% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-04-23 % Creation time: 16-03-36 % --- Number of references % 44 % @Article { 2023_pennekamp_purchase_inquiries, title = {Offering Two-Way Privacy for Evolved Purchase Inquiries}, journal = {ACM Transactions on Internet Technology}, year = {2023}, month = {11}, day = {17}, volume = {23}, number = {4}, abstract = {Dynamic and flexible business relationships are expected to become more important in the future to accommodate specialized change requests or small-batch production. Today, buyers and sellers must disclose sensitive information on products upfront before the actual manufacturing. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness. Related work overlooks this issue so far: Existing approaches only protect the information of a single party only, hindering dynamic and on-demand business relationships. To account for the corresponding research gap of inadequately privacy-protected information and to deal with companies without an established trust relation, we pursue the direction of innovative privacy-preserving purchase inquiries that seamlessly integrate into today's established supplier management and procurement processes. Utilizing well-established building blocks from private computing, such as private set intersection and homomorphic encryption, we propose two designs with slightly different privacy and performance implications to securely realize purchase inquiries over the Internet. In particular, we allow buyers to consider more potential sellers without sharing sensitive information and relieve sellers of the burden of repeatedly preparing elaborate yet discarded offers. We demonstrate our approaches' scalability using two real-world use cases from the domain of production technology. Overall, we present deployable designs that offer two-way privacy for purchase inquiries and, in turn, fill a gap that currently hinders establishing dynamic and flexible business relationships. In the future, we expect significantly increasing research activity in this overlooked area to address the needs of an evolving production landscape.}, keywords = {bootstrapping procurement; secure industrial collaboration; private set intersection; homomorphic encryption; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-purchase-inquiries.pdf}, publisher = {ACM}, ISSN = {1533-5399}, DOI = {10.1145/3599968}, reviewed = {1}, author = {Pennekamp, Jan and Dahlmanns, Markus and Fuhrmann, Frederik and Heutmann, Timo and Kreppein, Alexander and Grunert, Dennis and Lange, Christoph and Schmitt, Robert H. and Wehrle, Klaus} } @Inproceedings { 2023_pennekamp_benchmarking_comparison, title = {Designing Secure and Privacy-Preserving Information Systems for Industry Benchmarking}, year = {2023}, month = {6}, day = {15}, volume = {13901}, pages = {489-505}, abstract = {Benchmarking is an essential tool for industrial organizations to identify potentials that allows them to improve their competitive position through operational and strategic means. However, the handling of sensitive information, in terms of (i) internal company data and (ii) the underlying algorithm to compute the benchmark, demands strict (technical) confidentiality guarantees—an aspect that existing approaches fail to address adequately. Still, advances in private computing provide us with building blocks to reliably secure even complex computations and their inputs, as present in industry benchmarks. In this paper, we thus compare two promising and fundamentally different concepts (hardware- and software-based) to realize privacy-preserving benchmarks. Thereby, we provide detailed insights into the concept-specific benefits. Our evaluation of two real-world use cases from different industries underlines that realizing and deploying secure information systems for industry benchmarking is possible with today's building blocks from private computing.}, note = {Lecture Notes in Computer Science (LNCS), Volume 13901}, keywords = {real-world computing; trusted execution environments; homomorphic encryption; key performance indicators; benchmarking}, tags = {internet-of-production}, url = {https://jpennekamp.de/wp-content/papercite-data/pdf/plv+23.pdf}, publisher = {Springer}, booktitle = {Proceedings of the 35th International Conference on Advanced Information Systems Engineering (CAiSE '23), June 12-16, 2023, Zaragoza, Spain}, event_place = {Zaragoza, Spain}, event_name = {35th International Conference on Advanced Information Systems Engineering (CAiSE '23)}, event_date = {June 12-16, 2023}, ISBN = {978-3-031-34559-3}, ISSN = {0302-9743}, DOI = {10.1007/978-3-031-34560-9_29}, reviewed = {1}, author = {Pennekamp, Jan and Lohm{\"o}ller, Johannes and Vlad, Eduard and Loos, Joscha and Rodemann, Niklas and Sapel, Patrick and Fink, Ina Berenice and Schmitz, Seth and Hopmann, Christian and Jarke, Matthias and Schuh, G{\"u}nther and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2023-lorz-cired, title = {Interconnected grid protection systems - reference grid for testing an adaptive protection scheme}, year = {2023}, pages = {3286-3290}, tags = {ven2us}, booktitle = {27th International Conference on Electricity Distribution (CIRED 2023), Rome, Italy, June 12-15, 2023}, event_place = {Rome, Italy}, event_name = {International Conference \& Exhibition on Electricity Distribution (CIRED)}, event_date = {June 12-15, 2023}, DOI = {10.1049/icp.2023.0864}, reviewed = {1}, author = {Lorz, Tobias and Jaeger, Johann and Selimaj, Antigona and Hacker, Immanuel and Ulbig, Andreas and Heckel, Jan-Peter and Becker, Christian and Dahlmanns, Markus and Fink, Ina Berenice and Wehrle, Klaus and Erichsen, Gerrit and Schindler, Michael and Luxenburger, Rainer and Lin, Guosong} } @Proceedings { 2022-wolsing-radarsec, title = {Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset}, year = {2022}, month = {9}, tags = {rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-wolsing-radar.pdf}, publisher = {IEEE}, event_place = {Edmonton, Canada}, event_name = {47th IEEE Conference on Local Computer Networks (LCN)}, event_date = {September 26-29, 2022}, DOI = {10.1109/LCN53696.2022.9843801}, reviewed = {1}, author = {Wolsing, Konrad and Saillard, Antoine and Bauer, Jan and Wagner, Eric and van Sloun, Christian and Fink, Ina Berenice and Schmidt, Mari and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2022_kus_iids_generalizability, title = {A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection}, year = {2022}, month = {5}, day = {30}, pages = {73-84}, abstract = {Anomaly-based intrusion detection promises to detect novel or unknown attacks on industrial control systems by modeling expected system behavior and raising corresponding alarms for any deviations. As manually creating these behavioral models is tedious and error-prone, research focuses on machine learning to train them automatically, achieving detection rates upwards of 99 \%. However, these approaches are typically trained not only on benign traffic but also on attacks and then evaluated against the same type of attack used for training. Hence, their actual, real-world performance on unknown (not trained on) attacks remains unclear. In turn, the reported near-perfect detection rates of machine learning-based intrusion detection might create a false sense of security. To assess this situation and clarify the real potential of machine learning-based industrial intrusion detection, we develop an evaluation methodology and examine multiple approaches from literature for their performance on unknown attacks (excluded from training). Our results highlight an ineffectiveness in detecting unknown attacks, with detection rates dropping to between 3.2 \% and 14.7 \% for some types of attacks. Moving forward, we derive recommendations for further research on machine learning-based approaches to ensure clarity on their ability to detect unknown attacks.}, keywords = {anomaly detection; machine learning; industrial control system}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-kus-iids-generalizability.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 8th ACM Cyber-Physical System Security Workshop (CPSS '22), co-located with the 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan}, ISBN = {978-1-4503-9176-4/22/05}, DOI = {10.1145/3494107.3522773}, reviewed = {1}, author = {Kus, Dominik and Wagner, Eric and Pennekamp, Jan and Wolsing, Konrad and Fink, Ina Berenice and Dahlmanns, Markus and Wehrle, Klaus and Henze, Martin} } @Inproceedings { lorenz-ven2us-2022, title = {Interconnected network protection systems - the basis for the reliable and safe operation of distribution grids with a high penetration of renewable energies and electric vehicle}, year = {2022}, abstract = {Power grids are increasingly faced with the introduction of decentralized, highly volatile power supplies from renewable energies and high loads occurring from e-mobility. However, today’s static grid protection cannot manage all upcoming conditions while providing a high level of dependability and security. It forms a bottleneck of a future decarbonizing grid development. In our research project, we develop and verify an adaptive grid protection algorithm. It calculates situation dependent protection parameters for the event of power flow shifts and topology changes caused by volatile power supplies due to the increase of renewable generation and the rapid expansion of e-mobility. As a result the distribution grid can be operated with the optimally adapted protection parameters and functions for changing operating states. To safely adjust the values on protection hardware in the field, i.e., safe from hardware failures and cyberattacks, we research resilient and secure communication concepts for the adaptive and interconnected grid protection system. Finally, we validate our concept and system by demonstrations in the laboratory and field tests.}, tags = {ven2us}, booktitle = {Proceedings of the CIRED workshop on E-mobility and power distribution systems 2022, June 2-3, 2022, Porto, Portugal}, event_place = {Porto}, event_name = {CIRED workshop on E-mobility and power distribution systems 2022}, event_date = {June 2-3, 2022}, DOI = {10.1049/icp.2022.0768}, reviewed = {1}, author = {Lorenz, Matthias and Pletzer, Tobias Markus and Schuhmacher, Malte and Sowa, Torsten and Dahms, Michael and Stock, Simon and Babazadeh, Davood and Becker, Christian and Jaeger, Johann and Lorz, Tobias and Dahlmanns, Markus and Fink, Ina Berenice and Wehrle, Klaus and Ulbig, Andreas and Linnartz, Philipp and Selimaj, Antigona and Offergeld, Thomas} } @Inproceedings { 2021-krude-nfp-pred, title = {Determination of Throughput Guarantees for Processor-based SmartNICs}, year = {2021}, month = {12}, day = {7}, tags = {maki}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-krude-nfp-pred.pdf}, publisher = {ACM}, booktitle = {The 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT '21)}, ISBN = {978-1-4503-9098-9/21/12}, DOI = {10.1145/3485983.3494842}, reviewed = {1}, author = {Krude, Johannes and R{\"u}th, Jan and Schemmel, Daniel and Rath, Felix and Folbort, Iohannes-Heorh and Wehrle, Klaus} } @Inproceedings { 2021_pennekamp_bootstrapping, title = {Confidential Computing-Induced Privacy Benefits for the Bootstrapping of New Business Relationships}, year = {2021}, month = {11}, day = {15}, number = {RWTH-2021-09499}, abstract = {In addition to quality improvements and cost reductions, dynamic and flexible business relationships are expected to become more important in the future to account for specific customer change requests or small-batch production. Today, despite reservation, sensitive information must be shared upfront between buyers and sellers. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness following information leaks or breaches of their privacy. To address this issue, the concepts of confidential computing and cloud computing come to mind as they promise to offer scalable approaches that preserve the privacy of participating companies. In particular, designs building on confidential computing can help to technically enforce privacy. Moreover, cloud computing constitutes an elegant design choice to scale these novel protocols to industry needs while limiting the setup and management overhead for practitioners. Thus, novel approaches in this area can advance the status quo of bootstrapping new relationships as they provide privacy-preserving alternatives that are suitable for immediate deployment.}, keywords = {bootstrapping procurement; business relationships; secure industrial collaboration; privacy; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-pennekamp-bootstrapping.pdf}, publisher = {RWTH Aachen University}, booktitle = {Blitz Talk at the 2021 Cloud Computing Security Workshop (CCSW '21), co-located with the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS '21), November 15-19, 2021, Seoul, Korea}, institution = {RWTH Aachen University}, event_place = {Seoul, Korea}, event_date = {November 14, 2021}, DOI = {10.18154/RWTH-2021-09499}, author = {Pennekamp, Jan and Fuhrmann, Frederik and Dahlmanns, Markus and Heutmann, Timo and Kreppein, Alexander and Grunert, Dennis and Lange, Christoph and Schmitt, Robert H. and Wehrle, Klaus} } @Proceedings { fink-lcn-demons-2021, title = {DEMONS: Extended Manufacturer Usage Description to Restrain Malicious Smartphone Apps}, year = {2021}, month = {10}, day = {4}, tags = {nerd-nrw}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-fink-lcn-demons.pdf}, publisher = {IEEE}, howpublished = {online}, event_place = {Edmonton, Canada}, event_name = {46th IEEE Conference on Local Computer Networks (LCN)}, event_date = {October 4-7, 2021}, DOI = {10.1109/LCN52139.2021.9524879}, reviewed = {1}, author = {Fink, Ina Berenice and Serror, Martin and Wehrle, Klaus} } @Inproceedings { 2021_dahlmanns_entrust, title = {Transparent End-to-End Security for Publish/Subscribe Communication in Cyber-Physical Systems}, year = {2021}, month = {4}, day = {28}, pages = {78–87}, abstract = {The ongoing digitization of industrial manufacturing leads to a decisive change in industrial communication paradigms. Moving from traditional one-to-one to many-to-many communication, publish/subscribe systems promise a more dynamic and efficient exchange of data. However, the resulting significantly more complex communication relationships render traditional end-to-end security futile for sufficiently protecting the sensitive and safety-critical data transmitted in industrial systems. Most notably, the central message brokers inherent in publish/subscribe systems introduce a designated weak spot for security as they can access all communication messages. To address this issue, we propose ENTRUST, a novel solution for key server-based end-to-end security in publish/subscribe systems. ENTRUST transparently realizes confidentiality, integrity, and authentication for publish/subscribe systems without any modification of the underlying protocol. We exemplarily implement ENTRUST on top of MQTT, the de-facto standard for machine-to-machine communication, showing that ENTRUST can integrate seamlessly into existing publish/subscribe systems.}, keywords = {cyber-physical system security; publish-subscribe security; end-to-end security}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-dahlmanns-entrust.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 1st ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SaT-CPS '21), co-located with the 11th ACM Conference on Data and Application Security and Privacy (CODASPY '21), April 26-28, 2021, Virtual Event, USA}, event_place = {Virtual Event, USA}, event_name = {ACM Workshop on Secure and Trustworthy Cyber-Physical Systems}, event_date = {April 28, 2021}, ISBN = {978-1-4503-8319-6/21/04}, DOI = {10.1145/3445969.3450423}, reviewed = {1}, author = {Dahlmanns, Markus and Pennekamp, Jan and Fink, Ina Berenice and Schoolmann, Bernd and Wehrle, Klaus and Henze, Martin} } @Article { 2021-jakobs-engineering, title = {Standards Development for Smart Systems—A Potential Way Forward}, journal = {IEEE Transactions on Engineering Management}, year = {2021}, month = {2}, day = {1}, volume = {68}, number = {1}, pages = {75-86}, ISSN = {1558-0040}, DOI = {10.1109/TEM.2020.2976640}, reviewed = {1}, author = {Folmer, Erwin and Jakobs, Kai} } @Inproceedings { 2020_pennekamp_benchmarking, title = {Revisiting the Privacy Needs of Real-World Applicable Company Benchmarking}, year = {2020}, month = {12}, day = {15}, pages = {31-44}, abstract = {Benchmarking the performance of companies is essential to identify improvement potentials in various industries. Due to a competitive environment, this process imposes strong privacy needs, as leaked business secrets can have devastating effects on participating companies. Consequently, related work proposes to protect sensitive input data of companies using secure multi-party computation or homomorphic encryption. However, related work so far does not consider that also the benchmarking algorithm, used in today's applied real-world scenarios to compute all relevant statistics, itself contains significant intellectual property, and thus needs to be protected. Addressing this issue, we present PCB — a practical design for Privacy-preserving Company Benchmarking that utilizes homomorphic encryption and a privacy proxy — which is specifically tailored for realistic real-world applications in which we protect companies' sensitive input data and the valuable algorithms used to compute underlying key performance indicators. We evaluate PCB's performance using synthetic measurements and showcase its applicability alongside an actual company benchmarking performed in the domain of injection molding, covering 48 distinct key performance indicators calculated out of hundreds of different input values. By protecting the privacy of all participants, we enable them to fully profit from the benefits of company benchmarking.}, keywords = {practical encrypted computing; homomorphic encryption; algorithm confidentiality; benchmarking; key performance indicators; industrial application; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-company-benchmarking.pdf}, web_url = {https://eprint.iacr.org/2020/1512}, publisher = {HomomorphicEncryption.org}, booktitle = {Proceedings of the 8th Workshop on Encrypted Computing \& Applied Homomorphic Cryptography (WAHC '20), December 15, 2020, Virtual Event}, event_place = {Virtual Event}, event_date = {December 15, 2020}, ISBN = {978-3-00-067798-4}, DOI = {10.25835/0072999}, reviewed = {1}, author = {Pennekamp, Jan and Sapel, Patrick and Fink, Ina Berenice and Wagner, Simon and Reuter, Sebastian and Hopmann, Christian and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2020_pennekamp_parameter_exchange, title = {Privacy-Preserving Production Process Parameter Exchange}, year = {2020}, month = {12}, day = {10}, pages = {510-525}, abstract = {Nowadays, collaborations between industrial companies always go hand in hand with trust issues, i.e., exchanging valuable production data entails the risk of improper use of potentially sensitive information. Therefore, companies hesitate to offer their production data, e.g., process parameters that would allow other companies to establish new production lines faster, against a quid pro quo. Nevertheless, the expected benefits of industrial collaboration, data exchanges, and the utilization of external knowledge are significant. In this paper, we introduce our Bloom filter-based Parameter Exchange (BPE), which enables companies to exchange process parameters privacy-preservingly. We demonstrate the applicability of our platform based on two distinct real-world use cases: injection molding and machine tools. We show that BPE is both scalable and deployable for different needs to foster industrial collaborations. Thereby, we reward data-providing companies with payments while preserving their valuable data and reducing the risks of data leakage.}, keywords = {secure industrial collaboration; Bloom filter; oblivious transfer; Internet of Production}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-parameter-exchange.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA}, event_place = {Austin, TX, USA}, event_date = {December 7-11, 2020}, ISBN = {978-1-4503-8858-0/20/12}, DOI = {10.1145/3427228.3427248}, reviewed = {1}, author = {Pennekamp, Jan and Buchholz, Erik and Lockner, Yannik and Dahlmanns, Markus and Xi, Tiandong and Fey, Marcel and Brecher, Christian and Hopmann, Christian and Wehrle, Klaus} } @Proceedings { fink-lcn-demons-2020, title = {Extending MUD to Smartphones}, year = {2020}, month = {11}, day = {15}, tags = {nerd-nrw}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-fink-lcn-mud-smartphone.pdf}, publisher = {IEEE}, howpublished = {online}, event_place = {Sydney, Australia}, event_name = {45th IEEE Conference on Local Computer Networks (LCN)}, event_date = {November 16-19, 2020}, DOI = {10.1109/LCN48667.2020.9314782}, reviewed = {1}, author = {Fink, Ina Berenice and Serror, Martin and Wehrle, Klaus} } @Inproceedings { 2020_delacadena_trafficsliver, title = {TrafficSliver: Fighting Website Fingerprinting Attacks with Traffic Splitting}, year = {2020}, month = {11}, day = {12}, pages = {1971-1985}, abstract = {Website fingerprinting (WFP) aims to infer information about the content of encrypted and anonymized connections by observing patterns of data flows based on the size and direction of packets. By collecting traffic traces at a malicious Tor entry node — one of the weakest adversaries in the attacker model of Tor — a passive eavesdropper can leverage the captured meta-data to reveal the websites visited by a Tor user. As recently shown, WFP is significantly more effective and realistic than assumed. Concurrently, former WFP defenses are either infeasible for deployment in real-world settings or defend against specific WFP attacks only. To limit the exposure of Tor users to WFP, we propose novel lightweight WFP defenses, TrafficSliver, which successfully counter today’s WFP classifiers with reasonable bandwidth and latency overheads and, thus, make them attractive candidates for adoption in Tor. Through user-controlled splitting of traffic over multiple Tor entry nodes, TrafficSliver limits the data a single entry node can observe and distorts repeatable traffic patterns exploited by WFP attacks. We first propose a network-layer defense, in which we apply the concept of multipathing entirely within the Tor network. We show that our network-layer defense reduces the accuracy from more than 98\% to less than 16\% for all state-of-the-art WFP attacks without adding any artificial delays or dummy traffic. We further suggest an elegant client-side application-layer defense, which is independent of the underlying anonymization network. By sending single HTTP requests for different web objects over distinct Tor entry nodes, our application-layer defense reduces the detection rate of WFP classifiers by almost 50 percentage points. Although it offers lower protection than our network-layer defense, it provides a security boost at the cost of a very low implementation overhead and is fully compatible with today’s Tor network.}, keywords = {Traffic Analysis; Website Fingerprinting; Privacy; Anonymous Communication; Onion Routing; Web Privacy}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-trafficsliver.pdf}, web_url = {https://github.com/TrafficSliver}, publisher = {ACM}, booktitle = {Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS '20), November 9-13, 2020, Orlando, FL, USA}, event_place = {Virtual Event, USA}, event_date = {November 9-13, 2020}, ISBN = {978-1-4503-7089-9/20/11}, DOI = {10.1145/3372297.3423351}, reviewed = {1}, author = {De la Cadena, Wladimir and Mitseva, Asya and Hiller, Jens and Pennekamp, Jan and Reuter, Sebastian and Filter, Julian and Wehrle, Klaus and Engel, Thomas and Panchenko, Andriy} } @Inproceedings { 2020-henze-ccs-cybersecurity, title = {Poster: Cybersecurity Research and Training for Power Distribution Grids -- A Blueprint}, year = {2020}, month = {11}, day = {9}, abstract = {Mitigating cybersecurity threats in power distribution grids requires a testbed for cybersecurity, e.g., to evaluate the (physical) impact of cyberattacks, generate datasets, test and validate security approaches, as well as train technical personnel. In this paper, we present a blueprint for such a testbed that relies on network emulation and power flow computation to couple real network applications with a simulated power grid. We discuss the benefits of our approach alongside preliminary results and various use cases for cybersecurity research and training for power distribution grids.}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-henze-ccs-cybersecurity.pdf}, publisher = {ACM}, address = {New York, NY, USA}, booktitle = {Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ’20), November 9–13, 2020, Virtual Event, USA.}, event_place = {Virtual Event, USA}, event_date = {November 9-13, 2020}, DOI = {10.1145/3372297.3420016}, reviewed = {1}, author = {Henze, Martin and Bader, Lennart and Filter, Julian and Lamberts, Olav and Ofner, Simon and van der Velde, Dennis} } @Inproceedings { 2020-dahlmanns-imc-opcua, title = {Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments}, year = {2020}, month = {10}, day = {27}, pages = {101-110}, abstract = {Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24\% of hosts), disabled security functionality (24\%), or use of deprecated cryptographic primitives (25\%) on in total 92\% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols.}, keywords = {industrial communication; network security; security configuration}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf}, publisher = {ACM}, booktitle = {Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA}, event_place = {Pittsburgh, PA, USA}, event_name = {ACM Internet Measurement Conference 2020}, event_date = {October 27-29, 2020}, ISBN = {978-1-4503-8138-3/20/10}, DOI = {10.1145/3419394.3423666}, reviewed = {1}, author = {Dahlmanns, Markus and Lohm{\"o}ller, Johannes and Fink, Ina Berenice and Pennekamp, Jan and Wehrle, Klaus and Henze, Martin} } @Inproceedings { 2020_roepert_opcua, title = {Assessing the Security of OPC UA Deployments}, year = {2020}, month = {4}, day = {2}, abstract = {To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.}, tags = {internet-of-production, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf}, misc2 = {en}, publisher = {University of T{\"u}bingen}, booktitle = {Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, T{\"u}bingen, Germany}, event_place = {T{\"u}bingen, Germany}, event_date = {April 2-3, 2020}, DOI = {10.15496/publikation-41813}, reviewed = {1}, author = {Roepert, Linus and Dahlmanns, Markus and Fink, Ina Berenice and Pennekamp, Jan and Henze, Martin} } @Article { 2020_mann_welding_layers, title = {Connected, digitalized welding production — Secure, ubiquitous utilization of data across process layers}, journal = {Advanced Structured Materials}, year = {2020}, month = {4}, day = {1}, volume = {125}, pages = {101-118}, abstract = {A connected, digitalized welding production unlocks vast and dynamic potentials: from improving state of the art welding to new business models in production. For this reason, offering frameworks, which are capable of addressing multiple layers of applications on the one hand and providing means of data security and privacy for ubiquitous dataflows on the other hand, is an important step to enable the envisioned advances. In this context, welding production has been introduced from the perspective of interlaced process layers connecting information sources across various entities. Each layer has its own distinct challenges from both a process view and a data perspective. Besides, investigating each layer promises to reveal insight into (currently unknown) process interconnections. This approach has been substantiated by methods for data security and privacy to draw a line between secure handling of data and the need of trustworthy dealing with sensitive data among different parties and therefore partners. In conclusion, the welding production has to develop itself from an accumulation of local and isolated data sources towards a secure industrial collaboration in an Internet of Production.}, note = {Proceedings of the 1st International Conference on Advanced Joining Processes (AJP '19)}, keywords = {Welding Production; Industrie 4.0; Internet of Production; Data Security; Data Privacy}, tags = {Internet-of-Production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-mann-welding-layers.pdf}, publisher = {Springer}, event_place = {Ponta Delgada, Azores, Portugal}, event_date = {October 24-25, 2019}, ISBN = {978-981-15-2956-6}, ISSN = {1869-8433}, DOI = {10.1007/978-981-15-2957-3_8}, reviewed = {1}, author = {Mann, Samuel and Pennekamp, Jan and Brockhoff, Tobias and Farhang, Anahita and Pourbafrani, Mahsa and Oster, Lukas and Uysal, Merih Seran and Sharma, Rahul and Reisgen, Uwe and Wehrle, Klaus and van der Aalst, Wil} } @Inproceedings { 2019_pennekamp_dataflows, title = {Dataflow Challenges in an Internet of Production: A Security \& Privacy Perspective}, year = {2019}, month = {11}, day = {11}, pages = {27-38}, abstract = {The Internet of Production (IoP) envisions the interconnection of previously isolated CPS in the area of manufacturing across institutional boundaries to realize benefits such as increased profit margins and product quality as well as reduced product development costs and time to market. This interconnection of CPS will lead to a plethora of new dataflows, especially between (partially) distrusting entities. In this paper, we identify and illustrate these envisioned inter-organizational dataflows and the participating entities alongside two real-world use cases from the production domain: a fine blanking line and a connected job shop. Our analysis allows us to identify distinct security and privacy demands and challenges for these new dataflows. As a foundation to address the resulting requirements, we provide a survey of promising technical building blocks to secure inter-organizational dataflows in an IoP and propose next steps for future research. Consequently, we move an important step forward to overcome security and privacy concerns as an obstacle for realizing the promised potentials in an Internet of Production.}, keywords = {Internet of Production; dataflows; Information Security}, tags = {internet-of-production}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-pennekamp-dataflows.pdf}, publisher = {ACM}, booktitle = {Proceedings of the 5th ACM Workshop on Cyber-Physical Systems Security and PrivaCy (CPS-SPC '19), co-located with the 26th ACM SIGSAC Conference on Computer and Communications Security (CCS '19), November 11-15, 2019, London, United Kingdom}, event_place = {London, United Kingdom}, event_date = {November 11-15, 2019}, ISBN = {978-1-4503-6831-5/19/11}, DOI = {10.1145/3338499.3357357}, reviewed = {1}, author = {Pennekamp, Jan and Henze, Martin and Schmidt, Simo and Niemietz, Philipp and Fey, Marcel and Trauth, Daniel and Bergs, Thomas and Brecher, Christian and Wehrle, Klaus} } @Inproceedings { 2019_wagner_dispute_resolution, title = {Dispute Resolution for Smart Contract-based Two Party Protocols}, year = {2019}, month = {5}, abstract = {Blockchain systems promise to mediate interactions of mutually distrusting parties without a trusted third party. However, protocols with full smart contract-based security are either limited in functionality or complex, with high costs for secured interactions. This observation leads to the development of protocol-specific schemes to avoid costly dispute resolution in case all participants remain honest. In this paper, we introduce SmartJudge, an extensible generalization of this trend for smart contract-based two-party protocols. SmartJudge relies on a protocol-independent mediator smart contract that moderates two-party interactions and only consults protocol-specific verifier smart contracts in case of a dispute. This way, SmartJudge avoids verification costs in absence of disputes and sustains interaction confidentiality among honest parties. We implement verifier smart contracts for cross-blockchain trades and exchanging digital goods and show that SmartJudge can reduce costs by 46-50\% and 22\% over current state of the art, respectively.}, keywords = {Ethereum,Bitcoin,smart contracts,two-party protocols,dispute resolution,cross-blockchain trades}, tags = {mynedata, impact-digital, rfc}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-wagner-dispute.pdf}, publisher = {IEEE}, booktitle = {IEEE International Conference on Blockchain and Cryptocurrency 2019 (ICBC 2019)}, event_place = {Seoul, South Korea}, event_name = {IEEE International Conference on Blockchain and Cryptocurrency 2019}, language = {English}, DOI = {10.1109/BLOC.2019.8751312}, reviewed = {1}, author = {Wagner, Eric and V{\"o}lker, Achim and Fuhrmann, Frederik and Matzutt, Roman and Wehrle, Klaus} } @Article { 2019_wehrle_dagstuhl_beginners, title = {The Dagstuhl Beginners Guide to Reproducibility for Experimental Networking Research}, journal = {ACM SIGCOMM Computer Communication Review}, year = {2019}, month = {1}, volume = {49}, number = {1}, pages = {24-30}, abstract = {Reproducibility is one of the key characteristics of good science, but hard to achieve for experimental disciplines like Internet measurements and networked systems. This guide provides advice to researchers, particularly those new to the field, on designing experiments so that their work is more likely to be reproducible and to serve as a foundation for follow-on work by others.}, ISSN = {0146-4833}, DOI = {10.1145/3314212.3314217}, author = {Bajpai, Vaibhav and Brunstrom, Anna and Feldmann, Anja and Kellerer, Wolfgang and Pras, Aiko and Schulzrinne, Henning and Smaragdakis, Georgios and W{\"a}hlisch, Matthias and Wehrle, Klaus} } @Inproceedings { 2017-henze-mobiquitous-comparison, title = {Privacy-preserving Comparison of Cloud Exposure Induced by Mobile Apps}, year = {2017}, month = {11}, day = {7}, pages = {543-544}, tags = {trinics}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-henze-mobiquitous-comparison.pdf}, misc2 = {Online}, publisher = {ACM}, booktitle = {Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MobiQuitous) - Poster Session, Melbourne, VIC, Australia}, language = {en}, ISBN = {978-1-4503-5368-7}, DOI = {10.1145/3144457.3144511}, reviewed = {1}, author = {Henze, Martin and Inaba, Ritsuma and Fink, Ina Berenice and Ziegeldorf, Jan Henrik} } @Conference { 2017-fink-brainlab-gmds, title = {BrainLab - Ein Framework f{\"u}r mobile neurologische Untersuchungen}, year = {2017}, month = {8}, day = {29}, note = {Best Abstract Award}, web_url = {https://www.egms.de/static/en/meetings/gmds2017/17gmds137.shtml}, web_url_date = {06.09.19}, publisher = {German Medical Science GMS Publishing House (2017)}, booktitle = {62. Jahrestagung der Deutschen Gesellschaft f{\"u}r Medizinische Informatik, Biometrie und Epidemiologie e.V. (GMDS).}, event_place = {Oldenburg}, event_name = {GMDS 2017}, event_date = {17-21 September 2017}, DOI = {10.3205/17gmds137}, reviewed = {1}, author = {Fink, Ina Berenice and Hankammer, Bernd and Stopinski, Thomas and Titgemeyer, Yannic and Ramos, Roann and Kutafina, Ekaterina and Bitsch, J{\'o} Agila and Jonas, Stephan Michael} } @Inproceedings { 2017-maurer-trustcom-coinjoin, title = {Anonymous CoinJoin Transactions with Arbitrary Values}, year = {2017}, month = {8}, day = {1}, pages = {522-529}, url = {https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-maurer-trustcom-coinjoin.pdf}, misc2 = {Online}, publisher = {IEEE}, booktitle = {2017 IEEE Trustcom/BigDataSE/ICESS}, event_place = {Sydney, NSW, Australia}, event_name = {16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom)}, event_date = {1. - 4. August 2017}, ISBN = {978-1-5090-4906-6}, ISSN = {2324-9013}, DOI = {10.1109/Trustcom/BigDataSE/ICESS.2017.280}, reviewed = {1}, author = {Maurer, Felix Konstantin and Neudecker, Till and Florian, Martin} } @Conference { 2017-fink-brainlab, title = {BrainLab – towards mobile brain research}, year = {2017}, month = {4}, day = {24}, pages = {2}, url = {/fileadmin/papers/2017/2017-fink-brainlab.pdf}, web_url2 = {http://informaticsforhealth.org/wp-content/uploads/2017/04/IFH2017-Digital-Programme.pdf}, web_url2_date = {2017-05-09}, misc2 = {Online}, booktitle = {Informatics for Health 2017, Manchester UK}, event_place = {Manchester, UK}, event_name = {Informatics for Health 2017, Manchester UK}, event_date = {24-26 April 2017}, language = {en}, reviewed = {1}, author = {Fink, Ina Berenice and Hankammer, Bernd and Stopinsky, Thomas and Ramos, Roann and Kutafina, Ekaterina and Bitsch Link, J{\'o} Agila and Jonas, Stephan} } @Conference { 2016-hohlfeld-qcman, title = {Insensitivity to Network Delay: Minecraft Gaming Experience of Casual Gamers}, year = {2016}, month = {9}, abstract = {Assessing the impact of network delay on perceived quality of gaming has been subject to many studies involving different genres ranging from fast-paced first-person shooters to strategy games. This paper assesses the impact of network latency on the Quality of Experience (QoE) of casual gamers playing Minecraft. It is based on a user study involving 12 casual gamers with no prior experience with Minecraft. QoE is assessed using the Game Experience Questionnaire (GEQ) and dedicated questions for the overall perceived quality and experienced gameplay interruptions. The main finding is that casual Minecraft players are rather insensitive to network delay of up to 1 sec.}, url = {https://i-teletraffic.org/_Resources/Persistent/bc99ba4324ebc7cf1369f09a6caa334c0203943f/Hohlfeld2016.pdf}, web_url = {http://ieeexplore.ieee.org/abstract/document/7810715/?reload=true}, booktitle = {IEEE QCMan}, event_name = {IEEE QCMan}, DOI = {10.1109/ITC-28.2016.313}, author = {Hohlfeld, Oliver and Fiedler, Hannes and Pujol, Enric and Guse, Dennis} } @Inproceedings { 2016-zimmermann-remp, title = {ReMP TCP: Low Latency Multipath TCP}, year = {2016}, month = {5}, publisher = {IEEE}, booktitle = {Proceedings of the IEEE International Conference on Communications (ICC 2016), Kuala Lumpur, Malaysia}, event_place = {Kuala Lumpur, Malaysia}, event_name = {ICC 2016}, event_date = {23.-27.5.2016}, ISBN = {978-1-4799-6664-6}, ISSN = {1938-1883}, DOI = {10.1109/ICC.2016.7510787}, reviewed = {1}, author = {Fr{\"o}mmgen, Alexander and Erbsh{\"a}user, Tobias and Zimmermann, Torsten and Wehrle, Klaus and Buchmann, Alejandro} } @Conference { 2016-erwin, title = {ERWIN - Enabling the Reproducible Investigation of Waiting Times for Arbitrary Workflows}, year = {2016}, web_url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7498938\&tag=1}, booktitle = {IEEE QoMEX}, event_name = {IEEE QoMEX}, DOI = {10.1109/QoMEX.2016.7498938}, author = {Zinner, Thomas and Hirth, Matthias and Fischer, Valentin and Hohlfeld, Oliver} } @Inproceedings { 2015-zimmermann-remp, title = {Remp TCP: Low latency Multipath TCP}, year = {2015}, month = {12}, day = {1}, publisher = {ACM}, booktitle = {Proceedings of the 2015 CoNEXT on Student Workshop, CoNEXT Student Workshop, Heidelberg, Germany}, event_place = {Heidelberg, Germany}, event_name = {CoNEXT 2015}, event_date = {1.-4.12.2015}, reviewed = {1}, author = {Fr{\"o}mmgen, Alexander and Erbsh{\"a}user, Tobias and Zimmermann, Torsten and Wehrle, Klaus and Buchmann, Alejandro} } @Inproceedings { 2015-bitsch-phealth-piap, title = {Psychologist in a Pocket: Towards Depression Screening on Mobile Phones}, year = {2015}, month = {6}, day = {2}, volume = {211}, pages = {153 --159}, abstract = {Depression is the most prevalent clinical disorder and one of the main causes of disability. This makes early detection of depressive symptoms critical in its prevention and management. This paper presents and discusses the development of Psychologist in a Pocket (PiaP), a mental mHealth application for Android which screens and monitors for these symptoms, and–given the explicit permission of the user–alerts a trusted contact such as the mental health professional or a close friend, if it detects symptoms. All text inputted electronically–such as short message services, emails, social network posts–is analyzed based on keywords related to depression based on DSM-5 and ICD criteria as well as Beck's Cognitive Theory of Depression and the Self-Focus Model. Data evaluation and collection happen in the background, on- device, without requiring any user involvement. Currently, the application is in an early prototype phase entering initial clinical validation.}, url = {fileadmin/papers/2015/2015-bitsch-phealth-piap.pdf}, misc = {Print}, editor = {Blobel, Bernd and Lind{\'e}n, Maria and Ahmed, Mobyen Uddin}, publisher = {IOS Press}, address = {Amsterdam}, series = {Studies in Health Technology and Informatics}, booktitle = {Proceedings of the 12th International Conference on Wearable Micro and Nano Technologies for Personalized Health}, event_place = {V{\"a}ster{\aa}s, Sweden}, event_name = {12th International Conference on Wearable Micro and Nano Technologies for Personalized Health}, event_date = {June 2-4, 2015}, language = {en}, ISBN = {978-1-61499-515-9}, ISSN = {0926-9630}, DOI = {10.3233/978-1-61499-516-6-153}, reviewed = {1}, author = {Bitsch Link, J{\'o} Agila and Ramos, Roann and Ix, Tim and Ferrer Cheng, Paula Glenda and Wehrle, Klaus} } @Conference { HohlfeldIMC, title = {A QoE Perspective on Sizing Network Buffers}, year = {2014}, month = {11}, booktitle = {ACM Internet Measurement Conference}, state = {accepted}, author = {Hohlfeld, Oliver and Pujol, Enric and Ciucu, Florin and Feldmann, Anja and Barford, Paul} } @Article { 2014-cheng-acta-geodyn-geomater, title = {Use of MEMS accelerometers/inclinometers as a geotechnical monitoring method for ground subsidence}, journal = {Acta Geodynamica et Geomaterialia}, year = {2014}, month = {10}, day = {8}, volume = {11}, number = {4}, pages = {1--12}, abstract = {Accelerometer and inclinometer are inertial sensors capable of measuring corresponding magnitude of Earth gravitational field along the direction of each axis. By means of rotation matrices related to inertial navigation methods, the output values of a three-dimensional accelerometer or a two-dimensional inclinometer can be transformed and processed into the azimuth and dip angle of the monitored target. With the rapid growth in development and cost reduction of Micro Electro Mechanical Systems (MEMS) and Wireless Sensor Network (WSN) in recent years, the engineers are able to carry out real-time wireless geotechnical monitoring during construction. In this paper, we set up a one-day measurement implemented by a self- developed wireless MEMS monitoring system on the surface in the construction site of South Hongmei Road super high way tunnel in Shanghai, by making use of rotation matrices in specific ways, the raw data are processed to expressions of three-dimensional normal vectors that represent the change of the ground. After unifying the vectors in the same coordinate system, we conduct a brief ground settlement analysis by means of an evaluation of the dip angles in the cross section and the azimuths of the sensor nodes.}, web_url = {http://www.irsm.cas.cz/index_en.php?page=acta_detail_doi\&id=96}, misc = {Online}, publisher = {Institute of Rock Structure and Mechanics of the ASCR, v.v.i.}, address = {Prague, Czech Republic}, howpublished = {Online}, language = {en}, ISSN = {2336-4351}, DOI = {10.13168/AGG.2014.0015}, reviewed = {1}, author = {Li, Cheng and Fern{\'a}ndez-Steeger, Tom{\'a}s and Bitsch Link, J{\'o} Agila and May, Matthias and Azzam, Rafig} } @Article { HohlfeldCCR14, title = {An Internet census taken by an illegal botnet - A qualitative assessment of published measurements}, journal = {ACM SIGCOMM Computer Communication Review}, year = {2014}, volume = {44}, number = {3}, url = {http://www.sigcomm.org/sites/default/files/ccr/papers/2014/July/0000000-0000013.pdf}, web_url = {http://www.sigcomm.org/ccr/papers/2014/July}, author = {Krenc, Thomas and Hohlfeld, Oliver and Feldmann, Anja} } @Article { 2013-fernandez-ceriotti-bitsch-and-then-the-weekend-jsan, title = {“And Then, the Weekend Started”: Story of a WSN Deployment on a Construction Site}, journal = {Journal of Sensor and Actuator Networks}, year = {2013}, month = {3}, day = {11}, volume = {2}, number = {1}, pages = {156--171}, abstract = {Wireless Sensor Networks (WSNs) are versatile monitoring systems that can provide a large amount of real-time data in scenarios where wired infrastructures are inapplicable or expensive. This technology is expected to be handled by domain experts, who perceive a WSN as a (promised to be) easy to deploy black box. This work presents the deployment experience of a WSN, as conducted by domain experts, in a ground improvement area. Building upon off-the-shelf solutions, a fuel cell powered gateway and 21 sensor devices measuring acceleration, inclination, temperature and barometric pressure were installed to monitor ground subsidence. We report about how poor GSM service, malfunctioning hardware, unknown communication patterns and obscure proprietary software required in-field ad-hoc solutions. Through the lessons learned, we look forward to investigating how to make the deployment of these systems an easier task.}, keywords = {sensor network deployment; experiences; in-field debugging}, web_url = {http://www.mdpi.com/2224-2708/2/1/156}, misc2 = {Online}, language = {en}, ISSN = {2224-2708}, DOI = {10.3390/jsan2010156}, reviewed = {1}, author = {Fern{\'a}ndez-Steeger, Tom{\'a}s and Ceriotti, Matteo and Bitsch Link, J{\'o} Agila and May, Matthias and Hentschel, Klaus and Wehrle, Klaus} } @Inproceedings { 2012-IPIN-Peter-Versatile-Maps, title = {Versatile Geo-referenced Maps for Indoor Navigation of Pedestrians}, year = {2012}, month = {11}, day = {13}, pages = {1--4}, url = {fileadmin/papers/2012/2012-bitsch-IPIN-vegemite.pdf}, web_url2 = {http://www.surveying.unsw.edu.au/ipin2012/proceedings/session.php?code=6C\&name=SLAM}, misc2 = {Online}, editor = {Li, Binghao Li and Gallagher, Thomas}, publisher = {School of Surveying and Geospatial Engineering, University of New South Wales, Sydney, Australia}, booktitle = {Proceedings of the 2012 International Conference on Indoor Positioning and Indoor Navigation (IPIN), Sydney, Australia}, event_place = {Sydney, Australia}, event_name = {2012 International Conference on Indoor Positioning and Indoor Navigation}, event_date = {November 13--15, 2012}, language = {en}, ISBN = {978-0-646-57851-4}, reviewed = {1}, author = {Peter, Michael and Fritsch, Dieter and Sch{\"a}fer, Bernhardt and Kleusberg, Alfred and Bitsch Link, J{\'o} Agila and Wehrle, Klaus} } @Inproceedings { 2010-bitsch-link-iq2s-burrowview, title = {BurrowView - Seeing the world through the eyes of rats}, year = {2010}, month = {3}, day = {29}, pages = {56 -- 61}, abstract = {For a long time, life sciences were restricted to look at animal habitats only post-factum. Pervasive computing puts us in the novel position to gain live views. In this paper we present BurrowView, an application that tracks the movement of rats in their natural habitat and reconstructs the underground tunnel system. To make reliable statements, special consideration has been taken with regard to the information quality. Our system is able to reconstruct paths up to a resolution of 20 cm, the length of a rat without its tail.}, tags = {RatPack}, url = {fileadmin/papers/2010/2010-03-IQ2S-link-burrowview.pdf}, web_url2 = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5470603}, misc2 = {Online}, publisher = {IEEE}, address = {New York City, NY, USA}, booktitle = {Proceedings of the Second IEEE International Workshop on Information Quality and Quality of Service for Pervasive Computing (IQ2S 2010), Mannheim, Germany}, organization = {IEEE}, event_place = {Mannheim, Germany}, event_name = {Second IEEE International Workshop on Information Quality and Quality of Service for Pervasive Computing (IQ2S 2010)}, event_date = {March 29 to April 2, 2010}, language = {en}, ISBN = {978-1-4244-6605-4}, DOI = {10.1109/PERCOMW.2010.5470603}, reviewed = {1}, author = {Bitsch Link, J{\'o} Agila and Fabritius, Gregor and Alizai, Muhammad Hamad and Wehrle, Klaus} } @Proceedings { 2009-aktas-maple-ModeldrivenSupportforSourceCodeVariabilityinAutomotiveSoftwareEngineering-Workshop, title = {Model-driven Support for Source Code Variability in Automotive Software Engineering}, year = {2009}, month = {8}, pages = {44-51}, abstract = {Variability on source code level in automotive soft- ware engineering is handled by C/C++ preprocessing directives. It provides fine-grained definition of variation points, but brings highly complex structures into the source code. The software gets more difficult to understand, to maintain and to integrate changes. Current approaches for modeling and managing vari- ability on source code do not consider the specific requirements of the automotive domain. To close this gap, we propose a model- driven approach to support software engineers in handling source code variability and configuration of software variants. For this purpose, a variability model is developed that is linked with the source code. Using this approach, a software engineer can shift work steps to the variability model in order to model and manage variation points and implement their variants in the source code.}, keywords = {automotive software engineering; programming; model-driven engineering; variability modeling;}, misc2 = {Online}, publisher = {CEUR}, booktitle = {1st International Workshop on Model-driven Approaches in Software Product Line Engineering (MAPLE), San Francisco, CA, USA}, ISSN = {1613-0073}, reviewed = {1}, author = {Mengi, Cem and Fu{\ss}, Christian and Zimmermann, Ruben and Aktas, Ismet} } @Inproceedings { securityforpervasivemedicalsensornetworks, title = {Security for Pervasive Medical Sensor Networks}, year = {2009}, month = {7}, day = {13}, volume = {1}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2009/2009-garcia-mobiq.pdf}, misc2 = {Print}, publisher = {IEEE Press}, address = {Washington, DC, USA}, booktitle = {6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009), Toronto}, organization = {ICST/IEEE}, event_place = {Toronto, CAN}, event_name = {6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009)}, language = {en}, ISBN = {978-963-9799-59-2}, DOI = {10.4108/ICST.MOBIQUITOUS2009.6832}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Falck, Thomas and Heer, Tobias and Wehrle, Klaus} } @Conference { 200803riechemmvecluster, title = {Clustering Players for Load Balancing in Virtual Worlds}, year = {2008}, month = {3}, day = {18}, pages = {9-13}, abstract = {Massively Multiplayer Online Games (MMOGs) have become increasingly popular in the last years. So far the distribution of load, caused by the players in these games, is not distributed dynamically. After the launch of a new game, the introduction of new content, during special ingame events, or also during normal operations, players tend to concentrate in certain regions of the game worlds and cause overload conditions. Therefore we propose the use of structured P2P technology for the server infrastructure of the MMOGs to improve the reliability and scalability. Previous work segmented the game work into rectangular areas; however this approach often split a group of players to different servers, causing additional overhead. This work presents a cluster-based Peer-to-Peer approach, which can be used for load balancing in MMOGs or in other virtual worlds. The system is able to dynamically adapt to the current state of the game and handle uneven distributions of the players in the game world. We show through simulation, also with traces from real online games, that the cluster-based approach performs better than the previous P2P-based systems, which split the world in rectangular areas.}, affiliation = {RWTH Aachen University - Distributed Systems Group}, url = {http://www.pap.vs.uni-due.de/MMVE08/papers/proceedings.pdf}, web_url = {http://www.pap.vs.uni-due.de/MMVE08/}, misc2 = {Online}, editor = {Gregor Schiele, Daniel Weiskopf, Ben Leong, Shun-Yun Hu}, booktitle = {Proceedings of 1st International Workshop on Massively Multiuser Virtual Environments at IEEE Virtual Reality 2008 (MMVE 2008)}, event_place = {Reno, Nevada, USA}, event_name = {1st International Workshop on Massively Multiuser Virtual Environments at IEEE Virtual Reality 2008 (MMVE 2008)}, event_date = {March 8th, 2008}, language = {en}, reviewed = {1}, author = {Rieche, Simon and Wehrle, Klaus and Fouquet, Marc and Niedermayer, Heiko and Teifel, Timo and Carle, Georg} } @Article { 200812riecheIJAMCcluster, title = {Clustering Players for Load Balancing in Virtual Worlds}, journal = {International Journal of Advanced Media and Communication (IJAMC)}, year = {2008}, volume = {2}, number = {4}, pages = {351-363}, abstract = {In current Massively Multiplayer Online Games (MMOGs) the distribution of load is not distributed dynamically. But players tend to concentrate in certain regions of the game world and cause overload conditions. Therefore we propose the use of structured Peer-to-Peer technology for the server infrastructure of the MMOGs to improve the reliability and scalability. Previous work segmented the game work into rectangular areas but often split a group of players to different servers. This work presents a cluster-based P2P approach, which is able to dynamically adapt to the current state of the game and handle uneven distributions of players.Weshow through simulation, also with traces from real online games, that the cluster-based approach performs better than the previous P2P-based system.}, affiliation = {RWTH Aachen University - Distributed Systems Group}, web_url = {http://www.inderscience.com/browse/index.php?journalID=67}, misc2 = {print}, language = {en}, ISSN = {1462-4613}, reviewed = {1}, author = {Rieche, Simon and Wehrle, Klaus and Fouquet, Marc and Niedermayer, Heiko and Teifel, Timo and Carle, Georg} } @Conference { 200701riecheccncmmog, title = {Peer-to-Peer-based Infrastructure Support for Massively Multiplayer Online Games}, year = {2007}, month = {1}, day = {11}, pages = {763-767}, abstract = {Online games are an interesting challenge and chance for the future development of the Peer-to-Peer paradigm. Massively multiplayer online games (MMOGs) are becoming increasingly popular today. However, even high-budget titles like World of Warcraft that have gone through extensive betatesting suffer from downtimes because of hard- and software problems. Our approach is to use structured P2P technology for the server infrastructure of MMOGs to improve their reliability and scalability. Such P2P networks are also able to adapt to the current state of the game and handle uneven distributions of the players in the game world. Another feature of our approach is being able to add supplementary servers at runtime. Our system allows using off-the-shelf PCs as infrastructure peers for participation in different game worlds as needed. Due to the nature of the Economy of Scale the same number of hosts will provide a better service than dedicated servers for each game world.}, affiliation = {RWTH Aachen University - Distributed Systems Group}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?isnumber=4199088\&arnumber=4199243\&count=254\&index=154}, web_url = {http://www.ieee-ccnc.org/2007/}, misc2 = {Print}, publisher = {IEEE Press}, booktitle = {Proceedings of 4th Annual IEEE Consumer Communications and Networking Conference (CCNC 2007)}, organization = {IEEE}, event_place = {Las Vegas, Nevada, USA}, event_name = {4th Annual IEEE Consumer Communications and Networking Conference (CCNC 2007)}, event_date = {11-13 January 2007}, language = {en}, ISBN = {1-4244-0667-6}, DOI = {10.1109/CCNC.2007.155}, reviewed = {1}, author = {Rieche, Simon and Wehrle, Klaus and Fouquet, Marc and Niedermayer, Heiko and Petrak, Leo and Carle, Georg} } @Techreport { 200608riechetrmmog, title = {Peer-to-Peer-based Infrastructure Support for Massively Multiplayer Online Games}, year = {2006}, month = {8}, number = {WSI-2006-04}, abstract = {Online games are an interesting challenge and chance for the future development of the Peer-to-Peer paradigm. Massively multiplayer online games (MMOGs) are becoming increasingly popular today. However, even high-budget titles like World of Warcraft that have gone through extensive beta-testing suffer from downtimes because of hard- and software problems. Our approach is to use structured P2P technology for the server infrastructure of MMOGs to improve their reliability and scalability. Such P2P networks are also able to adapt to the current state of the game and handle uneven distributions of the players in the game world. Another feature of our approach is being able to add supplementary servers at runtime. Our system allows using off-the-shelf PCs as infrastructure peers for participation in different game worlds as needed. Due to the nature of the Economy of Scale the same number of hosts will provide a better service than dedicated servers for each game world.}, affiliation = {RWTH Aachen University - Distributed Systems Group}, url = {http://www.rieche.net/pdf/wsi-2006-04.pdf}, misc2 = {Online}, address = {T{\"u}bingen, Germany}, institution = {Wilhelm-Schickard-Institute for Computer Science, University of T{\"u}bingen}, type = {Technical Report}, language = {en}, author = {Rieche, Simon and Fouquet, Marc and Niedermayer, Heiko and Petrak, Leo and Wehrle, Klaus and Carle, Georg} } @Inproceedings { 200507riecheipgames, title = {On the Use of Structured Peer-to-Peer Systems for Online Gaming}, year = {2005}, month = {3}, abstract = {Massively multiplayer games are becoming increasingly popular today. However, even high-budget titles suffer from downtimes because of hard- and software problems. Our approach is to use structured Peer-to-Peer technology for the server infrastructure of massively multiplayer online games, which improves reliability and scalability of these applications.}, booktitle = {5. W{\"u}rzburger ''Workshop IP Netzmanagement, IP Netzplanung und Optimierung''}, event_place = {W{\"u}rzburg, Germany}, event_name = {5. W{\"u}rzburger ''Workshop IP Netzmanagement, IP Netzplanung und Optimierung''}, event_date = {March 2005}, author = {Rieche, Simon and Fouquet, Marc and Niedermayer, Heiko and Wehrle, Klaus and Carle, Georg} }