This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-09-07
Creation time: 18-55-35
--- Number of references
10
inproceedings
2024-kunze-spintrap
SpinTrap: Catching Speeding QUIC Flows
2024
5
7
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-spintrap.pdf
IEEE/IFIP
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24)
2024 IEEE/IFIP Network Operations and Management Symposium
10.1109/NOMS59830.2024.10575719
1
IkeKunze
ConstantinSander
LarsTissen
BenediktBode
KlausWehrle
inproceedings
2023-kunze-spin-bit-in-the-wild
Does It Spin? On the Adoption and Use of QUIC’s Spin Bit
2023
10
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-kunze-spin-bit-in-the-wild.pdf
ACM
Proceedings of the Internet Measurement Conference (IMC '23)
Internet Measurement Conference 2023
10.1145/3618257.3624844
1
IkeKunze
ConstantinSander
KlausWehrle
inproceedings
2023-sander-quic-ecn
ECN with QUIC: Challenges in the Wild
2023
10
legato
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-sander-quic-ecn.pdf
https://arxiv.org/abs/2309.14273
ACM
Proceedings of the Internet Measurement Conference (IMC '23)
Internet Measurement Conference 2023
979-8-4007-0382-9/23/10
10.1145/3618257.3624821
1
ConstantinSander
IkeKunze
LeoBlöcher
MikeKosek
KlausWehrle
inproceedings
2023-dahlmanns-docker
Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact
2023
7
10
797-811
Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead to users creating and sharing images that include private keys or API secrets—either by mistake or out of negligence. This leakage impairs the creator's security and that of everyone using the image. Yet, the extent of this practice and how to counteract it remains unclear.
In this paper, we analyze 337,171 images from Docker Hub and 8,076 other private registries unveiling that 8.5% of images indeed include secrets. Specifically, we find 52,107 private keys and 3,158 leaked API secrets, both opening a large attack surface, i.e., putting authentication and confidentiality of privacy-sensitive data at stake and even allow active attacks. We further document that those leaked keys are used in the wild: While we discovered 1,060 certificates relying on compromised keys being issued by public certificate authorities, based on further active Internet measurements, we find 275,269 TLS and SSH hosts using leaked private keys for authentication. To counteract this issue, we discuss how our methodology can be used to prevent secret leakage and reuse.
network security; security configuration; secret leakage; container
ven2us, internet-of-production,
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-dahlmanns-asiaccs.pdf
ACM
Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIACCS '23), July 10-14, 2023, Melbourne, VIC, Australia
Melbourne, VIC, Australia
ASIA CCS '23
July 10-14, 2023
979-8-4007-0098-9/23/07
10.1145/3579856.3590329
1
MarkusDahlmanns
ConstantinSander
RobinDecker
KlausWehrle
inproceedings
2023-grote-mvca-fairness
Instant Messaging Meets Video Conferencing: Studying the Performance of IM Video Calls
2023
6
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-grote-mvca-fairness.pdf
IFIP/IEEE
Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '23)
978-3-903176-58-4
10.23919/TMA58422.2023.10199019
1
LaurenzGrote
IkeKunze
ConstantinSander
KlausWehrle
inproceedings
2022-sander-h3-prio-hol
Analyzing the Influence of Resource Prioritization on HTTP/3 HOL Blocking and Performance
2022
6
27
legato
https://www.comsys.rwth-aachen.de/fileadmin/papers/2022/2022-sander-h3-prio-hol.pdf
https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper28.pdf
IFIP
Proceedings of the Network Traffic Measurement and Analysis Conference (TMA '22)
Enschede
Network Traffic Measurement and Analysis Conference
27.06.22-30.06.22
978-3-903176-47-8
1
ConstantinSander
IkeKunze
KlausWehrle
inproceedings
2021-kunze-spin-tracker
Tracking the QUIC Spin Bit on Tofino
2021
12
7
15–21
https://www.comsys.rwth-aachen.de/fileadmin/papers/2021/2021-kunze-spin-tracker.pdf
ACM
Proceedings of the 2021 Workshop on Evolution, Performance and Interoperability of QUIC (EPIQ '21)
9781450391351
10.1145/3488660.3493804
1
IkeKunze
ConstantinSander
KlausWehrle
JanRüth
inproceedings
2021-sander-shardingrevisited
Sharding and HTTP/2 Connection Reuse Revisited: Why Are There Still Redundant Connections?
2021
11
2
legato
/fileadmin/papers/2021/2021-sander-sharding-revisited.pdf
https://arxiv.org/abs/2110.14239
ACM
Proceedings of the Internet Measurement Conference (IMC '21)
Internet Measurement Conference 2021
02.11.21 - 04.11.21
978-1-4503-9129-0/21/11
10.1145/3487552.3487832
1
ConstantinSander
LeoBlöcher
KlausWehrle
JanRüth
inproceedings
2021-sander-zoom-cc
Video Conferencing and Flow-Rate Fairness: A First Look at Zoom and the Impact of Flow-Queuing AQM
2021
3
internet-of-production
/fileadmin/papers/2021/2021-sander-zoom-fairness-aqm.pdf
https://arxiv.org/abs/2107.00904
Springer
Proceedings of the Passive and Active Measurement Conference (PAM '21)
Passive and Active Measurement Conference (PAM 2021)
10.1007/978-3-030-72582-2_1
1
ConstantinSander
IkeKunze
KlausWehrle
JanRüth
inproceedings
2019-sander-depcci
DeePCCI: Deep Learning-based Passive Congestion Control Identification
2019
8
18
maki
https://www.comsys.rwth-aachen.de/fileadmin/papers/2019/2019-sander-deepcci.pdf
https://arxiv.org/abs/1907.02323
ACM
In Proceedings of the ACM SIGCOMM Workshop on Network Meets AI & ML (NetAI '19)
Beijing, China
Workshop on Network Meets AI & ML
18.08.2019
10.1145/3341216.3342211
1
ConstantinSander
JanRüth
OliverHohlfeld
KlausWehrle