Computer Systems & Telematics Embedded Sensor Boards
Home of CST » Members » Matthias Wählisch

Prof. Dr. Matthias Wählisch

Matthias Wählisch Address:

Institute of Computer Science
Freie Universität Berlin
Takustr. 9
14195 Berlin

Room: 164


Phone number
Phone: +49 30 838 50072
Fax: +49 30 838 450072

Office Hours: Stop by, or write an email to make an appointment.

Research Areas [Full Publication List]

I am an Assistant Professor of Computer Science and Internet Technologies at Freie Universität Berlin. Together with my colleagues Jochen Schiller and Katinka Wolter, I co-direct the CST lab, heading the research activities on Internet technologies. My research and teaching focus on efficient, reliable, and secure Internet communication. This includes the design and evaluation of networking protocols and architectures, as well as Internet measurements and analysis. My efforts are driven by transforming solid research into practice, trying to improve Internet-based communication. More details in the complete CV.

I studied Computer Science and Contemporary German Literature at FU Berlin. I received my PhD in Computer Science from Freie Universität Berlin.

Furthermore, I am an associated member of the Internet Technologies (INET) research group at HAW Hamburg and a co-founder of link-lab.


If you are looking for a bachelor/master thesis or project topic in one of the research areas, please, do not hesitate to contact me. You will find some additional advice in the teaching section.


X-Check The overall goal of X-Check (Cross-Check) is to provide improved security for ICT-systems by leveraging data from Internet Exchange Points (IXP). X-Check designs and implements a system for the large-scale detection of (a) known security incidents and (b) novel, unconventional anomalies at central Internet nodes.
Peeroskop The objective of the Peeroskop project is the design and development of a system for the observational analysis of the Internet part's relevant for Germany, as well as the proactive and reactive protection of the backbone routing. Core components of the project are mechanisms for information fusion and information classification based on passive and active measurements which discover vulnerabilities in the Internet peering beforehand and bypass emerging disruptions. More information is available on the project homepage.
ICN Information-centric networking (ICN) proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. We analyze threats to the stability and security of the content distribution system in theory and practical experiments. More information is available in our report.
RIOT RIOT is the friendly operating system for the Internet of Things. It leverages a microkernel to provide an energy-efficient operating system for IoT solutions. It is developer-friendly, resource-friendly, and IoT-ready. More information is available on the project homepage.
CAF_C++ Actor Framework The C++ Actor Framwork, or short CAF, is an open source implementation of the actor model for C++11. It extends the actor model with several features such as a lock-free mailbox and transparent group semantics to ease development of distributed systems based on multicast technologies. More information is available on the project homepage.
SAFEST This Franco-German project aims at a comprehensive solution to ensure the safety and security of the general public and critical infrastructures. Specifically, SAFEST addresses the problems of crowd control and area surveillence at airports. More information is available on the project homepage.
RPKI The RTRlib is an open-source C implementation of the RPKI/Router Protocol client. The library allows to fetch and store validated IP prefix origin data from a cache as well as the origin verification of IP prefixes. It supports different types of transport sessions (e.g., SSH, unprotected TCP) and is easily extendable. The library helps to secure the Internet backbone routing protocol, BGP. More information is available on the project homepage.
Routing Atlas The Internet was originally shaped as a fully decentralized, cooperative packet transport system that offered transmission services to those who were willing to inter-connect. Its scalable architecture aimed at supporting a global information infrastructure without the requirement of national contributions, regulations or governmental support. Meanwhile the Internet has matured to an almost mission-critical infrastructure for global communication, but also for enabling key operations of public administration and business affairs, of research, education, and entertainment within individual countries. In this project, we identify, characterize, and visualize the fraction of the Internet that serves as the nation-centric communication system of Germany. Starting from the RIPE database and harvesting several additional databases, route monitors and Internet measurement projects, we extract the minimal routing graph that interconnects all members, as well as a subset of relevant players within the German Internet. The results may help to identify IP prefix hijacking or weak transits. Preliminary results have been published here and here.
REALMv6 REALMv6 is an open initiative to investigate and accelerate protocols and deployment in the field of real-time and multicast mobility in IPv6. The research targets at a next generation mobile Internet and includes applications for a mobile, IPv6-enabled Internet, analysis of handover performance & optimization as well as concepts and corresponding analysis for evolving IPv6 mobility protocols. More information is available on the realmv6 homepage.


SKIMS The objective of SKIMS lies in the design, development and implementation of a cross-layer security system for mobile devices. Detection mechanisms as well as a proactive and reactive defense of attacks are core components of this project. The vision of a digital immune system will be demonstrated in a proof of concept in terms of an extended security application for mobile phones. Analog to a traffic light system, the mobile signals the current level of risk to the user and relaxes the status wherever applicable. This transparency allows users to regain trust that was lost previously in insecure environments. More information is available on the SKIMS homepage.
HAMcast The objective of HAMcast lies in the development and practical analysis of a component for group communication as part of a multiservice Internet architecture. Encapsulated by an application-transparent API, HAMcast enables the global provisioning of a hybrid, adaptive multicast service. Its architecture will follow an evolutionary model using a universal service middleware that does neither require a deployment by providers, nor dedicated network implementations by application programmers. All results will be deployed within the German Lab (G-Lab) and may serve as the basis for new, group-oriented systems and applications. HAMcast includes (a) Open Multi-Service Architecture, (b) Universal, Layer-Transparent API, (c) Mobility-Transparent Routing, (d) ISP Service Interaction between Overlay and Underlay, and (e) Experimentally Driven Optimization and Refinement. The FU Berlin is an associated partner. More information is available on the HAMcast homepage.
AuthoCast Mobile multicast scenarios like IPTV or group conferencing are likely to soon extend into the mobile world: A sportscaster (without support of tradional, expensive broadcasting equipment) may feed its live stream from a sailing regatta to an Internet TV channel. But how to prevent an attacker from hijacking this open Internet channel? AuthoCast defines a protocol scheme that allows for authentication of mobile Multicast senders in native IP and overlay networks. More information is available on the AuthoCast homepage.
hylOs The Hypermedia Learning Object System (hylOs) is an adaptive eLearning content management system and runtime environment, built upon a sophisticated information object model tailored from the IEEE LOM (Learning Object Metadata) standard. hylOs comprises instructional design concepts and tools, a content acquisition and analysis engine for semi-automated generation and annotation of eLearning Objects, as well as an Ontological Evaluation Layer for concluding relations between eLearning Objects, bundled with a sophisticated repository and platform-independent authoring environment. More information is available on the hylOs homepage.
Moviecast The aim of the project Moviecast is the design and development of an Internet based videoconference solution for mobile devices. The solution will consist purely in software, ready to run on standard devices (PDAs) under current operating systems (e.g. Windows Mobile). All software components will be standard compliant. The result of the project will be a highly optimized software library, which encodes and decodes video streams in real-time and supports user and session mobility as well as secured and optimized mobile group communication. More information is available on the Moviecast homepage.

Honors and Awards


Travel Grants

Invitations to Schloss Dagstuhl

Invited Talks

Publications & CV

Professional Activities


Guest Editor

TPC and Reviewer


Expert Evaluator



Please, consider this advice if you want to work with me. This also includes some basic publication venues in the field I'm working.

Bachelor / Master Theses


Do not hesitate to contact me if you are interested in one of my research areas or projects. Decide on an area of interest and we can discuss a specific thesis topic.



Courses (outdated)

WS 2011/12: PS Technische Informatik
SoSe 2011: PS Technische Informatik
S Seminar Technische Informatik
WS 2010/11: PS Technische Informatik
S Seminar Technische Informatik
SoSe 2010: PS Technische Informatik
S Technische Informatik - Network Organization and Protocols
WS 2009/10: V/Ü Telematik
S Technische Informatik - Mobile Ad-hoc Networks
PS Technische Informatik
© 2009 - 2016 Freie Universität Berlin, AG CST

News of my research group

Talk@Vodafone Enterprise Forum

I was invited to talk about Internet backbone security (RPKI, DNSSEC, DDoS) at the Vodafone Enterprise Forum.

Technical Report about RPKI Origin Validation

Paper@SIGCOMM Reproducibility'17

Our paper "Towards an Ecosystem for Reproducible Research in Computer Networking" will be presented at SIGCOMM Reproducibility Workshop 2017.


Some recent interviews I gave about cybersecurity as well as RIOT in radio and printed press, including Washington Post.

TMA PhD School & Grants

PhD student Marcin Nawrocki and Master's students Samir Al-Sheikh and Andreas Reuter accepted for TMA PhD School and awarded travel grants. Congrats!

RFC 8076 published

Our work about A Usage for Shared Resources in RELOAD (ShaRe) has been finally published as IETF RFC 8076 (standards track).


Master's student Andreas Reuter received a grant to attend RIPE 74 meeting and present our work about RPKI filtering. Congrats!

Embedded World 2017

We present RIOT at Embedded World.

Talk at Cisco

I have been invited to give a talk about ICN at the Cisco - Ecole Polytechnique Networking Research & Innovation Symposium.

Co-organizing ACM IMC'17

Serve as publication and registration chair of ACM IMC.

Interview with fundiert

The current issue of the research magazine fundiert features the topic "Communication". They report about some of my work on secure Internet communication as well as IoT (in German).

Poster Chair of ACM SIGCOMM'17

Prepare your promising, preliminary work for poster track at ACM SIGCOMM. CfP is coming end of January.

Local Chair of ACM ICN'17

ACM ICN will be hosted at FU Berlin in 2017. Prepare your best work on information-centric networking!

Travel Grant Chair of NetSys'17

Prepare your travel grant application for NetSys 2017, sponsored by ACM SIGCOMM.

Dagstuhl proposal accepted

Co-organizing the Dagstuhl Seminar "The Critical Internet Infrastructure Revisited".

Interview with heise

The very popular computer magazine c't reports about RIOT.

Paper@ACM IMC'16

Poster@ACM ICN'16

Our poster on "ICN over TSCH: Potentials for Link-Layer Adaptation in the IoT" has been accepted to ACM ICN 2016.

RFC 7927 published

Our work on "Information-Centric Networking (ICN) Research Challenges" has been published as RFC 7927. Joint effort of ICNRG!

Co-organizing RIOT Summit & IETF Warm-Up

Very successful events. More than 150 participants on-site.

Talk@NANOG 67

Have been invited to present our RPKI tools, RTRlib and RPKI MIRO, at 67th NANOG meeting.

New TR available

Formal languages and BGP? See CAIR paper.

OC RIOT Summit 2016

Co-chairing the first RIOT Summit.

Paper@IFIP Networking'16

Our paper "Let's Collect Names: How PANINI Limits FIB Tables in Name Based Routing" has been accepted to IFIP Networking 2016.

Master student@CAIDA BGP Hackathon

Master student Andreas Reuter has been selected for the CAIDA BGP Hackathon, and he received a travel grant. Congrats!

Paper & Demo@EWSN'16

Our paper "TRAIL: Topology Authentication in RPL" has been accepted to ACM EWSN 2016. We will also present our "Demo: Topological Robustness of RPL with TRAIL".


Laura Feeney visits us

Excellent Young Scientist Award

For my contributions to the IoT, I received the first place of the Forum for Excellent Young Scientists, including 10,000 EUR. Press release (in German).


Talk about RIOT and ICN in the IoT.


Will talk at American University of Beirut (Lebanon) about our work on securing the Internet backbone.

RIOT wins IoT Challenge

Master students Cenk Gündogan and Lennart Dührsen won the Cisco Challenge: Best Use of Cisco Technology at the IoT World Europe Hack-a-thon. Connecting IoT to the Tropo cloud with RIOT. Congrats!

Paper@ACM HotNets'15

Our paper "RiPKI: The Tragic Story of RPKI Deployment in the Web Ecosystem" has been accepted to HotNets 2015. Acceptance rate was 18%.

Two Posters@ACM ICN'15

ACM ICN Travel Grant for Master student

Master student Samir Al-Sheikh reiceved an ACM ICN Travel Grant, sponsored by ACM SIGCOMM. Congratulations!

WOOT@USENIX Security 2015


One poster and two demos accepted at ACM SIGCOMM 2015. RPKI Browser Plugin, RPKI Monitoring, IBC/ECC in IoT Security.

Two ACM MobiSys'15 travel grants for Master students

Master students Martine and Philipp received a student travel grant to attend ACM MobiSys 2015 and present our papers at co-located workshop. Congratulations!

IoT-Sys@ACM MobiSys 2015

Two papers accepted for ACM MobiSys Workshop IoT-Sys.

Minister Wanka visited our Internet security demo@CeBIT

Federal Minister of Education and Research, Prof. Johanna Wanka, visited our demo about prefix hijacking and prevention at CeBIT 2015.

Peeroskop@CeBIT 2015

We present prefix hijacking, countermeasurements (RPKI), and some of our tools to secure the Internet at BMBF booth. Visit us hall 9, booth D40. German press release. English press release.

RIOT accepted for GSOC 2015

RIOT has been accepted as a mentoring organization for Google Summer of Code 2015. Interested students should apply for ascholarship.


Will participate in the Dagstuhl Seminar "Secure Routing for Future Communication Networks" :).

Paper@TMA 2015

RIOT is partner of Ubuntu

RIOT represents the micro-controller operating system in the Snappy Ubuntu Core partner program. Great success for one of our open source projects.


Communication Chair of ACM ICN 2015, which is sponsored by ACM and ACM SIGCOMM. Please, consider the CfP.

New version of RTRlib

Version 0.3 of our RTRlib is available.


Poster Co-Chair of IEEE/ACM International Symposium on Quality and Service (IWQoS), held in conjunction with ACM FCRC'15. Please, consider the CfP.

Technical Report online

Timur Friedman visits us

Timur Friedman will give a talk about OneLab, Dec. 12, 2104. Feel free to join.

RPKI Talk@eco/DE-CIX

Talk at the meeting "SAVE us from IP Spoofing and Prefix Hijacking" of the comptence group Infrastructure Security of eco/DE-CIX.

RFC 7411 published

Our work on "Multicast Listener Extensions for Mobile IPv6 (MIPv6) and Proxy Mobile IPv6 (PMIPv6) Fast Handovers" has been published in RFC 7411.

Pekka Nikander visits us

Pekka Nikander and his colleague Teemu Hakala visit us Oct. 1-2, 2014. They will present ELL-i, and we will discuss current IoT challenges from the hardware and software side. Feel free to join.

Paper@ACM ICN 2014

Our ICN-IoT paper "Information Centric Networking in the IoT: Experiments with NDN in the Wild" was accepted for presentation at ACM ICN. Acceptance ratio is 18%.

OMNeT++ Proceedings online

The Proceedings of the 1st OMNeT++ Community Summit 2014 are online. The event was definitely a success, we will continue next year.

RTRlib towards BGPSEC

We extended our RTRlib to support upcoming Internet security. Check GitHub.

ITworldd and Slashdot feature one of our papers

ITworld features our work about better disaster response by leveraging the IoT. It has been reposted on Slashdot.

libcppa is now CAF

The community and features around our open source actor library for C++ increased in the last few years. We decided for a re-branding, libcppa is now part of the C++ Actor Framework, or short CAF.

Paper about IoT & ICN

Paper about IoT & Resilience

Our technical report about "The Role of the Internet of Things in Network Resilience" is online.

RFC 7287 published

Our work on "Mobile Multicast Sender Support in Proxy Mobile IPv6 (PMIPv6) Domains" has been published in RFC 7287.


Our demo about "Native Actors: How to Scale Network Forensics" will be presented at ACM SIGCOMM 2014.

Paper@IEEE LCN 2014

BGP Security: BIRD & RPKI

Try the beta version of our CLI to automatically update ROA table in BIRD. Based on RTRlib.

Paper@ISCRAM 2014

Our socio-technical paper about "Towards a theoretical framework of acceptance for surveillance systems at airports" has been published in the proceedings of ISCRAM.

Exhibitor@LinuxTag 2014

We will present RIOT, the friendly OS for the IoT, at LinuxTag 2014.


TPC member of Symposium on Selected Areas in Communications Internet of Things Track.


RFC 7128 published

Our RPKI router implementation report has been published in RFC 7128.

CeBIT 2014

Will present our project SAFEST on the world's largest and most international computer expo. Please visit us at the joint Fraunhofer booth E40, hall 9.

Paper@W3C/IAB Workshop STRINT


Our demo about "Simply RIOT: Teaching and Experimental Research in the Internet of Things" has been accepted for 13th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).



TPC member of Capacity Sharing Workshop, which is co-located with ACM SIGCOMM 2014.


Editorial Liaison Chair in the Organizing Committee of the 39th IEEE Conference on Local Computer Networks. Please consider the CfP.

RFC 7046 published

After four years of continuous activity, our work on "A Common API for Transparent Hybrid Multicast" has been published as RFC 7046.

Dagstuhl Report online


TPC member of track Selected Areas in Communications Symposium.

Open PhD Position

If you are interested in Internet backbone measurement, analysis, and security look here. It's part of the project Peeroskop.


TPC member of 17th International Symposium on Wireless Personal Multimedia Communication.

IETF Journal

The current IETF Journal reports about our activities to involve students in IETF 87, and the MANIAC Challenge. Full PDF version.

Dagstuhl Invitation

Talk at BSI

Gave a talk about RPKI at the Federal Office for Information Security (BSI), Germany.


TPC member of Symposium on Selected Areas in Communications Internet of Things Track.

heise reports about RPKI

In this article, heise online discusses RPKI and some of our projects in this context. RPKI helps against traffic redirection in the Internet.

RPKI Workshop

USENIX Security/CSET'13

Our paper about RTRlib, an open-source C library for RPKI/RTR and prefix origin validation, has been accepted.


TPC member of Capacity Sharing Workshop (CSWS'13), in conjunction with ICNP 2013.

SIIS Workshop

Quagga + RPKI

Beta version online. Check out and install.

Co-editor of special issue in journal Elsevier Computer Communications

Please, consider the CfP for the SI on "Current and Future Architectures, Protocols, and Services for the Internet of Things".


Presenting two posters, one about "Topology Authentication in RPL", and one about "RIOT OS: Towards an OS for the Internet of Things". And, pick up your RIOT shirt ;).

MANIAC Challenge 2013

Co-organizing the 3rd MANIAC Challenge. Please, consider the call for submissions.

Paper accepted at IFIP Networking

Our paper about ICN infrastructure robustness and security has been accepted for IFIP Networking 2013.

Two talks at CAIDA

I gave a presentation about "The Internet - A Critical Infrastructure", and another about "RPKI in the Wild. Prefix Origin Validation at BGP Routers" at CAIDA.

RPKI Validator for Firefox online

Try out! Based on RTRlib.

Dagstuhl Report online

MPTCP port for Android online

In the SKIMS project, we ported UCLouvain MPTCP implementation to Android 4.1.2. If you are interested in running MPTCP at Google Nexus S, please, have a look at GitHub.

Chester W Sall Memorial Award 2012

Received the first place of this award for a paper published in IEEE Transactions on Consumer Electronics, vol. 55, no. 18, 2011. The award was given and presented at the IEEE ICCE 2013.


Co-organizing marathon

I co-organize several scientific events in 2013: IEEE ICNP, OMNeT++, HotPOST, IEEE LCN. Please, consider the upcoming CfPs.

NDSS 2013

Invited to give a short talk about our RPKI/RTR implementation and some deployment insights.


Invited to give a talk at technical workshop of the Berlin Internet Exchange Point - Germany's second largest IXP - about "Secure Inter-domain Routing", November 2012.

EuroSys 2013

Selected for EuroSys 2013 shadow TPC :).

Co-organizing OMNeT++ 2013

I serve as workshop chair of OMNeT++ 2013. Please, consider the CfP.

CoNEXT 2012: Two posters and student travel grant accepted

Will attend ACM CoNEXT'12. Our posters are about the relevance of autonomous systems and actor-based data center networking.

Socio-inspired ad hoc trust

How to derive trust from communication patterns at smartphones? In May, we published some results as technical report.

Dagstuhl ICN Seminar


3 posters and one demo presented at ACM SIGCOMM 2012.

Dagstuhl Seminar accepted

Our Dagstuhl Seminar on the Critical Internet Infrastructure has been accepted.