Institute of Computer Science
Freie Universität Berlin
Phone: +49 30 838 50072
Fax: +49 30 838 450072
Office Hours: Stop by, or write an email to make an appointment.
I am a senior researcher in the Computer Systems & Telematics group at Freie Universität Berlin, heading the research activities on Internet technologies. My research and teaching focus on efficient, reliable, and secure Internet communication. This includes the design and evaluation of networking protocols and architectures, as well as Internet topology measurements and analysis. My efforts are driven by transforming solid research into practice, trying to improve Internet-based communication. More details in the complete CV.
I studied Computer Science and Contemporary German Literature at FU Berlin. Furthermore, I am an associated member of the Internet Technologies (INET) research group at HAW Hamburg and a co-founder of link-lab.
If you are looking for a bachelor/master thesis or project topic in one of the research areas, please, do not hesitate to contact me. You will find some additional advice in the teaching section.
|X-Check||The overall goal of X-Check (Cross-Check) is to provide improved security for ICT-systems by leveraging data from Internet Exchange Points (IXP). X-Check designs and implements a system for the large-scale detection of (a) known security incidents and (b) novel, unconventional anomalies at central Internet nodes.|
|Peeroskop||The objective of the Peeroskop project is the design and development of a system for the observational analysis of the Internet part's relevant for Germany, as well as the proactive and reactive protection of the backbone routing. Core components of the project are mechanisms for information fusion and information classification based on passive and active measurements which discover vulnerabilities in the Internet peering beforehand and bypass emerging disruptions. More information is available on the project homepage.|
|ICN||Information-centric networking (ICN) proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. We analyze threats to the stability and security of the content distribution system in theory and practical experiments. More information is available in our report.|
|RIOT||RIOT is the friendly operating system for the Internet of Things. It leverages a microkernel to provide an energy-efficient operating system for IoT solutions. It is developer-friendly, resource-friendly, and IoT-ready. More information is available on the project homepage.|
|CAF_C++ Actor Framework||The C++ Actor Framwork, or short CAF, is an open source implementation of the actor model for C++11. It extends the actor model with several features such as a lock-free mailbox and transparent group semantics to ease development of distributed systems based on multicast technologies. More information is available on the project homepage.|
|SAFEST||This Franco-German project aims at a comprehensive solution to ensure the safety and security of the general public and critical infrastructures. Specifically, SAFEST addresses the problems of crowd control and area surveillence at airports. More information is available on the project homepage.|
|RPKI||The RTRlib is an open-source C implementation of the RPKI/Router Protocol client. The library allows to fetch and store validated IP prefix origin data from a cache as well as the origin verification of IP prefixes. It supports different types of transport sessions (e.g., SSH, unprotected TCP) and is easily extendable. The library helps to secure the Internet backbone routing protocol, BGP. More information is available on the project homepage.|
|Routing Atlas||The Internet was originally shaped as a fully decentralized, cooperative packet transport system that offered transmission services to those who were willing to inter-connect. Its scalable architecture aimed at supporting a global information infrastructure without the requirement of national contributions, regulations or governmental support. Meanwhile the Internet has matured to an almost mission-critical infrastructure for global communication, but also for enabling key operations of public administration and business affairs, of research, education, and entertainment within individual countries. In this project, we identify, characterize, and visualize the fraction of the Internet that serves as the nation-centric communication system of Germany. Starting from the RIPE database and harvesting several additional databases, route monitors and Internet measurement projects, we extract the minimal routing graph that interconnects all members, as well as a subset of relevant players within the German Internet. The results may help to identify IP prefix hijacking or weak transits. Preliminary results have been published here and here.|
|REALMv6||REALMv6 is an open initiative to investigate and accelerate protocols and deployment in the field of real-time and multicast mobility in IPv6. The research targets at a next generation mobile Internet and includes applications for a mobile, IPv6-enabled Internet, analysis of handover performance & optimization as well as concepts and corresponding analysis for evolving IPv6 mobility protocols. More information is available on the realmv6 homepage.|
|SKIMS||The objective of SKIMS lies in the design, development and implementation of a cross-layer security system for mobile devices. Detection mechanisms as well as a proactive and reactive defense of attacks are core components of this project. The vision of a digital immune system will be demonstrated in a proof of concept in terms of an extended security application for mobile phones. Analog to a traffic light system, the mobile signals the current level of risk to the user and relaxes the status wherever applicable. This transparency allows users to regain trust that was lost previously in insecure environments. More information is available on the SKIMS homepage.||HAMcast||The objective of HAMcast lies in the development and practical analysis of a component for group communication as part of a multiservice Internet architecture. Encapsulated by an application-transparent API, HAMcast enables the global provisioning of a hybrid, adaptive multicast service. Its architecture will follow an evolutionary model using a universal service middleware that does neither require a deployment by providers, nor dedicated network implementations by application programmers. All results will be deployed within the German Lab (G-Lab) and may serve as the basis for new, group-oriented systems and applications. HAMcast includes (a) Open Multi-Service Architecture, (b) Universal, Layer-Transparent API, (c) Mobility-Transparent Routing, (d) ISP Service Interaction between Overlay and Underlay, and (e) Experimentally Driven Optimization and Refinement. The FU Berlin is an associated partner. More information is available on the HAMcast homepage.|
|AuthoCast||Mobile multicast scenarios like IPTV or group conferencing are likely to soon extend into the mobile world: A sportscaster (without support of tradional, expensive broadcasting equipment) may feed its live stream from a sailing regatta to an Internet TV channel. But how to prevent an attacker from hijacking this open Internet channel? AuthoCast defines a protocol scheme that allows for authentication of mobile Multicast senders in native IP and overlay networks. More information is available on the AuthoCast homepage.|
|hylOs||The Hypermedia Learning Object System (hylOs) is an adaptive eLearning content management system and runtime environment, built upon a sophisticated information object model tailored from the IEEE LOM (Learning Object Metadata) standard. hylOs comprises instructional design concepts and tools, a content acquisition and analysis engine for semi-automated generation and annotation of eLearning Objects, as well as an Ontological Evaluation Layer for concluding relations between eLearning Objects, bundled with a sophisticated repository and platform-independent authoring environment. More information is available on the hylOs homepage.|
|Moviecast||The aim of the project Moviecast is the design and development of an Internet based videoconference solution for mobile devices. The solution will consist purely in software, ready to run on standard devices (PDAs) under current operating systems (e.g. Windows Mobile). All software components will be standard compliant. The result of the project will be a highly optimized software library, which encodes and decodes video streams in real-time and supports user and session mobility as well as secured and optimized mobile group communication. More information is available on the Moviecast homepage.|
Please, consider this advice if you want to work with me. This also includes some basic publication venues in the field I'm working.
Do not hesitate to contact me if you are interested in one of my research areas or projects. Decide on an area of interest and we can discuss a specific thesis topic.
|WS 2011/12:||PS Technische Informatik|
|SoSe 2011:||PS Technische Informatik|
|S Seminar Technische Informatik|
|WS 2010/11:||PS Technische Informatik|
|S Seminar Technische Informatik|
|SoSe 2010:||PS Technische Informatik|
|S Technische Informatik - Network Organization and Protocols|
|WS 2009/10:||V/Ü Telematik|
|S Technische Informatik - Mobile Ad-hoc Networks|
|PS Technische Informatik|