dynamic potentials: from improving state of the art welding to new business models in production. For this reason, offering frameworks, which are capable of addressing multiple layers of applications on the one hand and providing means of data security and privacy for ubiquitous dataflows on the other hand, is an important step to enable the envisioned advances. In this context, welding production has been introduced from the perspective of interlaced process layers connecting information sources across various entities. Each layer has its own distinct challenges from both a process view and a data perspective. Besides, investigating each layer promises to reveal insight into (currently unknown) process interconnections. This approach has been substantiated by methods for data security and privacy to draw a line between secure handling of data and the need of trustworthy dealing with sensitive data among different parties and therefore partners. In conclusion, the welding production has to develop itself from an accumulation of local and isolated data sources towards a secure industrial collaboration in an Internet of Production.}, note = {Proceedings of the 1st International Conference on Advanced Joining Processes (AJP '19)}, keywords = {Welding Production; Industrie 4.0; Internet of Production; Data Security; Data Privacy}, tags = {Internet-of-Production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-welding-layers.pdf}, publisher = {Springer}, event_place = {Ponta Delgada, Azores, Portugal}, event_date = {October 24-25, 2019}, ISBN = {978-981-15-2956-6}, ISSN = {1869-8433}, DOI = {10.1007/978-981-15-2957-3_8}, reviewed = {1}, author = {Mann, Samuel and Pennekamp, Jan and Brockhoff, Tobias and Farhang, Anahita and Pourbafrani, Mahsa and Oster, Lukas and Uysal, Merih Seran and Sharma, Rahul and Reisgen, Uwe and Wehrle, Klaus and van der Aalst, Wil} } @Inproceedings { 2020_matzutt_coralis, title = {A Secure and Practical Decentralized Ecosystem for Shareable Education Material}, year = {2020}, month = {1}, day = {7}, pages = {529-534}, abstract = {Traditionally, the university landscape is highly federated, which hinders potentials for coordinated collaborations. While the lack of a strict hierarchy on the inter-university level is critical for ensuring free research and higher education, this concurrency limits the access to high-quality education materials. Especially regarding resources such as lecture notes or exercise tasks we observe a high susceptibility to redundant work and lacking quality assessment of material created in isolation by individual university institutes. To remedy this situation, in this paper we propose CORALIS, a decentralized marketplace for offering, acquiring, discussing, and improving education resources across university borders. Our design is based on a permissioned blockchain to (a) realize accountable access control via simple on-chain license terms, (b) trace the evolution of encrypted containers accumulating bundles of shareable education resources, and (c) record user comments and ratings for further improving the quality of offered education material.}, keywords = {blockchain platform; permissioned blockchain; education material; quality assessment; collaborative work}, tags = {impact_digital}, url = {https://comsys.rwth-aachen.de/fileadmin/papers/2020/2020-matzutt-coralis.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 34th International Conference on Information Networking (ICOIN '20), January 7-10, 2020, Barcelona, Spain}, event_place = {Barcelona, Spain}, event_date = {January 7-10, 2020}, ISBN = {978-1-7281-4199-2}, DOI = {10.1109/ICOIN48656.2020.9016478}, reviewed = {1}, author = {Matzutt, Roman and Pennekamp, Jan and Wehrle, Klaus} } @Inproceedings { 2019-krude-online-reprogramming, title = {Online Reprogrammable Multi Tenant Switches}, year = {2019}, month = {12}, day = {9}, tags = {maki}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-krude-online-reprogramming.pdf}, publisher = {ACM}, booktitle = {1st ACM CoNEXT Workshop on Emerging in-Network Computing Paradigms (ENCP '19)}, ISBN = {978-1-4503-7000-4/19/12}, DOI = {10.1145/3359993.3366643}, reviewed = {1}, author = {Krude, Johannes and Hofmann, Jaco and Eichholz, Matthias and Wehrle, Klaus and Koch, Andreas and Mezini, Mira} } @Inproceedings { 2019_delacadena_countermeasure, title = {POSTER: Traffic Splitting to Counter Website Fingerprinting}, year = {2019}, month = {11}, day = {12}, pages = {2533-2535}, abstract = {Website fingerprinting (WFP) is a special type of traffic analysis, which aims to infer the websites visited by a user. Recent studies have shown that WFP targeting Tor users is notably more effective than previously expected. Concurrently, state-of-the-art defenses have been proven to be less effective. In response, we present a novel WFP defense that splits traffic over multiple entry nodes to limit the data a single malicious entry can use. Here, we explore several traffic-splitting strategies to distribute user traffic. We establish that our weighted random strategy dramatically reduces the accuracy from nearly 95\% to less than 35\% for four state-of-the-art WFP attacks without adding any artificial delays or dummy traffic.}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-delacadena-splitting-defense.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 26th ACM SIGSAC Conference on Computer and Communications Security (CCS '19), November 11-15, 2019, London, United Kingdom}, event_place = {London, United Kingdom}, event_date = {November 11-15, 2019}, ISBN = {978-1-4503-6747-9/19/11}, DOI = {10.1145/3319535.3363249}, reviewed = {1}, author = {De la Cadena, Wladimir and Mitseva, Asya and Pennekamp, Jan and Hiller, Jens and Lanze, Fabian and Engel, Thomas and Wehrle, Klaus and Panchenko, Andriy} } @Inproceedings { 2019-dahlmanns-icnp-knowledgeSystem, title = {Privacy-Preserving Remote Knowledge System}, year = {2019}, month = {10}, day = {7}, abstract = {More and more traditional services, such as malware detectors or collaboration services in industrial scenarios, move to the cloud. However, this behavior poses a risk for the privacy of clients since these services are able to generate profiles containing very sensitive information, e.g., vulnerability information or collaboration partners. Hence, a rising need for protocols that enable clients to obtain knowledge without revealing their requests exists. To address this issue, we propose a protocol that enables clients (i) to query large cloud-based knowledge systems in a privacy-preserving manner using Private Set Intersection and (ii) to subsequently obtain individual knowledge items without leaking the client’s requests via few Oblivious Transfers. With our preliminary design, we allow clients to save a significant amount of time in comparison to performing Oblivious Transfers only.}, note = {Poster Session}, keywords = {private query protocol; knowledge system; remote knowledge; private set intersection; oblivious transfer}, tags = {kimusin; internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-dahlmanns-knowledge-system.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA}, event_place = {Chicago, IL, USA}, event_name = {27th IEEE International Conference on Network Protocols (ICNP 2019)}, event_date = {7-10. Oct. 2019}, ISBN = {978-1-7281-2700-2}, ISSN = {2643-3303}, DOI = {10.1109/ICNP.2019.8888121}, reviewed = {1}, author = {Dahlmanns, Markus and Dax, Chris and Matzutt, Roman and Pennekamp, Jan and Hiller, Jens and Wehrle, Klaus} } @Inproceedings { 2019_pennekamp_multipath, title = {Multipathing Traffic to Reduce Entry Node Exposure in Onion Routing}, year = {2019}, month = {10}, day = {7}, abstract = {Users of an onion routing network, such as Tor, depend on its anonymity properties. However, especially malicious entry nodes, which know the client’s identity, can also observe the whole communication on their link to the client and, thus, conduct several de-anonymization attacks. To limit this exposure and to impede corresponding attacks, we propose to multipath traffic between the client and the middle node to reduce the information an attacker can obtain at a single vantage point. To facilitate the deployment, only clients and selected middle nodes need to implement our approach, which works transparently for the remaining legacy nodes. Furthermore, we let clients control the splitting strategy to prevent any external manipulation.}, note = {Poster Session}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-multipathing.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA}, event_place = {Chicago, IL, USA}, event_name = {27th IEEE International Conference on Network Protocols (ICNP 2019)}, event_date = {7-10. Oct. 2019}, ISBN = {978-1-7281-2700-2}, ISSN = {2643-3303}, DOI = {10.1109/ICNP.2019.8888029}, reviewed = {1}, author = {Pennekamp, Jan and Hiller, Jens and Reuter, Sebastian and De la Cadena, Wladimir and Mitseva, Asya and Henze, Martin and Engel, Thomas and Wehrle, Klaus and Panchenko, Andriy} } @Inproceedings { 2019-krude-chain-opt, title = {Optimizing Data Plane Programs for the Network}, year = {2019}, month = {8}, day = {23}, abstract = {With the move of Software-defined networking from fixed to programmable data planes, network functions are written with P4 or eBPF for targets such as programmable switches, CPU based flow processors and commodity CPUs. These data plane programs are, however, limited in per-packet time budget (e.g., 67.2 ns at 10GbE) and program size, making program optimization imperative. Existing approaches focus on optimizing the distribution of flow rules in fixed data planes or they are limited to a single switch. We see great potential in integrating the network topology into program optimization.}, tags = {maki}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-krude-chain-opt.pdf}, publisher = {ACM}, booktitle = {NetPL '19: ACM SIGCOMM Workshop on Networking and Programming Languages}, event_place = {Beijing, China}, ISBN = {978-1-4503-6877-3/19/08}, DOI = {10.1145/3341561.3349590}, reviewed = {1}, author = {Krude, Johannes and Eichholz, Matthias and Winck, Maximilian and Wehrle, Klaus and Mezini, Mira} } @Inproceedings { ReelfsMHH2019, title = {Hashtag Usage in a Geographically-Local Microblogging App}, year = {2019}, month = {5}, day = {13}, pages = {919-927}, keywords = {Anonymous Messaging; Location Based Messaging; User Behavior and Engagement; Information Diffusion; Hashtag}, tags = {comtex}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-reelfs-jodel-hashtags.pdf}, publisher = {ACM}, booktitle = {Companion Proceedings of the 2019 World Wide Web Conference (WWW '19 Companion), 9th International Workshop on Location and the Web (LocWeb '19), May 13–17, 2019, San Francisco, CA, USA}, event_place = {San Francisco, California, USA}, event_name = {International Workshop on Location and the Web}, event_date = {May 13–17, 2019}, ISBN = {978-1-4503-6675-5/19/05}, DOI = {10.1145/3308560.3316537}, reviewed = {1}, author = {Reelfs, Helge and Mohaupt, Timon and Hohlfeld, Oliver and Henckell, Niklas} } @Inproceedings { 2019_pennekamp_infrastructure, title = {Towards an Infrastructure Enabling the Internet of Production}, year = {2019}, month = {5}, day = {8}, pages = {31-37}, abstract = {New levels of cross-domain collaboration between manufacturing companies throughout the supply chain are anticipated to bring benefits to both suppliers and consumers of products. Enabling a fine-grained sharing and analysis of data among different stakeholders in an automated manner, such a vision of an Internet of Production (IoP) introduces demanding challenges to the communication, storage, and computation infrastructure in production environments. In this work, we present three example cases that would benefit from an IoP (a fine blanking line, a high pressure die casting process, and a connected job shop) and derive requirements that cannot be met by today’s infrastructure. In particular, we identify three orthogonal research objectives: (i) real-time control of tightly integrated production processes to offer seamless low-latency analysis and execution, (ii) storing and processing heterogeneous production data to support scalable data stream processing and storage, and (iii) secure privacy-aware collaboration in production to provide a basis for secure industrial collaboration. Based on a discussion of state-of-the-art approaches for these three objectives, we create a blueprint for an infrastructure acting as an enabler for an IoP.}, keywords = {Internet of Production; Cyber-Physical Systems; Data Processing; Low Latency; Secure Industrial Collaboration}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-iop-infrastructure.pdf}, publisher = {IEEE}, booktitle = {Proceedings of the 2nd IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '19), May 6-9, 2019, Taipei, TW}, event_place = {Taipei, TW}, event_date = {May 6-9, 2019}, ISBN = {978-1-5386-8500-6/19}, DOI = {10.1109/ICPHYS.2019.8780276}, reviewed = {1}, author = {Pennekamp, Jan and Glebke, Ren{\'e} and Henze, Martin and Meisen, Tobias and Quix, Christoph and Hai, Rihan and Gleim, Lars and Niemietz, Philipp and Rudack, Maximilian and Knape, Simon and Epple, Alexander and Trauth, Daniel and Vroomen, Uwe and Bergs, Thomas and Brecher, Christian and B{\"u}hrig-Polaczek, Andreas and Jarke, Matthias and Wehrle, Klaus} } @Inproceedings { 2019_wagner_dispute_resolution, title = {Dispute Resolution for Smart Contract-based Two Party Protocols}, year = {2019}, month = {5}, abstract = {Blockchain systems promise to mediate interactions of mutually distrusting parties without a trusted third party. However, protocols with full smart contract-based security are either limited in functionality or complex, with high costs for secured interactions. This observation leads to the development of protocol-specific schemes to avoid costly dispute resolution in case all participants remain honest. In this paper, we introduce SmartJudge, an extensible generalization of this trend for smart contract-based two-party protocols. SmartJudge relies on a protocol-independent mediator smart contract that moderates two-party interactions and only consults protocol-specific verifier smart contracts in case of a dispute. This way, SmartJudge avoids verification costs in absence of disputes and sustains interaction confidentiality among honest parties. We implement verifier smart contracts for cross-blockchain trades and exchanging digital goods and show that SmartJudge can reduce costs by 46-50\% and 22\% over current state of the art, respectively.}, keywords = {Ethereum,Bitcoin,smart contracts,two-party protocols,dispute resolution,cross-blockchain trades}, tags = {mynedata, impact-digital, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-wagner-dispute.pdf}, publisher = {IEEE}, booktitle = {IEEE International Conference on Blockchain and Cryptocurrency 2019 (ICBC 2019)}, event_place = {Seoul, South Korea}, event_name = {IEEE International Conference on Blockchain and Cryptocurrency 2019}, language = {English}, DOI = {10.1109/BLOC.2019.8751312}, reviewed = {1}, author = {Wagner, Eric and V{\"o}lker, Achim and Fuhrmann, Frederik and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2019-glebke-hicss-integrated, title = {A Case for Integrated Data Processing in Large-Scale Cyber-Physical Systems}, year = {2019}, month = {1}, day = {8}, pages = {7252-7261}, tags = {internet-of-production,reflexes}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-glebke-integrated.pdf}, misc2 = {Online}, publisher = {University of Hawai'i at Manoa / AIS}, booktitle = {Proceedings of the 52nd Hawaii International Conference on System Sciences (HICSS), Wailea, HI, USA}, language = {en}, ISBN = {978-0-9981331-2-6}, DOI = {10.24251/HICSS.2019.871}, reviewed = {1}, author = {Glebke, Ren{\'e} and Henze, Martin and Wehrle, Klaus and Niemietz, Philipp and Trauth, Daniel and Mattfeld, Patrick and Bergs, Thomas} } @Inproceedings { 2018-bader-ethereum-car-insurance, title = {Smart Contract-based Car Insurance Policies}, year = {2018}, month = {12}, day = {9}, tags = {mynedata, internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-bader-ethereum-car-insurance.pdf}, web_url = {https://ieeexplore.ieee.org/document/8644136}, publisher = {IEEE}, booktitle = {2018 IEEE Globecom Workshops (GC Wkshps)}, event_place = {Abu Dhabi, United Arab Emirates}, event_name = {1st International Workshop on Blockchain in IoT, co-located with IEEE Globecom 2018}, event_date = {2018-12-09}, DOI = {10.1109/GLOCOMW.2018.8644136}, reviewed = {1}, author = {Bader, Lennart and B{\"u}rger, Jens Christoph and Matzutt, Roman and Wehrle, Klaus} } @Inproceedings { 2018-ziegeldorf-shield, title = {SHIELD: A Framework for Efficient and Secure Machine Learning Classification in Constrained Environments}, year = {2018}, month = {12}, pages = {1-15}, tags = {iop,mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-ziegeldorf-acsac-shield.pdf}, publisher = {ACM}, address = {New York, NY, USA}, booktitle = {Proceedings of the 34rd Annual Computer Security Applications Conference}, event_place = {San Juan, Puerto Rico, USA}, event_name = {The 34rd Annual Computer Security Applications Conference (ACSAC 2018)}, event_date = {2018-12-03 - 2018-12-07}, language = {English}, DOI = {10.1145/3274694.3274716}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Metzke, Jan and Wehrle, Klaus} } @Inproceedings { 2018-matzutt-bitcoin-content-countermeasures, title = {Thwarting Unwanted Blockchain Content Insertion}, year = {2018}, month = {4}, day = {17}, pages = {364-370}, abstract = {Since the introduction of Bitcoin in 2008, blockchain systems have seen an enormous increase in adoption. By providing a persistent, distributed, and append-only ledger, blockchains enable numerous applications such as distributed consensus, robustness against equivocation, and smart contracts. However, recent studies show that blockchain systems such as Bitcoin can be (mis)used to store arbitrary content. This has already been used to store arguably objectionable content on Bitcoin's blockchain. Already single instances of clearly objectionable or even illegal content can put the whole system at risk by making its node operators culpable. To overcome this imminent risk, we survey and discuss the design space of countermeasures against the insertion of such objectionable content. Our analysis shows a wide spectrum of potential countermeasures, which are often combinable for increased efficiency. First, we investigate special-purpose content detectors as an ad hoc mitigation. As they turn out to be easily evadable, we also investigate content-agnostic countermeasures. We find that mandatory minimum fees as well as mitigation of transaction manipulability via identifier commitments significantly raise the bar for inserting harmful content into a blockchain.}, keywords = {Bitcoin,blockchain,security,objectionable content,countermeasure}, tags = {mynedata,iop}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-matzutt-blockchain-contents-countermeasures.pdf}, web_url = {https://ieeexplore.ieee.org/document/8360355}, publisher = {IEEE}, booktitle = {Proceedings of the First IEEE Workshop on Blockchain Technologies and Applications (BTA), co-located with the IEEE International Conference on Cloud Engineering 2018 (IC2E 2018)}, event_place = {Orlando, Florida, USA}, event_name = {First IEEE Workshop on Blockchain Technologies and Applications (BTA)}, event_date = {2018-04-17}, language = {English}, ISBN = {978-1-5386-5008-0}, DOI = {10.1109/IC2E.2018.00070}, reviewed = {1}, author = {Matzutt, Roman and Henze, Martin and Ziegeldorf, Jan Henrik and Hiller, Jens and Wehrle, Klaus} } @Article { 2018-scheitle-ccr-caa, title = {A First Look at Certification Authority Authorization (CAA)}, journal = {ACM SIGCOMM Computer Communications Review (CCR)}, year = {2018}, month = {4}, volume = {48}, pages = {10-23}, note = {https://www.net.in.tum.de/fileadmin/bibtex/publications/papers/caa17.pdf}, tags = {internet-measurements}, url = {https://ccronline.sigcomm.org/wp-content/uploads/2018/05/sigcomm-ccr-final163.pdf}, web_url = {https://ccronline.sigcomm.org/2018/a-first-look-at-certification-authority-authorization-caa/}, web_url_date = {2018-06-05}, DOI = {10.1145/3213232.3213235}, reviewed = {1}, author = {Scheitle, Quirin and Chung, Taejoong and Hiller, Jens and Gasser, Oliver and Naab, Johannes and van Rijswijk-Deij, Roland and Hohlfeld, Oliver and Holz, Ralph and Choffnes, Dave and Mislove, Alan and Carle, Georg} } @Article { 2016-fgcs-ziegeldorf-bitcoin, title = {Secure and anonymous decentralized Bitcoin mixing}, journal = {Future Generation Computer Systems}, year = {2018}, month = {3}, volume = {80}, pages = {448-466}, keywords = {Pseudonymity, anonymity, and untraceability}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018-ziegeldorf-fgcs-bitcoin.pdf}, misc2 = {Online}, publisher = {Elsevier}, language = {en}, ISSN = {0167-739X}, DOI = {10.1016/j.future.2016.05.018}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Matzutt, Roman and Henze, Martin and Grossmann, Fred and Wehrle, Klaus} } @Inproceedings { 2018-matzutt-bitcoin-content, title = {A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin}, year = {2018}, month = {2}, day = {26}, abstract = {Blockchains primarily enable credible accounting of digital events, e.g., money transfers in cryptocurrencies. However, beyond this original purpose, blockchains also irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockchain, particularly including potentially harmful content. We provide the first systematic analysis of the benefits and threats of arbitrary blockchain content. Our analysis shows that certain content, e.g., illegal pornography, can render the mere possession of a blockchain illegal. Based on these insights, we conduct a thorough quantitative and qualitative analysis of unintended content on Bitcoin's blockchain. Although most data originates from benign extensions to Bitcoin's protocol, our analysis reveals more than 1600 files on the blockchain, over 99\% of which are texts or images. Among these files there is clearly objectionable content such as links to child pornography, which is distributed to all Bitcoin participants. With our analysis, we thus highlight the importance for future blockchain designs to address the possibility of unintended data insertion and protect blockchain users accordingly.}, tags = {mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2018/2018_matzutt_bitcoin-contents_preproceedings-version.pdf}, web_url_date = {2018-01-07}, misc2 = {Online}, publisher = {Springer}, booktitle = {Proceedings of the 22nd International Conference on Financial Cryptography and Data Security (FC), Nieuwpoort, Cura\c{c}ao}, event_place = {Nieuwpoort, Cura\c{c}ao}, event_name = {Financial Cryptography and Data Security 2018}, language = {en}, DOI = {10.1007/978-3-662-58387-6_23}, reviewed = {1}, author = {Matzutt, Roman and Hiller, Jens and Henze, Martin and Ziegeldorf, Jan Henrik and M{\"u}llmann, Dirk and Hohlfeld, Oliver and Wehrle, Klaus} } @Inproceedings { 2018-dedin-energy-packets, title = {A new solution for the Energy Packet-based Dispatching using power/signal dual modulation}, year = {2018}, booktitle = {Proceedings of the Ninth International Conference on Future Energy Systems (ACM e-Energy '18)}, event_place = {Karlsruhe, Germany}, event_name = {Ninth International Conference on Future Energy Systems}, event_date = {2018-06-15}, DOI = {10.1145/3208903.3208931}, reviewed = {1}, author = {De Din, Edoardo and Monti, Antonello and Hagenmeyer, Veit and Wehrle, Klaus} } @Incollection { 2017-cps-henze-network, title = {Network Security and Privacy for Cyber-Physical Systems}, year = {2017}, month = {11}, day = {13}, pages = {25-56}, tags = {sensorcloud,ipacs}, editor = {Song, Houbing and Fink, Glenn A. and Jeschke, Sabina}, publisher = {Wiley-IEEE Press}, edition = {First}, chapter = {2}, booktitle = {Security and Privacy in Cyber-Physical Systems: Foundations, Principles and Applications}, language = {en}, ISBN = {978-1-119-22604-8}, DOI = {10.1002/9781119226079.ch2}, reviewed = {1}, author = {Henze, Martin and Hiller, Jens and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus and Ziegeldorf, Jan Henrik} } @Inproceedings { 2017-henze-mobiquitous-cloudanalyzer, title = {CloudAnalyzer: Uncovering the Cloud Usage of Mobile Apps}, year = {2017}, month = {11}, day = {7}, pages = {262-271}, abstract = {Developers of smartphone apps increasingly rely on cloud services for ready-made functionalities, e.g., to track app usage, to store data, or to integrate social networks. At the same time, mobile apps have access to various private information, ranging from users' contact lists to their precise locations. As a result, app deployment models and data flows have become too complex and entangled for users to understand. We present CloudAnalyzer, a transparency technology that reveals the cloud usage of smartphone apps and hence provides users with the means to reclaim informational self-determination. We apply CloudAnalyzer to study the cloud exposure of 29 volunteers over the course of 19 days. In addition, we analyze the cloud usage of the 5000 most accessed mobile websites as well as 500 popular apps from five different countries. Our results reveal an excessive exposure to cloud services: 90 \% of apps use cloud services and 36 \% of apps used by volunteers solely communicate with cloud services. Given the information provided by CloudAnalyzer, users can critically review the cloud usage of their apps.}, keywords = {Privacy; Smartphones; Cloud Computing; Traffic Analysis}, tags = {trinics}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-cloudanalyzer.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous '17), November 7-10, 2017, Melbourne, VIC, Australia}, event_place = {Melbourne, VIC, Australia}, event_date = {November 7-10, 2017}, language = {en}, ISBN = {978-1-4503-5368-7}, DOI = {10.1145/3144457.3144471}, reviewed = {1}, author = {Henze, Martin and Pennekamp, Jan and Hellmanns, David and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and Drichel, Arthur and Wehrle, Klaus} } @Inproceedings { 2017-panchenko-wpes-fingerprinting, title = {Analysis of Fingerprinting Techniques for Tor Hidden Services}, year = {2017}, month = {10}, day = {30}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-panchenko-wpes-fingerprinting.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 16th Workshop on Privacy in the Electronic Society (WPES), co-located with the 24th ACM Conference on Computer and Communications Security (CCS), Dallas, TX, USA}, language = {en}, ISBN = {978-1-4503-5175-1}, DOI = {10.1145/3139550.3139564}, reviewed = {1}, author = {Panchenko, Andriy and Mitseva, Asya and Henze, Martin and Lanze, Fabian and Wehrle, Klaus and Engel, Thomas} } @Inproceedings { 2017-henze-trustcom-dcam, title = {Distributed Configuration, Authorization and Management in the Cloud-based Internet of Things}, year = {2017}, month = {8}, day = {1}, pages = {185-192}, tags = {sscilops, ipacs}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-trustcom-dcam.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), Sydney, NSW, Australia}, language = {en}, ISBN = {978-1-5090-4905-9}, ISSN = {2324-9013}, DOI = {10.1109/Trustcom/BigDataSE/ICESS.2017.236}, reviewed = {1}, author = {Henze, Martin and Wolters, Benedikt and Matzutt, Roman and Zimmermann, Torsten and Wehrle, Klaus} } @Inproceedings { 2017-maurer-trustcom-coinjoin, title = {Anonymous CoinJoin Transactions with Arbitrary Values}, year = {2017}, month = {8}, day = {1}, pages = {522-529}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-maurer-trustcom-coinjoin.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {2017 IEEE Trustcom/BigDataSE/ICESS}, event_place = {Sydney, NSW, Australia}, event_name = {16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom)}, event_date = {1. - 4. August 2017}, ISBN = {978-1-5090-4906-6}, ISSN = {2324-9013}, DOI = {10.1109/Trustcom/BigDataSE/ICESS.2017.280}, reviewed = {1}, author = {Maurer, Felix Konstantin and Neudecker, Till and Florian, Martin} } @Article { 2017-ziegeldorf-bmcmedgenomics-bloom, title = {BLOOM: BLoom filter based Oblivious Outsourced Matchings}, journal = {BMC Medical Genomics}, year = {2017}, month = {7}, day = {26}, volume = {10}, number = {Suppl 2}, pages = {29-42}, abstract = {Whole genome sequencing has become fast, accurate, and cheap, paving the way towards the large-scale collection and processing of human genome data. Unfortunately, this dawning genome era does not only promise tremendous advances in biomedical research but also causes unprecedented privacy risks for the many. Handling storage and processing of large genome datasets through cloud services greatly aggravates these concerns. Current research efforts thus investigate the use of strong cryptographic methods and protocols to implement privacy-preserving genomic computations. We propose FHE-Bloom and PHE-Bloom, two efficient approaches for genetic disease testing using homomorphically encrypted Bloom filters. Both approaches allow the data owner to securely outsource storage and computation to an untrusted cloud. FHE-Bloom is fully secure in the semi-honest model while PHE-Bloom slightly relaxes security guarantees in a trade-off for highly improved performance. We implement and evaluate both approaches on a large dataset of up to 50 patient genomes each with up to 1000000 variations (single nucleotide polymorphisms). For both implementations, overheads scale linearly in the number of patients and variations, while PHE-Bloom is faster by at least three orders of magnitude. For example, testing disease susceptibility of 50 patients with 100000 variations requires only a total of 308.31 s (\(\sigma\)=8.73 s) with our first approach and a mere 0.07 s (\(\sigma\)=0.00 s) with the second. We additionally discuss security guarantees of both approaches and their limitations as well as possible extensions towards more complex query types, e.g., fuzzy or range queries. Both approaches handle practical problem sizes efficiently and are easily parallelized to scale with the elastic resources available in the cloud. The fully homomorphic scheme, FHE-Bloom, realizes a comprehensive outsourcing to the cloud, while the partially homomorphic scheme, PHE-Bloom, trades a slight relaxation of security guarantees against performance improvements by at least three orders of magnitude.}, note = {Proceedings of the 5th iDASH Privacy and Security Workshop 2016}, keywords = {Secure outsourcing; Homomorphic encryption; Bloom filters}, tags = {sscilops; mynedata; rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-bmcmedgenomics-bloom.pdf}, misc2 = {Online}, publisher = {BioMed Central}, event_place = {Chicago, IL, USA}, event_date = {November 11, 2016}, language = {en}, ISSN = {1755-8794}, DOI = {10.1186/s12920-017-0277-y}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Pennekamp, Jan and Hellmanns, David and Schwinger, Felix and Kunze, Ike and Henze, Martin and Hiller, Jens and Matzutt, Roman and Wehrle, Klaus} } @Article { dombrowski-vdi, title = {Funktechnologien f{\"u}r Industrie 4.0}, journal = {VDE Positionspapier}, year = {2017}, month = {6}, day = {1}, publisher = {VDE - Verband der Elektrotechnik, Elektronik, Informationstechnik e.V.}, address = {Stresemannallee 15, 60596 Frankfurt am Main, Germany}, author = {Aktas, Ismet and Bentkus, Alexander and Bonanati, Florian and Dekorsy, Armin and Dombrowski, Christian and Doubrava, Michael and Golestani, Ali and Hofmann, Frank and Heidrich, Mike and Hiensch, Stefan and Kays, R{\"u}diger and Meyer, Michael and M{\"u}ller, Andreas and ten Brink, Stephan and Petreska, Neda and Popovic, Milan and Rauchhaupt, Lutz and Saad, Ahmad and Schotten, Hans and W{\"o}ste, Christoph and Wolff, Ingo} } @Inproceedings { 2017-henze-ic2e-prada, title = {Practical Data Compliance for Cloud Storage}, year = {2017}, month = {4}, day = {4}, pages = {252-258}, tags = {ssiclops, ipacs}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-ic2e-prada.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 2017 IEEE International Conference on Cloud Engineering (IC2E 2017), Vancouver, BC, Canada}, language = {en}, ISBN = {978-1-5090-5817-4}, DOI = {10.1109/IC2E.2017.32}, reviewed = {1}, author = {Henze, Martin and Matzutt, Roman and Hiller, Jens and M{\"u}hmer, Erik and Ziegeldorf, Jan Henrik and van der Giet, Johannes and Wehrle, Klaus} } @Inproceedings { 2017-ziegeldorf-codaspy-priward, title = {Privacy-Preserving HMM Forward Computation}, year = {2017}, month = {3}, day = {22}, pages = {83-94}, tags = {mynedata}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-ziegeldorf-codaspy-priward.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (CODASPY 2017), Scottsdale, AZ, USA}, language = {en}, ISBN = {978-1-4503-4523-1}, DOI = {10.1145/3029806.3029816}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Metzke, Jan and R{\"u}th, Jan and Henze, Martin and Wehrle, Klaus} } @Inproceedings { 2017-matzutt-mynedata, title = {myneData: Towards a Trusted and User-controlled Ecosystem for Sharing Personal Data}, year = {2017}, pages = {1073-1084}, abstract = {Personal user data is collected and processed at large scale by a handful of big providers of Internet services. This is detrimental to users, who often do not understand the privacy implications of this data collection, as well as to small parties interested in gaining insights from this data pool, e.g., research groups or small and middle-sized enterprises. To remedy this situation, we propose a transparent and user-controlled data market in which users can directly and consensually share their personal data with interested parties for monetary compensation. We define a simple model for such an ecosystem and identify pressing challenges arising within this model with respect to the user and data processor demands, legal obligations, and technological limits. We propose myneData as a conceptual architecture for a trusted online platform to overcome these challenges. Our work provides an initial investigation of the resulting myneData ecosystem as a foundation to subsequently realize our envisioned data market via the myneData platform.}, note = {Presentation slides are in German}, keywords = {Personal User Data, Personal Information Management, Data Protection Laws, Privacy Enhancing Technologies, Platform Design, Profiling}, tags = {mynedata_show}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-matzutt-informatik-mynedata.pdf}, web_url = {https://www.comsys.rwth-aachen.de/fileadmin/misc/mynedata/talks/2017-matzutt-informatik-mynedata-presentation.pdf}, web_url_date = {Presentation slides}, editor = {Eibl, Maximilian and Gaedke, Martin}, publisher = {Gesellschaft f{\"u}r Informatik, Bonn}, booktitle = {INFORMATIK 2017}, event_place = {Chemnitz}, event_name = {INFORMATIK 2017}, event_date = {2017-09-28}, language = {English}, ISBN = {978-3-88579-669-5}, ISSN = {1617-5468}, DOI = {10.18420/in2017_109}, reviewed = {1}, author = {Matzutt, Roman and M{\"u}llmann, Dirk and Zeissig, Eva-Maria and Horst, Christiane and Kasugai, Kai and Lidynia, Sean and Wieninger, Simon and Ziegeldorf, Jan Henrik and Gudergan, Gerhard and Spiecker gen. D{\"o}hmann, Indra and Wehrle, Klaus and Ziefle, Martina} } @Inproceedings { 2016-henze-cloudcom-trinics, title = {Towards Transparent Information on Individual Cloud Service Usage}, year = {2016}, month = {12}, day = {12}, pages = {366-370}, tags = {trinics}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-henze-cloudcom-trinics.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Luxembourg, Luxembourg}, language = {en}, ISBN = {978-1-5090-1445-3}, DOI = {10.1109/CloudCom.2016.0064}, reviewed = {1}, author = {Henze, Martin and Kerpen, Daniel and Hiller, Jens and Eggert, Michael and Hellmanns, David and M{\"u}hmer, Erik and Renuli, Oussama and Maier, Henning and St{\"u}ble, Christian and H{\"a}u{\ss}ling, Roger and Wehrle, Klaus} } @Inproceedings { 2016-mitseva-ccs-fingerprinting, title = {POSTER: Fingerprinting Tor Hidden Services}, year = {2016}, month = {10}, day = {24}, pages = {1766-1768}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2016/2016-mitseva-ccs-fingerprinting.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria}, language = {en}, ISBN = {978-1-4503-4139-4}, DOI = {10.1145/2976749.2989054}, reviewed = {1}, author = {Mitseva, Asya and Panchenko, Andriy and Lanze, Fabian and Henze, Martin and Wehrle, Klaus and Engel, Thomas} } @Inproceedings { 2016-matzutt-ccs-bitcoin, title = {POSTER: I Don't Want That Content! On the Risks of Exploiting Bitcoin's Blockchain as a Content Store}, year = {2016}, month = {10}, day = {24}, pages = {1769-1771}, tags = {mynedata}, url = {/fileadmin/papers/2016/2016-matzutt-ccs-blockchaincontent.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria}, language = {en}, ISBN = {978-1-4503-4139-4}, DOI = {10.1145/2976749.2989059}, reviewed = {1}, author = {Matzutt, Roman and Hohlfeld, Oliver and Henze, Martin and Rawiel, Robin and Ziegeldorf, Jan Henrik and Wehrle, Klaus} } @Techreport { 2016-henze-aib-sensorcloud, title = {The SensorCloud Protocol: Securely Outsourcing Sensor Data to the Cloud}, year = {2016}, month = {7}, day = {11}, number = {AIB-2016-06}, number2 = {arXiv:1607.03239 [cs.NI]}, pages = {1--24}, tags = {sensorcloud}, url = {fileadmin/papers/2016/2016-henze-aib-sensorcloud.pdf}, misc2 = {Online}, publisher = {Department of Computer Science, RWTH Aachen University}, address = {Ahornstr. 55, 52074 Aachen, Germany}, institution = {Department of Computer Science, RWTH Aachen University}, type = {Technical Report}, language = {en}, ISSN = {0935-3232}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus} } @Proceedings { 2016-Jakobs-EURAS, title = {Co-opetition and Open Innovation. Proc. 21st EURAS Annual Standardisation Conference, 2016, Montpellier, France}, year = {2016}, month = {5}, misc2 = {Online}, publisher = {Mainz}, language = {EN}, ISBN = {978-3-95886-103-9}, reviewed = {1}, author = {Jakobs, Kai and Mione, Anne and Cutting-Decelle, Anne-Francoise and Mignon, Sophie} } @Techreport { 2015-draft-moskowitz-hip-dex-04, title = {HIP Diet EXchange (DEX)}, year = {2015}, month = {7}, day = {20}, number = {draft-moskowitz-hip-dex-04}, abstract = {This document specifies the Host Identity Protocol Diet EXchange (HIP DEX), a variant of the Host Identity Protocol Version 2 (HIPv2). The HIP DEX protocol design aims at reducing the overhead of the employed cryptographic primitives by omitting public-key signatures and hash functions. In doing so, the main goal is to still deliver similar security properties to HIPv2. The HIP DEX protocol is primarily designed for computation or memory-constrained sensor/actuator devices. Like HIPv2, it is expected to be used together with a suitable security protocol such as the Encapsulated Security Payload (ESP) for the protection of upper layer protocol data. In addition, HIP DEX can also be used as a keying mechanism for security primitives at the MAC layer, e.g., for IEEE 802.15.4 networks.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-dex-04}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Moskowitz, Robert and Hummen, Ren{\'e}} } @Techreport { 2015-draft-moskowitz-hip-dex-03, title = {HIP Diet EXchange (DEX)}, year = {2015}, month = {6}, day = {19}, number = {draft-moskowitz-hip-dex-03}, abstract = {This document specifies the Host Identity Protocol Diet EXchange (HIP DEX), a variant of the Host Identity Protocol Version 2 (HIPv2). The HIP DEX protocol design aims at reducing the overhead of the employed cryptographic primitives by omitting public-key signatures and hash functions. In doing so, the main goal is to still deliver similar security properties to HIPv2. The HIP DEX protocol is primarily designed for computation or memory-constrained sensor/actuator devices. Like HIPv2, it is expected to be used together with a suitable security protocol such as the Encapsulated Security Payload (ESP) for the protection of upper layer protocol data. In addition, HIP DEX can also be used as a keying mechanism for security primitives at the MAC layer, e.g., for IEEE 802.15.4 networks.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-dex-03}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Moskowitz, Robert and Hummen, Ren{\'e}} } @Inproceedings { 2015-ziegeldorf-iwpe-comparison, title = {Choose Wisely: A Comparison of Secure Two-Party Computation Frameworks}, year = {2015}, month = {5}, day = {21}, pages = {198-205}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2015/2015-ziegeldorf-iwpe-choose.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {2015 International Workshop on Privacy Engineering (IWPE'15), part of 2015 IEEE Security and Privacy Workshops (SPW 2015), San Jose, CA, USA}, language = {en}, DOI = {10.1109/SPW.2015.9}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Metzke, Jan and Henze, Martin and Wehrle, Klaus} } @Proceedings { 2015-sdnflex-heuschkel-dyns, title = {Protocol Virtualization through Dynamic Network Stacks}, year = {2015}, month = {3}, day = {9}, publisher = {IEEE}, event_place = {Cottbus}, event_name = {SDNFlex Workshop (NetSys 2015)}, event_date = {March 2015, 9-12}, language = {en}, DOI = {10.1109/NetSys.2015.7089055}, reviewed = {1}, author = {Heuschkel, Jens and Schweizer, Immanuel and Zimmermann, Torsten and Wehrle, Klaus and M{\"u}hlh{\"a}user, Max} } @Techreport { 2014-draft-moskowitz-hip-dex-02, title = {HIP Diet EXchange (DEX)}, year = {2014}, month = {12}, day = {19}, number = {draft-moskowitz-hip-dex-02}, abstract = {This document specifies the Host Identity Protocol Diet EXchange (HIP DEX), a variant of the Host Identity Protocol Version 2 (HIPv2). The HIP DEX protocol design aims at reducing the overhead of the employed cryptographic primitives by omitting public-key signatures and hash functions. In doing so, the main goal is to still deliver similar security properties to HIPv2. The HIP DEX protocol is primarily designed for computation or memory-constrained sensor/actuator devices. Like HIPv2, it is expected to be used together with a suitable security protocol such as the Encapsulated Security Payload (ESP) for the protection of upper layer protocol data. In addition, HIP DEX can also be used as a keying mechanism for security primitives at the MAC layer, e.g., for IEEE 802.15.4 networks.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-dex-02}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Moskowitz, Robert and Hummen, Ren{\'e}} } @Incollection { 2014-tcc-henze-trustpoint, title = {A Trust Point-based Security Architecture for Sensor Data in the Cloud}, year = {2014}, month = {12}, day = {14}, pages = {77-106}, tags = {sensorcloud}, misc2 = {Online}, editor = {Krcmar, Helmut and Reussner, Ralf and Rumpe, Bernhard}, publisher = {Springer}, booktitle = {Trusted Cloud Computing}, ISBN = {978-3-319-12717-0}, DOI = {10.1007/978-3-319-12718-7_6}, reviewed = {1}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Wehrle, Klaus} } @Article { 2014-cheng-acta-geodyn-geomater, title = {Use of MEMS accelerometers/inclinometers as a geotechnical monitoring method for ground subsidence}, journal = {Acta Geodynamica et Geomaterialia}, year = {2014}, month = {10}, day = {8}, volume = {11}, number = {4}, pages = {1--12}, abstract = {Accelerometer and inclinometer are inertial sensors capable of measuring corresponding magnitude of Earth gravitational field along the direction of each axis. By means of rotation matrices related to inertial navigation methods, the output values of a three-dimensional accelerometer or a two-dimensional inclinometer can be transformed and processed into the azimuth and dip angle of the monitored target. With the rapid growth in development and cost reduction of Micro Electro Mechanical Systems (MEMS) and Wireless Sensor Network (WSN) in recent years, the engineers are able to carry out real-time wireless geotechnical monitoring during construction. In this paper, we set up a one-day measurement implemented by a self- developed wireless MEMS monitoring system on the surface in the construction site of South Hongmei Road super high way tunnel in Shanghai, by making use of rotation matrices in specific ways, the raw data are processed to expressions of three-dimensional normal vectors that represent the change of the ground. After unifying the vectors in the same coordinate system, we conduct a brief ground settlement analysis by means of an evaluation of the dip angles in the cross section and the azimuths of the sensor nodes.}, web_url = {http://www.irsm.cas.cz/index_en.php?page=acta_detail_doi\&id=96}, misc = {Online}, publisher = {Institute of Rock Structure and Mechanics of the ASCR, v.v.i.}, address = {Prague, Czech Republic}, howpublished = {Online}, language = {en}, ISSN = {2336-4351}, DOI = {10.13168/AGG.2014.0015}, reviewed = {1}, author = {Li, Cheng and Fern{\'a}ndez-Steeger, Tom{\'a}s and Bitsch Link, J{\'o} Agila and May, Matthias and Azzam, Rafig} } @Techreport { 2014-draft-moskowitz-hip-dex-01, title = {HIP Diet EXchange (DEX)}, year = {2014}, month = {3}, day = {4}, number = {draft-moskowitz-hip-dex-01}, abstract = {This document specifies the Host Identity Protocol Diet EXchange (HIP DEX), a variant of the HIP Base EXchange (HIP BEX) [rfc5201-bis]. The HIP DEX protocol design aims at reducing the overhead of the employed cryptographic primitives by omitting public-key signatures and hash functions. In doing so, the main goal is to still deliver similar security properties to HIP BEX. The HIP DEX protocol is primarily targeted at computation or memory-constrained sensor devices. Like HIP BEX, it is expected to be used together with another suitable security protocol such as the Encapsulated Security Payload (ESP) [rfc5202-bis] for the protection of upper layer protocols. HIP DEX can also be used as a keying mechanism for a MAC layer security protocol as is supported by IEEE 802.15.4 [IEEE.802-15-4.2011].}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-dex-01}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Moskowitz, Robert and Hummen, Ren{\'e}} } @Inproceedings { 2014-comsnets-aktas-graph-based-redundancy-removal, title = {Graph-based Redundancy Removal Approach for Multiple Cross-Layer Interactions}, year = {2014}, month = {1}, day = {7}, pages = {1-8}, tags = {crawler}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2014/2014-aktas-comsnets-redundancy.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 2014 Sixth International Conference on Communication Systems and Networks (COMSNETS), Bangalore, India}, event_place = {Bangalore, India}, event_name = {2014 Sixth International Conference on Communication Systems and Networks (COMSNETS)}, event_date = {7-10 January, 2014}, language = {en}, ISBN = {978-1-4799-3635-9}, DOI = {10.1109/COMSNETS.2014.6734899}, reviewed = {1}, author = {Aktas, Ismet and Henze, Martin and Alizai, Muhammad Hamad and M{\"o}llering, Kevin and Wehrle, Klaus} } @Book { 2014-EURAS-Jakobs, title = {Cooperation among standardisation organisations and the scientific and academic community. Proceedings of the 19th EURAS Conference.}, year = {2014}, editor = {Kai Jakobs \& Ivana Mijatovic}, publisher = {Mainz Academic Publisher}, author = {Jakobs, Kai and Mijatovic, Ivana} } @Article { 2013-ijghpc-henze-sensorcloud, title = {Maintaining User Control While Storing and Processing Sensor Data in the Cloud}, journal = {International Journal of Grid and High Performance Computing (IJGHPC)}, year = {2013}, month = {12}, volume = {5}, number = {4}, pages = {97-112}, tags = {sensorcloud}, url = {fileadmin/papers/2013/2013-ijghpc-henze-sensorcloud.pdf}, misc2 = {Online}, publisher = {IGI Global}, language = {en}, ISSN = {1938-0259}, DOI = {10.4018/ijghpc.2013100107}, reviewed = {1}, author = {Henze, Martin and Hummen, Ren{\'e} and Matzutt, Roman and Catrein, Daniel and Wehrle, Klaus} } @Inproceedings { 2013-wisec-garcia-securing, title = {Securing the IP-based Internet of Things with HIP and DTLS}, year = {2013}, month = {4}, pages = {119--124}, publisher = {ACM}, booktitle = {Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '13) (short paper)}, ISBN = {978-1-4503-1998-0}, DOI = {10.1145/2462096.2462117}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Moreno-Sanchez, Pedro and Vidal-Meca, Francisco and Ziegeldorf, Jan Henrik} } @Inproceedings { 2013-pitsac-vidalmeca-hip, title = {HIP security architecture for the IP-based Internet of Things}, year = {2013}, month = {3}, day = {25}, pages = {1331 - 1336}, abstract = {The IP-based Internet of Things refers to the pervasive interactions of smart objects and people enabling new applications by means of IP protocols. An application scenario is a Smart City in which the city infrastructure, cars, and people exchange information to enable new services. IP protocols, such as IPv6, TCP and HTTP will be further complemented by IPv6 over Low powerWireless Personal Area Networks and Constrained Application Protocol currently in development in IETF. Security and privacy are a must for the IP-based IoTs in order to ensure its acceptance. However, mobility, limited bandwidth, and resource-constrained devices pose new challenges and require for a sound and efficient security architecture. In particular, dynamic association of mobile smart objects and the management of keys in large-scale networks remain an open challenge. In this context, we propose a flexible security architecture based on the Host Identity Protocol and Multimedia Internet KEYing protocols allowing for secure network association and key management. HIP - based on asymmetric-key cryptography - ensures unambiguous thing identification, mobility support, as well as a lightweight and secure method for network association. In our solution, HIP is extended with MIKEY capabilities to provide enhanced key management using polynomials, which allow to generate pairwise keys with any node based on its identity. This combination of protocols and crypto-algorithms ensures both strong security and very good performance as shown by our implementation and presents clear advantages compared with other alternatives.}, keywords = {Internet of Things; Security; Network Access; Key Management}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2013}, event_place = {Barcelona, Spain}, event_date = {25.-28.03.2013}, language = {en}, DOI = {10.1109/WAINA.2013.158}, reviewed = {1}, author = {Vidal Meca, Francisco and Ziegeldorf, Jan Henrik and Garcia-Morchon, Oscar and Kumar, Sandeep S. and Keoh, Sye Loong and Moreno-Sanchez, Pedro} } @Article { 2013-fernandez-ceriotti-bitsch-and-then-the-weekend-jsan, title = {“And Then, the Weekend Started”: Story of a WSN Deployment on a Construction Site}, journal = {Journal of Sensor and Actuator Networks}, year = {2013}, month = {3}, day = {11}, volume = {2}, number = {1}, pages = {156--171}, abstract = {Wireless Sensor Networks (WSNs) are versatile monitoring systems that can provide a large amount of real-time data in scenarios where wired infrastructures are inapplicable or expensive. This technology is expected to be handled by domain experts, who perceive a WSN as a (promised to be) easy to deploy black box. This work presents the deployment experience of a WSN, as conducted by domain experts, in a ground improvement area. Building upon off-the-shelf solutions, a fuel cell powered gateway and 21 sensor devices measuring acceleration, inclination, temperature and barometric pressure were installed to monitor ground subsidence. We report about how poor GSM service, malfunctioning hardware, unknown communication patterns and obscure proprietary software required in-field ad-hoc solutions. Through the lessons learned, we look forward to investigating how to make the deployment of these systems an easier task.}, keywords = {sensor network deployment; experiences; in-field debugging}, web_url = {http://www.mdpi.com/2224-2708/2/1/156}, misc2 = {Online}, language = {en}, ISSN = {2224-2708}, DOI = {10.3390/jsan2010156}, reviewed = {1}, author = {Fern{\'a}ndez-Steeger, Tom{\'a}s and Ceriotti, Matteo and Bitsch Link, J{\'o} Agila and May, Matthias and Hentschel, Klaus and Wehrle, Klaus} } @Conference { EW2013_parruca_gross, title = {On Semi-Static Interference Coordination under Proportional Fair Scheduling in LTE Systems}, year = {2013}, pages = {8}, abstract = {In this paper we consider the design of semi-static inter-cell interference coordination schemes for LTE networks. In this approach, base stations coordinate the power settings per resource block over long time spans such as seconds. In order to optimize the power settings, one needs to employ models which predict the rate of terminals over the next coordination period under the usage of a given power setting. However, these models are typically quite simple and neglect the impact from fading as well as from dynamic resource allocation performed at the base stations on a millisecond basis. Ignoring such properties of OFDMA networks leads therefore to suboptimal transmit power settings. In this paper, we study the impact from a precise rate prediction model that accurately accounts for fading and dynamic resource allocation. On the down-side, this more precise model leads to a much more involved optimization problem to be solved once per coordination period. We propose two different heuristic methods to deal with this problem. Especially the usage of genetic algorithm results to be promising to counteract the complexity increase. We then study the overall system performance and find precise rate prediction models to be essential for semi-static interference coordination as they provide significant performance improvements in comparison to approaches with simpler models.}, keywords = {ICIC, proportional fair scheduling, power mask, resource block, scheduling, dynamic scheduling, inter cell interference coordination, LTE, OFDMA, WiMAX}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2013/2013_ICIC_parruca_grysla_gross.pdf}, web_url = {http://www.vde-verlag.de/proceedings-en/563498043.html}, editor = {vde-verlag}, publisher = {vde-verlag}, address = {http://www.vde-verlag.de/}, booktitle = {Proceedings: European Wireless 2013}, event_place = {Guildford, UK}, event_name = {2013 - 19th European Wireless Conference}, event_date = {04/16/2012 - 04/18/2013}, language = {English}, author = {Parruca, Donald and Grysla, Marius and M{\"a}h{\"o}nen, Petri and Petrova, Marina and Zhou, Han and Naghibi, Farshad and Gross, James} } @Inproceedings { Mobileoffloading_2013, title = {Mobile Adhoc Offloading in Wireless Ad hoc Network}, year = {2013}, url = {http://arxiv.org/abs/1401.4528}, booktitle = {Proc. of MANIAC 2013: Mobile Offloading competition}, event_name = {MANIAC 2013}, event_date = {Berlin, Germany}, author = {Li, Di and Mitseva, Asya} } @Inproceedings { 2012-mobicom-wirtz-sofi, title = {Demo: On-demand Content-centric Wireless Networking}, year = {2012}, month = {8}, pages = {451-454}, misc2 = {Online}, publisher = {ACM}, address = {New York, NY, USA}, booktitle = {Proceedings of the 18th ACM Annual International Conference on Mobile Computing and Networking (MobiCom'12), Istanbul, Turkey}, event_place = {Istanbul, Turkey}, event_name = {18th ACM Annual International Conference on Mobile Computing and Networking}, event_date = {22-26 August 2012}, language = {en}, ISBN = {978-1-4503-1159-5}, DOI = {10.1145/2348543.2348608}, reviewed = {1}, author = {Wirtz, Hanno and Martin, David and Grap, Benjamin and Wehrle, Klaus} } @Phdthesis { 2011-mochon-phdthesis, title = {Security for Pervasive Healthcare}, year = {2012}, school = {Security for Pervasive Healthcare}, author = {Mochon, Oscar Garcia} } @Techreport { rfc5201-bis-04, title = {{Host Identity Protocol Version 2}}, year = {2011}, month = {1}, volume = {1}, number = {draft-ietf-hip-rfc5201-bis-04.txt}, note = {{expires: July 24, 2011 (work in progress)}}, tags = {mobile_access}, url = {http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-04}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-04}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz, Robert and Jokela, Petri and Henderson, Thomas R. and Heer, Tobias} } @Techreport { rfc5201-bis-03, title = {{Host Identity Protocol Version 2}}, year = {2010}, month = {10}, volume = {1}, number = {draft-ietf-hip-rfc5201-bis-03.txt}, note = {{expires: April 26, 2011 (work in progress)}}, url = {http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-03}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-03}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz, Robert and Jokela, Petri and R. Henderson, Thomas and Heer, Tobias} } @Techreport { rfc5201-bis-01, title = {{Host Identity Protocol Version 2}}, year = {2010}, month = {9}, volume = {1}, number = {draft-ietf-hip-rfc5201-bis-01.txt}, note = {{expires: March 7, 2011 (work in progress)}}, url = {http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-01}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-01}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz, Robert and Jokela, Petri and R. Henderson, Thomas and Heer, Tobias} } @Techreport { moskowitz-rfc5201-bis-02, title = {{Host Identity Protocol Version 2}}, year = {2010}, month = {7}, volume = {1}, number = {draft-moskowitz-hip-rfc5201-bis-02.txt}, note = {{expires: January 2, 2011 (work in progress)}}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-rfc5201-bis-02}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-moskowitz-hip-rfc5201-bis-02}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz, Robert and Jokela, Petri and R. Henderson, Thomas and Heer, Tobias} } @Techreport { rfc5201-bis-02, title = {{Host Identity Protocol Version 2}}, year = {2010}, month = {7}, volume = {1}, number = {draft-ietf-hip-rfc5201-bis-02.txt}, note = {{expires: March 7, 2011 (work in progress)}}, url = {http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-02}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-02}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz, Robert and Jokela, Petri and R. Henderson, Thomas and Heer, Tobias} } @Inbook { 2010-aktas-modeling-application-traffic-bookchapter, title = {Modeling Application Traffic}, year = {2010}, month = {4}, pages = {397-426}, publisher = {Springer}, chapter = {18}, booktitle = {Modeling and Tools for Network Simulation}, ISBN = {978-3-642-12330-6}, author = {Aktas, Ismet and Mengi, Cem and King, Thomas} } @Techreport { moskowitz-rfc5201-bis-01, title = {{Host Identity Protocol Version 2}}, year = {2010}, month = {3}, volume = {1}, number = {draft-moskowitz-hip-rfc5201-bis-01.txt}, note = {{expires: September 10, 2010 (work in progress)}}, url = {http://tools.ietf.org/html/draft-moskowitz-hip-rfc5201-bis-01}, misc2 = {Online}, publisher = {{IETF Trust}}, howpublished = {An online version is available at: http://tools.ietf.org/html/draft-moskowitz-hip-rfc5201-bis-01}, series = {Internet Drafts}, organization = {{Internet Engineering Task Force}}, institution = {Internet Engineering Task Force}, language = {en}, reviewed = {1}, author = {Moskowitz Pekka Nikander, Robert and Jokela, Petri and R. Henderson, Thomas and Heer, Tobias} } @Inbook { 201001ThieleINTECHRatpack, title = {Dynamic Wireless Sensor Networks for Animal Behavior Research}, year = {2010}, month = {1}, pages = {629--644}, tags = {RatPack}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2010/2010-01-Thiele-INTECH-Ratpack.pdf}, web_url = {http://sciyo.com/articles/show/title/dynamic-wireless-sensor-networks-for-animal-behavior-research}, web_url2 = {http://www.intechopen.com/articles/show/title/dynamic-wireless-sensor-networks-for-animal-behavior-research}, misc2 = {Online}, editor = {Domenico Campolo}, publisher = {InTech}, address = {Vienna, Austria}, chapter = {32}, booktitle = {Recent Advances in Biomedical Engineering}, language = {en}, ISBN = {978-953-7619-57-2}, reviewed = {1}, author = {Thiele, Johannes and Bitsch Link, J{\'o} Agila and Osechas, Okuary and Mallot, Hanspeter and Wehrle, Klaus} } @Inproceedings { 20105munawardynamictinyos, title = {Dynamic TinyOS: Modular and Transparent Incremental Code-Updates for Sensor Networks}, year = {2010}, pages = {1-6}, abstract = {Long-term deployments of sensor networks in physically inaccessible environments make remote re-programmability of sensor nodes a necessity. Ranging from full image replacement to virtual machines, a variety of mechanisms exist today to deploy new software or to fix bugs in deployed systems. However, TinyOS - the current state of the art sensor node operating system - is still limited to full image replacement as nodes execute a statically-linked system-image generated at compilation time. In this paper we introduce Dynamic TinyOS to enable the dynamic exchange of software components and thus incrementally update the operating system and its applications. The core idea is to preserve the modularity of TinyOS, i.e. its componentization, which is lost during the normal compilation process, and enable runtime composition of TinyOS components on the sensor node. The proposed solution integrates seamlessly into the system architecture of TinyOS: It does not require any changes to the programming model of TinyOS and existing components can be reused transparently. Our evaluation shows that Dynamic TinyOS incurs a low performance overhead while keeping a smaller - upto one third - memory footprint than other comparable solutions.}, url = {fileadmin/papers/2010/2010-05-icc-munawar-DynamicTinyOS.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the IEEE International Conference on Communications (ICC), Cape Town, South Africa}, language = {en}, ISBN = {978-1-4244-6402-9}, ISSN = {1550-3607}, reviewed = {1}, author = {Munawar, Waqaas and Alizai, Muhammad Hamad and Landsiedel, Olaf and Wehrle, Klaus} } @Techreport { 200908munawarfgsndynamictinyos, title = {Remote Incremental Adaptation of Sensor Network Applications}, year = {2009}, month = {9}, pages = {9-12}, url = {fileadmin/papers/2009/2009-08-munawar-fgsn-dynamic-tinyos.pdf}, web_url = {http://doku.b.tu-harburg.de/volltexte/2009/581/pdf/proceedings.pdf}, misc2 = {Print}, publisher = {Technical University Hamburg}, address = {Technical University Hamburg}, booktitle = {Proceedings of the 8th GI/ITG KuVS Fachgespr{\"a}ch ''Wireless Sensor Networks'', Hamburg, Germany}, institution = {Technical University Hamburg}, language = {en}, author = {Munawar, Waqaas and Landsiedel, Olaf and Alizai, Muhammad Hamad and Wehrle, Klaus} } @Proceedings { 2009-aktas-maple-ModeldrivenSupportforSourceCodeVariabilityinAutomotiveSoftwareEngineering-Workshop, title = {Model-driven Support for Source Code Variability in Automotive Software Engineering}, year = {2009}, month = {8}, pages = {44-51}, abstract = {Variability on source code level in automotive soft- ware engineering is handled by C/C++ preprocessing directives. It provides fine-grained definition of variation points, but brings highly complex structures into the source code. The software gets more difficult to understand, to maintain and to integrate changes. Current approaches for modeling and managing vari- ability on source code do not consider the specific requirements of the automotive domain. To close this gap, we propose a model- driven approach to support software engineers in handling source code variability and configuration of software variants. For this purpose, a variability model is developed that is linked with the source code. Using this approach, a software engineer can shift work steps to the variability model in order to model and manage variation points and implement their variants in the source code.}, keywords = {automotive software engineering; programming; model-driven engineering; variability modeling;}, misc2 = {Online}, publisher = {CEUR}, booktitle = {1st International Workshop on Model-driven Approaches in Software Product Line Engineering (MAPLE), San Francisco, CA, USA}, ISSN = {1613-0073}, reviewed = {1}, author = {Mengi, Cem and Fu{\ss}, Christian and Zimmermann, Ruben and Aktas, Ismet} } @Conference { 2009-mwns-samad-hsvc, title = {Handling Security Vulnerabilities in Clustered Wireless Mesh Networks}, year = {2009}, month = {5}, day = {15}, pages = {51-62}, misc2 = {Print}, publisher = {Shaker Verlag}, booktitle = {The 2nd International Workshop on Mobile and Wireless Networks Security in conjunction with IFIP NETWORKING 2009, Aachen, Germany.}, event_place = {Aachen, Germany}, event_name = {International Workshop on Mobile and Wireless Networks Security (MWNS 2009)}, language = {en}, ISBN = {978-3-8322-8177-9}, author = {Samad, Fahad and Makram, Sadeq Ali} } @Inbook { 2008-thissen-LNCS-synergy, title = {Synergy by Integrating New Functionality}, year = {2008}, pages = {519-526}, misc2 = {Print}, editor = {M. Nagl, W. Marquardt}, publisher = {Springer}, series = {Lecture Notes in Computer Science 4970}, booktitle = {Collaborative and Distributed Chemical Engineering, From Understanding to Substantial Design Process Support}, language = {en}, ISBN = {978-3-540-70551-2}, author = {Becker, Simon and Heller, Markus and Jarke, Matthias and Marquardt, Wolfgang and Nagl, Manfred and Spaniol, Otto and Thi{\ss}en, Dirk} } @Inproceedings { 200707BitschSNFGRatPack, title = {Ratpack: Using Sensor Networks for Animal Observation}, year = {2007}, month = {7}, day = {16}, volume = {2007-11}, pages = {95 -- 97}, abstract = {The goal of this project is to describe the behaviour of rats. To study this behaviour, we will resort to the use of wireless sensor networks, monitoring various quantities that yield important information to complement current knowledge on the behavioural repertoire of rats. The challenges we face include data acquisition and processing on the one hand, as rat-borne sensor nodes will need to be small enough not to interfere with the rats' own activities, thus limiting the available memory and processing capabilities. Additionally, rats spend a significant amount of time underground, making data transmission and routing a very interesting challenge, for which we are currently developing novel strategies.}, tags = {RatPack}, url = {fileadmin/papers/2007/2007-07-Bitsch-SNFG-RatPack.pdf}, misc2 = {Print}, editor = {Klaus Wehrle}, publisher = {RWTH Aachen University}, address = {Aachen, Germany}, series = {AIB}, booktitle = {6th GI/ITG KuVS Fachgespr{\"a}ch ''Wireless Sensor Networks'', Aachen, Germany}, organization = {GI/ITG Fachgruppe ''Kommunikation und Verteilte Systeme''}, event_place = {Aachen, Germany}, event_name = {6th GI/ITG KuVS Fachgespr{\"a}ch ''Wireless Sensor Networks''}, event_date = {July 16-17, 2007}, language = {en}, ISSN = {0935-3232}, reviewed = {1}, author = {Bitsch Link, J{\'o} Agila and Wehrle, Klaus and Osechas, Okuary and Thiele, Johannes and Mallot, Hanspeter} } @Inproceedings { 200606LandsiedelRatWatch, title = {Rat Watch: Using Sensor Networks for Animal Observation}, year = {2006}, month = {6}, day = {19}, volume = {1}, pages = {1--2}, abstract = {In an attempt to employ sensor network technology for animal observation, in particular of wild rats, we identified several restrictive shortcomings in existing sensor network research, which we discuss in this paper.}, note = {(Poster and Abstract)}, tags = {RatPack}, url = {fileadmin/papers/2006/2006-06-Landsiedel-RatWatch.pdf}, web_url2 = {http://www.sics.se/realwsn06/program.html}, misc2 = {Online}, editor = {Pedro Jos{\'e} Marron and Thiemo Voigt}, publisher = {SICS}, address = {Uppsala, Sweden}, booktitle = {ACM Workshop on Real-World Wireless Sensor Networks (RealWSN) in conjunction with ACM MobiSys, Uppsala, Sweden}, organization = {ACM}, event_place = {Uppsala, Sweden}, event_name = {ACM Workshop on Real-World Wireless Sensor Networks, REALWSN'06}, event_date = {June 19, 2006}, language = {en}, reviewed = {1}, author = {Landsiedel, Olaf and Bitsch Link, J{\'o} Agila and Wehrle, Klaus and Thiele, Johannes and Mallot, Hanspeter} } @Inproceedings { 200504mongerinformatiktage, title = {Eine strategieorientierte, modulare Simulationsumgebung f{\"u}r mobile Ad-Hoc-Szenarien}, year = {2005}, address = {Schloss Birlinghoven}, booktitle = {Proceedings of GI-Informatiktage 2005}, author = {Monger, Andreas and Hofmann, Stefanie and Bronni, Jan and Kronfeld, Marcel} } @Inbook { 1999-thissen-springer-management, title = {Dienstmanagement und -vermittlung f{\"u}r Entwicklungswerkzeuge}, year = {1999}, pages = {371-386}, misc2 = {Print}, editor = {M. Nagl, B. Westfechtel}, publisher = {Springer}, booktitle = {Integration von Entwicklungssystemen in Ingenieuranwendungen, Substantielle Verbesserung der Entwicklungsprozesse}, language = {de}, ISBN = {3-540-63920-9}, author = {Spaniol, Otto and Thi{\ss}en, Dirk and Meyer, Bernd and Linnhoff-Popien, Claudia} } @Article { 1997-thissen-IM-corba, title = {Industrieller Einsatz von CORBA: Situation und zuk{\"u}nftige Entwicklungen}, journal = {Industrie Management}, year = {1997}, volume = {6}, misc2 = {Print}, language = {de}, author = {Spaniol, Otto and Meyer, Bernd and Thi{\ss}en, Dirk} }