Prof. Dr.-Ing. Torben Weis
Informatik und angewandten Kognitionswissenschaft
University of Duisburg-Essen
- A Digital Forensic Approach for Optimizing the Investigation of Hit-and-Run Accidents
Waltereit, M. and Uphoff, M. and Zdankin, P. and Matkovic, V. and Weis, T.
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST 351 (2021)We present a novel digital forensic approach that facilitates the investigation of hit-and-run accidents. Based on wheel speeds gathered by forensic data loggers, our approach provides a priority ranking of the suspects in order to optimize further investigations. For this, we propose two investigation steps to get key information about a suspect’s trip. First, we analyze the likely traveled routes of a suspect to determine whether the suspect could have been at the accident location. Second, we analyze the driving behavior of the suspect in terms of aggressiveness, since aggressive driving behavior is a major reason for traffic accidents. Our evaluation with real driving experiments shows that our approach is suitable for analyzing likely routes and driving behavior in order to prioritize suspects in an investigation. © 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
view abstract 10.1007/978-3-030-68734-2_11
- An Algorithm for Dependency-Preserving Smart Home Updates
Zdankin, P. and Schaffeld, M. and Waltereit, M. and Carl, O. and Weis, T.
2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, PerCom Workshops 2021 (2021)The update process of devices in a smart home is a complex endeavour. Individual device updates can influence the functionality of others, as devices may depend on other devices. The problems that are caused by breaking updates manifest only after the updates are performed and reverting them is generally impossible. In this paper, we propose an algorithm that is able to consider dependencies in a smart home system and, based on this, finds updates that preserve existing dependencies. These updates are not inspected in isolation but in combination with other updates. However, ideal solutions often depend on user preferences and the implications of one update over another can have far-reaching consequences that require filtration and recommendations. © 2021 IEEE.
view abstract 10.1109/PerComWorkshops51409.2021.9431040
- Towards Explainability of non-Convolutional Neural Networks
Doese, J. and Weis, T.
UbiComp/ISWC 2021 - Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers (2021)Artificial intelligence has risen in popularity in research and applications in the past years. Explainability is a topic that has been proven to work on human interpretable data like images or sentences, but the research is narrow whenever such data is missing. Creating trust through explainability on raw data processing neural networks of any kind will become necessary in the future as networks are evolving further towards artificial general intelligence. This research is focused to visualize parts of the hidden layers instead of focusing explainability on the input data and is independent of the neural network's size. We create a model that represents the neural network in a way that neurons that are activating on similar features are grouped together in structures. This model will be analyzed in a machine-learning equivalent process to identify parts of the network being responsible for a decision. In a further step we use the model to test the processing of raw sensor-data versus an approach of heatmapped explainability with a convolutional neural network. Relevant data points in the input are visualized by a common heatmap approach while the hidden layers are analyzed in this research and should point to structures that have a comparable function in the network. For example, if the heatmap highlights peaks of values, the model will be highlighted in the area that is observed as the activation of the neural network on peaks. We will provide the research of artificial general intelligence with a solution for explainability which is necessary for advanced research and the operation of such applications in complex or dangerous scenarios. © 2021 ACM.
view abstract 10.1145/3460418.3479313
- Towards Predictive Safety Maintenance for IoT Equipped Bikes
Matkovic, V. and Waltereit, M. and Weis, T.
2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, PerCom Workshops 2021 (2021)We present a novel approach for predictive maintenance using acceleration data. Modern bikes can be equipped with additional smart features that enable early detection of deteriorating brake performance. This allows individual user feedback based on the condition of their bikes and therefore improve safety. We evaluate the suitability of various machine learning approaches for predictive maintenance using acceleration data of bike rides with good and bad brake performance. Here we compare two methods of measuring acceleration, namely we use hall sensors and inertial sensors. Overall, we achieve a F1-score of up to 0.76 using the time series specialized k-nearest neighbor in a preliminary evaluation. Furthermore, our results show that inertial sensors are better suited for measuring acceleration data than hall sensors. © 2021 IEEE.
view abstract 10.1109/PerComWorkshops51409.2021.9430996
- Towards Robust Models of Cyber-Physical Systems
Schaffeld, M. and Weis, T.
UbiComp/ISWC 2021 - Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers (2021)Cyber-Physical Systems (CPS) combine software with the physical world. For this purpose, CPS must model physical behavior in software. However, a software-based model cannot always accurately reflect the physical world. Often the model is a simplification of complex physical processes, or it suffers from measurement errors, or the physical side is subject to modifications and parameter drift, or the model is simply subject to misconceptions. It is an open research challenge how we can verify that physics and software-based model fit together. However, to rely on CPS in real-world scenarios we must ensure that physics and model are aligned. We propose a model formalism based on hidden Markov models that considers uncertainty and unknown phenomena and is robust enough to allow the analysis of CPS when working with error-prone data. More specifically, given observation data and an instance of the proposed model for a CPS (both of which may be flawed) the proposed formalism allows us to quantify the suitability between physics and model. If, however, a given model instance is deemed correct, the formalism enables methods which identify and smooth corrupt observation data as well as compute the most likely sequence of events for a given set of observations. Additionally, the formalism enables the learning of a suitable model according to given observation data. The model formalism will be tested with a simulation and a case study of an overhead traveling cargo crane system. © 2021 ACM.
view abstract 10.1145/3460418.3479314
- A privacy-protecting indoor emergency monitoring system based on floor vibration
Yu, Y. and Weis, T.
UbiComp/ISWC 2020 Adjunct - Proceedings of the 2020 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2020 ACM International Symposium on Wearable Computers (2020)In this work we present an indoor emergency context monitoring system based on ground vibration caused by persons in the target area. The system is designed for production plants and large buildings to perceive the safety status of this area. Our approach is privacy-protecting, because it requires neither video nor sound. Instead, piezo sensors on the floor measure vibrations, which are analyzed with machine learning to compute the safety status of the covered area. This way our system can determine whether an emergency occurred, but it is not straight forward possible to attach names to the detected persons. We compare the impact of different feature extraction methods and different types of classifiers on the classification results. Our experiments show that we can determine an emergency event with an average F1 score of 0.97. © 2020 Owner/Author.
view abstract 10.1145/3410530.3414423
- Deep Learning-Based Vibration Signal Personnel Positioning System
Yu, Y. and Waltereit, M. and Matkovic, V. and Hou, W. and Weis, T.
IEEE Access 8 (2020)In this work, we present a person localization system based on ground vibration caused by walking persons. The system is designed for production plants and large buildings to track the movement of workers. Position and movement in these settings are especially safety-relevant in emergencies. Our approach is privacy-preserving, because it requires neither video nor sound. Instead, piezo sensors on the floor measure vibrations, which are analyzed with machine learning to derive a person's position from the vibration signals. This way, our system can determine where a person is moving, but it is not straightforward to attach names to the detected persons. Due to the anisotropic characteristic of the ground vibration wave, classical analysis methods are not applicable. We show that a deep learning-based approach is feasible. Our experiments show that we can determine the position with an average F1 score of 0.95. © 2013 IEEE.
view abstract 10.1109/ACCESS.2020.3044497
- Longevity of Smart Homes
Zdankin, P. and Weis, T.
2020 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2020 (2020)Progress in the field of IoT has enabled home automation and the interconnection of devices to a smart home. These smart homes are composed from various systems and physical devices and are interconnected according to an architecture. The system architectures are not optimized for the aspect of longevity of their installations. In our research, we focus on threats to the longevity of such systems and additionally apply these insights to the field of smart cities. © 2020 IEEE.
view abstract 10.1109/PerComWorkshops48775.2020.9156155
- Towards Enhancing Bike Navigation Safety and Experience Using Sensor Enabled Devices
Matkovic, V. and Weis, T.
2020 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2020 (2020)We propose several bike-specific navigation applications for improving bike safety and enhancing cycling experience. We propose an approach for identifying bike types with smartphones to improve the capabilities of navigation services. Navigation services could take specific road conditions into account for different types of bikes to improve safety while cycling. Furthermore, we propose an approach for crowd-avoidance for bikes (similar to congestion avoidance applications for cars) to improve travel duration and potentially also improve safety. © 2020 IEEE.
view abstract 10.1109/PerComWorkshops48775.2020.9156183
- Towards Longevity of Smart Home Systems
Zdankin, P. and Waltereit, M. and Matkovic, V. and Weis, T.
2020 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2020 (2020)Architectures of current smart home systems are not optimized for longevity of their installations. In this paper we analyze scenarios that can render smart home installations useless much sooner than their non-smart counterparts. We analyze current smart home architectures and classify their components and the protocols connecting them. On this basis we present potential threats to the longevity of such smart home installations and determine areas that need more research to provide the longevity and sustainability that users expect from such premium priced products. © 2020 IEEE.
view abstract 10.1109/PerComWorkshops48775.2020.9156165
- An Approach to Exonerate Innocent Suspects in Hit-And-Run Accidents via Route Reconstruction
Waltereit, M. and Weis, T.
2019 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2019 (2019)We propose an approach to exonerate innocent suspects in hit-and-run accidents. This helps wrongly suspected drivers to support their innocence and eases the investigation of hit-and-run accidents by enabling law enforcement authorities to effectively reduce the number of suspects. We are developing an algorithm that automatically reconstructs the routes traveled by suspect drivers using vehicle data recorded while driving. In contrast, existing approaches only offer manual or semi-automated route reconstruction. If our algorithm cannot reconstruct a route that includes the accident location, the suspect driver is most likely innocent. © 2019 IEEE.
view abstract 10.1109/PERCOMW.2019.8730655
- Bike type identification using smartphone sensors
Matkovic, V. and Waltereit, M. and Zdankin, P. and Uphoff, M. and Weis, T.
UbiComp/ISWC 2019- - Adjunct Proceedings of the 2019 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2019 ACM International Symposium on Wearable Computers (2019)We present an approach to identify bike types using smartphone sensors. Knowledge of the bike type is necessary to provide ubiquitous services such as navigation services that consider bike-specific road conditions in route planning to improve driving safety. In order to differentiate between bike types, we use four machine learning classifiers. To evaluate our approach, we collected sensor readings on two routes with six rides each for two bike types. The evaluation shows very good predictive performance for all classifiers with F1 scores of up to 0.94. Overall, the convolutional neural network (CNN) classifier yields the best results for both bike types and both routes. © 2019 Copyright held by the owner/author(s).
view abstract 10.1145/3341162.3343763
- Domain impersonation is feasible: A study of CA domain validation vulnerabilities
Schwittmann, L. and Wander, M. and Weis, T.
Proceedings - 4th IEEE European Symposium on Security and Privacy, EURO S and P 2019 (2019)Web security relies on the assumption that certificate authorities (CAs) issue certificates to rightful domain owners only. However, we show that CAs expose vulnerabilities which allow an attacker to obtain certificates from major CAs for domains he does not own. We present a measurement method that allows us to check CAs for a list of technical weaknesses during their domain validation procedures. Our results show that all tested CAs are vulnerable in one or even multiple ways, because they rely on a combination of insecure protocols like DNS and HTTP and do not implement existing secure alternatives like DNSSEC and TLS. We have validated our methodology experimentally and disclosed these vulnerabilities to CAs. Based upon our findings we provide recommendations to domain owners and CAs to close this fundamental weakness in web security. © 2019 IEEE.
view abstract 10.1109/EuroSP.2019.00046
- Fyr: A memory-safe and thread-safe systems programming language
Weis, T. and Waltereit, M. and Uphoff, M.
Proceedings of the ACM Symposium on Applied Computing Part F147772 (2019)Fyr is an open source systems programming language that combines the versatility of C with the ease and safety of modern application programming languages such as Java and Go. Fyr uses manual memory management to support systems where memory is a scarce resource, especially networked IoT devices. Fyr guarantees memory safety and thread safety. These safety guarantees are built on a combination of compile-time type checking, control-flow checking and runtime reference counting where necessary. We show that Fyr allows for more flexibility and simpler code than Rust, especially when working with heap data structures. © 2019 Copyright held by the owner/author(s).
view abstract 10.1145/3297280.3299741
- Route Derivation Using Distances and Turn Directions
Waltereit, M. and Uphoff, M. and Weis, T.
AutoSec 2019 - Proceedings of the ACM Workshop on Automotive Cybersecurity, co-located with CODASPY 2019 (2019)We present an algorithm to derive the traveled route of a vehicle based on distances and turn directions, but without access to GPS data. The algorithm outputs a ranked list of routes that cause the distances and turn directions when traveled. GPS data is known to be privacy invasive and access is therefore typically restricted. Distances and turn directions can be obtained e.g. using acceleration and gyroscope sensors in a smartphone or by analyzing CAN bus data about wheel speeds. This data is easily available to zero-permission smartphone apps or to dongles connected to the vehicle's OBD2 port. However, distances and turn directions may be inaccurate due to measurement errors. Our algorithm can handle this inaccuracy. Our evaluation shows that distances and turn directions are often sufficient to derive the actually traveled route of a vehicle in an area of about 1200 square km without knowing the start or end position. The traveled route is the best ranked derived route in 78% cases and among the five best ranked derived routes in 95.5% cases. © 2019 ACM.
view abstract 10.1145/3309171.3309176
- Domain name system without root servers
Wander, M. and Boelmann, C. and Weis, T.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 10694 LNCS (2018)We present a variation to the infrastructure of the Domain Name System (DNS) that works without DNS root servers. This allows to switch from a centralized trust model (root) to a decentralized trust model (top-level domains). By dropping DNS root in our approach, users have one entity less that they must trust. Besides trust issues, not relying on DNS root means that DNS root servers are no longer a central point of failure. Our approach is minimally invasive, builds on established DNS architecture and protocols and supports the DNS Security Extensions (DNSSEC). Furthermore, we designed our approach as an opt-in technology. Thus, each top-level domain operator can decide whether to support rootless DNS or not. The challenge of a rootless DNS is to keep track of changing IP addresses of top-level domain servers and to handle key rollovers, which are part of normal DNSSEC operation. Top-level domains opting in to rootless DNS must follow constraints regarding the frequency of changes of IP addresses and DNSSEC keys. We conducted a four-year measurement to show that 82% respectively 72% of top-level domains fulfill these constraints already. © Springer International Publishing AG, part of Springer Nature 2018.
view abstract 10.1007/978-3-319-76687-4_14
- SecureCloud: An Encrypted, Scalable Storage for Cloud Forensics
Uphoff, M. and Wander, M. and Weis, T. and Waltereit, M.
Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018 (2018)The amount of forensic data collected by governments is increasing rapidly. Public cloud providers could store this data for a lower price than government owned infrastructure ever could, but for privacy reasons such data must be encrypted before it is sent to a public cloud. In this paper we present our SecureCloud system which provides a secure, efficient and seamless way to store forensic data in cheap but untrusted cloud environments. The forensic tools, however, are still executed on premises of the government agency, because they need cleartext data. We analyze the performance of our system using Autopsy to show that the forensic tool runs only 19 percent slower when reading encrypted data from SecureCloud compared with reading the same data from a local file server. © 2018 IEEE.
view abstract 10.1109/TrustCom/BigDataSE.2018.00294
- Towards Comprehensible Explanations of Phenomena in Home Automation Systems
Wander, M. and Matkovic, V. and Weis, T. and Bischof, M. and Schwittmann, L.
2018 IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2018 (2018)The current focus in home automation is on making these systems smart and easy to install. Following advances in the area of smart assistants like Alexa and Google Home, we assume that users will not only issue commands to their smart home. They will ask their smart home for explanations why something happened. Hence, we develop and evaluate an algorithm that can explain users why a certain observable phenomenon occured. These questions can originate in the complexity of smart home systems, i.e., the system did something unexpected and the users wonders what caused it. Furthermore, users might ask the system about phenomena caused by their roommates. To evaluate our prototype, we analyze the difference between answers given by humans and those generated by our prototype. Therefore, we conducted an Amazon Mechanical Turk-based Turing Test. In four out of six scenarios our prototype passed the Turing Test. In one of them the computer answer appeared even more human than the real human one. © 2018 IEEE.
view abstract 10.1109/PERCOMW.2018.8480147
- Application-level determinism in distributed systems
Boelmann, C. and Schwittmann, L. and Waltereit, M. and Wander, M. and Weis, T.
Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS (2017)Deterministic and reproducible program execution eases the development and debugging of distributed systems. However, deterministic execution comes at high performance costs and is hard to achieve, especially when running on different hardware. In this paper we introduce the concept of application-level determinism and describe how the parallel programming model Spawn & Merge can be used for scalable and deterministic distributed computation. Application-level deterministic applications yield reproducible deterministic results independent of the number of nodes participating in the computation, even though intermediate tasks may be executed in an unpredictable schedule. To achieve consistency independent of the order in which operations have been applied we present a new Operational Transformation algorithm, which mitigates the performance loss of introducing determinism with Spawn & Merge. We show that such deterministic processing can scale across a cluster of compute nodes and discuss for which kind of workload the programming model is feasible. Furthermore, for high and low workloads, we evaluate the cost of adding determinism to be 28% and 40% higher than perfect parallel computation. © 2016 IEEE.
view abstract 10.1109/ICPADS.2016.0132
- Identifying TV channels \& on-demand videos using ambient light sensors
Schwittmann, L. and Boelmann, C. and Matkovic, V. and Wander, M. and Weis, T.
Pervasive and Mobile Computing 38 (2017)A video playing on a television screen emits a characteristic flickering, which serves as an identification feature for the video. This paper presents a method for video recognition by sampling the ambient light sensor of a smartphone or wearable computer. The evaluation shows that given a set of known videos, a recognition rate of up to 100% is possible by sampling a sequence of 15 to 120 s length. Our method works even if the device has no direct line of sight to the television screen, since ambient light reflected from walls is sufficient. A major factor of influence on the recognition is the number of video cuts that change the light emitted by the screen. © 2016 Elsevier B.V.
view abstract 10.1016/j.pmcj.2016.08.018
- Video recognition using ambient light sensors
Schwittmann, L. and Matkovic, V. and Wander, M. and Weis, T.
2016 IEEE International Conference on Pervasive Computing and Communications, PerCom 2016 (2016)We present a method for recognizing a video that is playing on a TV screen by sampling the ambient light sensor of a user's smartphone. This improves situation awareness in pervasive systems because the phone can determine what the user is currently watching on TV. Our method works even if the phone has no direct line of sight to the TV screen, since ambient light reflected from walls is sufficient. Our evaluation shows that a 100% recognition ratio of the current TV channel is possible by sampling a sequence of 15 to 120 seconds length, depending on more or less favorable measuring conditions. In addition, we evaluated the recognition ratio when the user is watching video-on-demand, which exhibits a large set of possible videos. Recognizing professional YouTube videos resulted in a 92% recognition ratio; amateur videos were recognized correctly with 60% because these videos have fewer cuts. Our method focuses on detecting the time difference between video cuts because the light emitted by the screen changes instantly with most cuts and this is easily measurable with the ambient light sensor. Using the ambient light sensor instead of the camera greatly benefits energy consumption, bandwidth usage and raises less privacy concerns. Hence, it is feasible to run the measurement in the background for a longer time without draining the battery and without sending camera shots to a remote server for analysis. © 2016 IEEE.
view abstract 10.1109/PERCOM.2016.7456511
- Deterministic synchronization of multi-threaded programs with operational transformation
Boelmann, C. and Schwittmann, L. and Weis, T.
Proceedings of the International Parallel and Distributed Processing Symposium, IPDPS (2014)Today's mainstream programming language concepts originate from a time when processes were executed in a single thread and the outcome of computation was deterministic. To deal with multi-threaded execution synchronization mechanisms have to be used to restrict parallel execution to a point where the program produces correct results for all possible interleaving executions. This is constantly leading to deadlocks and race conditions, i.e. undesired non-deterministic behavior. In this paper, we propose a new set of synchronization primitives, Spawn and Merge, that yield deterministic program execution for multi-threaded programs. This means that there are no race conditions when using this synchronization technique and deadlocks can be avoided right away. Concurrent access to data structures is resolved using operational transformation. Using two example scenarios we show how these synchronization primitives can be used and that they are equivalent to semaphores. Furthermore, we evaluate our framework by implementing a network simulator. We show that despite a constant overhead, the performance is comparable to using standard synchronization primitives while yielding deterministic results. © 2014 IEEE.
view abstract 10.1109/IPDPSW.2014.50
- GPU-based NSEC3 hash breaking
Wander, M. and Schwittmann, L. and Boelmann, C. and Weis, T.
Proceedings - 2014 IEEE 13th International Symposium on Network Computing and Applications, NCA 2014 (2014)When a client queries for a non-existent name in the Domain Name System (DNS), the server responds with a negative answer. With the DNS Security Extensions (DNSSEC), the server can either use NSEC or NSEC3 for authenticated negative answers. NSEC3 claims to protect DNSSEC servers against domain enumeration, but incurs significant CPU and bandwidth overhead. Thus, DNSSEC server admins must choose between more efficiency (NSEC) or privacy (NSEC3). We present a GPU-based attack on NSEC3 that revealed 64% of all DNSSEC names in the com domain in 4.5 days. This attack shows that the NSEC3 privacy promises are weak and thus DNSSEC server admins must carefully decide whether the limited privacy is worth the overhead. Furthermore, we show that an increase of the cryptographic strength of NSEC3 puts attackers at an advantage, since the cost of an attack does not rise faster than the costs incurred on the DNSSEC server. © 2014 IEEE.
view abstract 10.1109/NCA.2014.27
- Measurement of globally visible DNS injection
Wander, M. and Boelmann, C. and Schwittmann, L. and Weis, T.
IEEE Access 2 (2014)Domain Name System (DNS) injection is a censorship method for blocking access to blacklisted domain names. The method uses deep packet inspection on all DNS queries passing through the network and injects spoofed responses. Compared with other blocking mechanisms, DNS injection impacts uninvolved third-parties if their traffic is routed through a censored network. In this paper, we look for large deployments of DNS injection, measured from vantage points outside of the censored networks. DNS injection is known to be used in China since it leaked unintentionally into foreign networks. We find that DNS injection is also used in Iran and can be observed by sending DNS queries to Iranian networks. In mid 2013, the Iranian DNS filter was temporarily suspended for some names, which correlated with media coverage of political debates in Iran about blocking social media. Spoofed responses from China and Iran can be detected passively by the IP address returned. We propose an algorithm to obtain these addresses remotely. After testing 255 002 open resolvers outside of China, we determined that 6% are potentially affected by Chinese DNS injection when querying top-level domains outside of China. This is essentially the result of one top-level domain name server for which an anycast instance is hosted in China. © 2014 IEEE.
view abstract 10.1109/ACCESS.2014.2323299
- Privacy Preservation in Decentralized Online Social Networks
Schwittmann, L. and Wander, M. and Boelmann, C. and Weis, T.
IEEE Internet Computing 18 (2014)The housing of personal data on large online social networks arouses concerns from privacy advocates and leery users. Researchers have proposed decentralized architectures to create online social networks with technically imposed privacy preservation. This survey of several approaches discusses their privacy benefits, architecture, and suitability for mobile devices. © 2014 IEEE.
view abstract 10.1109/MIC.2013.131
- Development of efficient role-based sensor network applications with excel spreadsheets
Boelmann, C. and Weis, T.
Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS (2013)Natural scientists use large scale sensor networks for gathering and analyzing environmental data. However, the implementation work requires expert programmers. The problem is complicated by limited battery lifetime, processing power and memory capacity of the nodes, because this requires a low-level programming language. Since scientists are used to analyzing data with spreadsheets, researchers have studied the possibility of applying spreadsheet-based programming to sensor networks. The approaches so far either require a central server to execute the spreadsheet, or they execute a spreadsheet run-time on each node. The first approach causes higher communication cost since all data has to be routed to the central server and the second one causes computational overhead, because evaluating a spreadsheet is slower than executing handcrafted NesC-code. Hence, we present a spreadsheet driven tool-chain that can create efficient NesC-code and allows for simulation in the spreadsheet itself. The nodes have to recompute the spreadsheet formulas upon new data. However, we can avoid a large fraction of this recomputation by applying several optimization strategies during code generation. In our example scenario, sensor nodes compute the variance across a series of sensor readings. We can show that the optimizations save 65% CPU cycles and the code size decreases by 12% when compared to non-optimized execution of the spreadsheet. Thus, our approach can deliver an easy way of developing sensor network programs while yielding very efficient code. © 2013 IEEE.
view abstract 10.1109/ICPADS.2013.58
- Measuring occurrence of DNSSEC validation
Wander, M. and Weis, T.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 7799 LNCS (2013)DNSSEC is a security extension that adds public-key signatures to the Domain Name System for the purpose of data authenticity and integrity. While DNSSEC signatures are being deployed on an increasing number of name servers, little is known about the deployment advancements of client-side DNSSEC validation. In this paper we present a methodology to determine whether a client is protected by DNSSEC validation. We applied our methodology over a period of 7 months collecting results from different data sources. After data cleaning, we gathered 131,320 results from 98,179 distinct IP addresses, out of which 4.8% had validation enabled. The ratio varies significantly per country, with Sweden, the Czech Republic and the United States having the largest ratios of validating clients in the field. © 2013 Springer-Verlag Berlin Heidelberg.
view abstract 10.1007/978-3-642-36516-4-13
- SoNet - Privacy and replication in federated online social networks
Schwittmann, L. and Boelmann, C. and Wander, M. and Weis, T.
Proceedings - International Conference on Distributed Computing Systems (2013)In this paper we propose a federated online social network (OSN) which focuses on user privacy and data availability. All user content is encrypted and decrypted on end-user devices, hiding the content from the OSN providers. The social graph is hidden from the OSN provider by employing a novel aliasing approach and using secure algorithms for mutual friendship establishment. Usernames are mapped to friend-specific aliases, which reduces the amount of information a provider can gather from analyzing these identifiers. Users authenticate to each other without revealing their identities to a potential attacker. The proposed system allows for user interactions between independent OSN providers. To improve data availability we use a replication scheme which does not jeopardize the obfuscation of the social graph. Our approach differs from existing works mainly by the social graph obfuscation in combination with replication. © 2013 IEEE.
view abstract 10.1109/ICDCSW.2013.20
- An architecture for complex P2P systems
Holzapfel, S. and Wacker, A. and Weis, T. and Wander, M.
2012 IEEE Consumer Communications and Networking Conference, CCNC'2012 (2012)This article presents an architecture for research and development of peer-to-peer (P2P) systems. A complete P2P application has to cope with problems such as NAT-traversal, bootstrapping, connection management, routing, storage, and security. Therefore, our approach separates the system into layers and components. A developer can easily build a complete P2P stack by plugging layers and components together, which allows for easy code reuse and interchangeability. Furthermore, our architecture allows us to run a discrete event simulation by using a special programming model. This way we can use the same code base for productive applications as well as for measurements & tests on a compute cluster. Our evaluation shows that using our architecture has a negligible effect on performance and a very small memory footprint, which allows us to simulate thousands of peer instances running the real application code on a single machine. © 2012 IEEE.
view abstract 10.1109/CCNC.2012.6181030
- NTALG - TCP NAT traversal with application-level gateways
Wander, M. and Holzapfel, S. and Wacker, A. and Weis, T.
2012 IEEE Consumer Communications and Networking Conference, CCNC'2012 (2012)Consumer computers or home communication devices are usually connected to the Internet via a Network Address Translation (NAT) router. This imposes restrictions for networking applications that require inbound connections. Existing solutions for NAT traversal can remedy the restrictions, but still there is a fraction of home users which lack support of it, especially when it comes to TCP. We present a framework for traversing NAT routers by exploiting their built-in FTP and IRC application-level gateways (ALG) for arbitrary TCP-based applications. While this does not work in every scenario, it significantly improves the success chance without requiring any user interaction at all. To demonstrate the framework, we show a small test setup with laptop computers and home NAT routers. © 2012 IEEE.
view abstract 10.1109/CCNC.2012.6181044
- Self-stabilizing micro controller for large-scale sensor networks in spite of program counter corruptions due to soft errors
Boelmann, C. and Weis, T. and Engel, M. and Wacker, A.
Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS (2012)For large installations of networked embedded systems it is important that each entity is self-stabilizing, because usually there is nobody to restart nodes that have hung up. Self-stabilization means to recover from temporary failures (soft errors) and adapt to a change of network topology caused by permanent failures. On the software side self-stabilizing algorithms must assume that the hardware is executing the software correctly. In this paper we discuss cases in which soft errors invalidate this assumption, especially in cases where CPU registers or the watchdog timer are affected by the fault. Based on the observation that a guaranteed self-stabilization is only possible as long as the watchdog-timer is working properly after temporary failures, we propose and compare three different approaches that meet the requirements of sensor networks, to solve this problem with a combination of hardware-and software-modifications: 1) A run-time verification of every watchdog access 2) A completely hardware-based approach, without any software modifications 3) A 2X byte code alignment, to realign a corrupted program counter Furthermore we determine the average code-size increase and evaluate necessary hardware-modifications that come along with each approach. © 2012 IEEE.
view abstract 10.1109/ICPADS.2012.75
- Using zone code to manage a Content-Addressable Network for Distributed Simulations
Li, Z. and Weis, T.
International Conference on Communication Technology Proceedings, ICCT (2012)In this paper we introduce zone code to manage a Content-Addressable Network for Distributed Simulations (CANS), which simulates two-dimensional worlds (for example MMVE games or city traffic simulations). CANS inherits from CAN the basic concepts of splitting a rectangular area into zones which are then assigned to peers. The peers carry out the simulation for the zone assigned to them. The area should be split in such a way that there is as little communication between the peers as possible. This is the case for quadratic zones, because then a car or player needs in average the maximum time to cross a zone. A problem of CAN is the re-organization of the area into (ideally) equally sized rectangular zones upon peers leaving the system. Therefore, we introduce zone code which helps to reorganize the area when peers leave. © 2012 IEEE.
view abstract 10.1109/ICCT.2012.6511418
- A new protocol to determine the NAT characteristics of a host
Holzapfel, S. and Wander, M. and Wacker, A. and Schwittmann, L. and Weis, T.
IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum (2011)The shortage of IPv4 addresses and the very slow transition to IPv6 leads to well-established pragmatic solutions in the Internet: today many hosts are still using IPv4 and are connected to the Internet over a Network Address Translation router. For many applications, which need inbound connections, like e.g. voice-over-IP or peer-to-peer-based systems it is necessary to determine the characteristics of the surrounding network environment, i.e. the behavior of the used router. In most cases this information is required to successfully establish inbound connections. Therefore, we present in this paper a new protocol to determine the characteristics of the used router. Our protocol is backward compatible to the well known STUN protocol while providing more detailed results. Furthermore, our protocol can be used in a fully decentralized way, i.e. without any centralized servers, making it suitable for pure peer-to-peer-based systems. We complete the presentation of our new protocol with an evaluation through a field experiment. © 2011 IEEE.
view abstract 10.1109/IPDPS.2011.320
- Detecting opportunistic cheaters in volunteer computing
Wander, M. and Weis, T. and Wacker, A.
Proceedings - International Conference on Computer Communications and Networks, ICCCN (2011)For computationally expensive but parallelizable search problems distributed computing approaches based on volunteer computing can be used. Volunteering users spend their computation time to gain some sort of credit or for the sake of appearing in a ranking. Some of the users may try to gain reward without investing their computation time, i.e. they cheat. Hence, a cheat detection mechanism against such opportunistic cheaters is needed. The simplest approach is the recalculation of all results by multiple users followed by a voting. This simple approach is inefficient since it increases the computational complexity by the factor of the executed recalculations. In this paper we propose a new and efficient approach for cheat detection in search problems using a combination of sample testing and result aggregation. Our approach provides a high probability of detecting a cheating user while reducing the computational complexity using sample testing and the required bandwidth using result aggregation. In a limited range, one can compensate a small available bandwidth with more computations, thus providing a trade-off between bandwidth and computational complexity. © 2011 IEEE.
view abstract 10.1109/ICCCN.2011.6006040
- Federating websites with the google wave protocol
Weis, T. and Wacker, A.
IEEE Internet Computing 15 (2011)This article presents a software architecture and communication protocol for synchronizing user-generated content across websites in near real time. The technique builds on the Google Wave Federation Protocol, allowing websites to mashup and cooperate in ways that are difficult to achieve with other mashup techniques. The authors also present a set of requirements for modern federated websites, along with an extensive scenario walkthrough to illustrate how to use the proposed approach. © 2011 IEEE.
view abstract 10.1109/MIC.2011.28
- Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics): Introduction
Fleury, E. and Han, Q. and Marron, P. and Weis, T.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6853 LNCS (2011)The tremendous advances in wireless networks, mobile computing, sensor networks along with the rapid growth of small, portable and powerful computing devices offers opportunities for pervasive computing and communications. Topic 14 deals with cutting-edge research in various aspects related to the theory or practice of mobile computing or wireless and mobile networking, including architectures, algorithms, networks, protocols, modeling and performance, applications, services, and data management. © 2011 Springer-Verlag.
view abstract 10.1007/978-3-642-23397-5_28
- Self-stabilizing embedded systems
Weis, T. and Wacker, A.
8th International Conference on Autonomic Computing, ICAC 2011 and Co-located Workshops - Proceedings of the 2011 Workshop on Organic Computing, OC'11 (2011)The reliability of embedded systems is under constant pressure from miniaturization and cost savings. At some point miniaturized systems built into articles of daily use will show temporary hardware faults, induced for example by temperature changes, radiation of phones passing by, or simply mechanical stress. Thus, software can no longer safely assume that hardware offers fail-stop semantics. This paper shows how to build a self-stabilizing system that can recover from temporary hardware faults. Our approach is mainly carried out in software and requires only little hardware support. The goal is to deliver a low-cost system that can repair itself in constant time from a very wide range of faults. © 2011 ACM.
view abstract 10.1145/1998642.1998653
- SYNI - TCP hole punching based on SYN injection
Holzapfel, S. and Wander, M. and Wacker, A. and Weis, T.
Proceedings - 2011 IEEE International Symposium on Network Computing and Applications, NCA 2011 (2011)The shortage of IPv4 addresses and the very slow transition to IPv6 leads to pragmatic solutions in the Internet: today many hosts are still using IPv4 and are connected to the Internet over a Network Address Translation (NAT) router. However, there are many applications, which need inbound connections, like e.g. peer-to-peer-based systems or voice-over-IP. For such NATed hosts inbound connections usually pose a problem, since without additional measures the router filters the incoming connection attempts. These additional measures are usually referred to as NAT traversal mechanisms and hole punching is one of those techniques. In this paper we propose a new protocol for a TCP-based hole punching mechanism based on self-injecting SYN-packets in the local network stack. © 2011 IEEE.
view abstract 10.1109/NCA.2011.66
- Vorostore - A secure and reliable data storage for peer-to-peer-based MMVEs
Holzapfel, S. and Schuster, S. and Weis, T.
Proceedings - 11th IEEE International Conference on Computer and Information Technology, CIT 2011 (2011)Virtual worlds are typically persistent. They need a reliable storage to store the state of the world. In a decentralized peer-to-peer-based virtual world, this must also be realized in a decentralized fashion. However, peers are not only unreliable. They might also be malicious trying to tamper with the stored data. Therefore we present our approach to realize a peer-topeer- based reliable and secure storage. It is based on a Voronoi tessellation to manage storage responsibilities and preserves the locality of data. Thus it allows range queries as needed by a peer-to-peer-based virtual world. Our approach guarantees availability and integrity of data with a certain controllable probability using redundant storage and routing. © 2011 IEEE.
view abstract 10.1109/CIT.2011.97
- Towards peer-to-peer-based cryptanalysis
Wander, M. and Wacker, A. and Weis, T.
Proceedings - Conference on Local Computer Networks, LCN (2010)Modern cryptanalytic algorithms require a large amount of computational power. An approach to cope with this requirement is to distribute these algorithms among many computers and to perform the computation massively parallel. However, existing approaches for distributing cryptanalytic algorithms are based on a client/server or a grid architecture. In this paper we propose the usage of peer-to-peer (P2P) technology for distributed cryptanalytic calculations. Our contribution in this paper is three-fold: We first identify the challenges resulting from this approach and provide a classification of algorithms suited for P2P-based computation. Secondly, we discuss and classify some specific cryptanalytic algorithms and their suitability for such an approach. Finally we provide a new, fully decentralized approach for distributing such computationally intensive jobs. Our design takes special care about scalability and the possible untrustworthy nature of the participating peers. © 2010 IEEE.
view abstract 10.1109/LCN.2010.5735672
peer to peer networks