Marcel Waldvogel

Marcel Waldvogel
Universität Konstanz | Uni-Konstanz · Department of Computer and Information Science

Dr. sc. techn.

About

152
Publications
29,980
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,347
Citations
Additional affiliations
December 2004 - present
Universität Konstanz
Position
  • Professor (Full)

Publications

Publications (152)
Conference Paper
Full-text available
Today most used devices are connected with each other building the Internet of Things (IoT). A variety of protocols are used depending on the underlying network infrastructure, application (e.g., Smart City, eHealth), and device capability. The judgment of the security feeling of the data sharing depends on personal settings (e.g., easy to use, enc...
Conference Paper
Full-text available
An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the cri...
Technical Report
Full-text available
Today most used devices are connected with each other building the Internet of Things (IoT). They communicate with each other directly and share data with a plethora of other devices indirectly by using the underlying network infrastruc- ture. In both cases a variety of protocols are used depending on infrastructure, application (e.g., Smart City,...
Technical Report
Full-text available
An appealing property to researchers, educators, and students is the openness of the physical environment and IT infrastructure of their organizations. However , to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the cr...
Technical Report
Full-text available
The sheer number of devices in the Internet of Things (IoT) makes efficient device integration into a user’s home or corporate network a nightmare. More and more owners lose control over their devices, often due to badly chosen security defaults, software bugs, or broken protocols. The lack of user interface and the long period of device usage incr...
Conference Paper
When mobile devices at the network edge want to communicate with each other, they too often depend on the availability of faraway resources. Feasible user-friendly service discovery is essential for direct communication. DNS Service Discovery over Multicast DNS (DNS-SD/mDNS) is widely used for configurationless service discovery in local networks;...
Article
Full-text available
Hashing has yet to be widely accepted as a component of hard real-time systems and hardware implementations, due to still existing prejudices concerning the unpredictability of space and time requirements resulting from collisions. While in theory perfect hashing can provide optimal mapping, in practice, finding a perfect hash function is too expen...
Article
Full-text available
The domain name system (DNS) is one of the core services in today's network structures. In local and ad-hoc networks DNS is often enhanced or replaced by mDNS. As of yet, no simulation models for DNS and mDNS have been developed for INET/OMNeT++. We introduce DNS and mDNS simulation models for OMNeT++, which allow researchers to easily prototype an...
Conference Paper
Full-text available
SRV records, DNSSEC, and DANE among others fortify the Domain Name System as the central information hub behind the Internet. Largely hidden from the end user, an increasing number of protocol and trust decisions are contingent on DNS. Neglect or attacks on DNS have much more impact today than ever, now endangering security far beyond denial of ser...
Conference Paper
Full-text available
In today's local networks, a significant amount of traffic is caused by Multicast packets, such as Multicast DNS Service Discovery (mDNS-SD), a widespread technique used for configurationless service distribution and discovery. It suffers from two major problems inherent in multicast: privacy and network load. We present a privacy extension for the...
Conference Paper
Full-text available
If it isn't on the web, it doesn't exist. However, most of our current arsenal of web services are provided for free by large international corporations – free as in targeted ad-vertising. More privacy-aware self-hosted alternatives frequently lack the feature set of their commercial rivals, leaving users to decide between privacy and functionality...
Conference Paper
Full-text available
The domain name system (DNS) is one of the core services in today’s network structures. In local and ad-hoc networks DNS is often enhanced or replaced by mDNS. As of yet, no simulation models for DNS and mDNS have been developed for INET/OMNeT++. We introduce DNS and mDNS simulation models for OMNeT++, which allow researchers to easily prototype an...
Conference Paper
Full-text available
If it is not in the web, it does not exist. However, most of our current arsenal of web services are provided for free by large international corporations – free as in targeted advertising. More privacy-aware self-hosted alternatives frequently lack the feature set of their commercial rivals, leaving users to decide between privacy and functionalit...
Conference Paper
Full-text available
In today’s local networks, a significant amount of traffic is caused by Multicast packets, such as Multicast DNS Service Discovery (mDNS-SD), a widespread technique used for configurationless service distribution and discovery. It suffers from two major problems inherent in multicast: privacy and network load. We present a privacy extension for the...
Conference Paper
Full-text available
SRV records, DNSSEC, and DANE among others fortify the Domain Name System as the central information hub behind the Internet. Largely hidden from the end user, an increasing number of protocol and trust decisions are contingent on DNS. Neglect or attacks on DNS have much more impact today than ever, now endangering security far beyond denial of ser...
Patent
Full-text available
Methods for searching a range in a set of values in a network with distributed storage nodes. An example of a method for searching a range in a set of values in a network with distributed storage nodes according to the invention comprises the following steps. First, the range is divided up into a set of subranges by means of a hierarchical structur...
Article
Full-text available
Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applications. Botnet-based brute-force password scans are a common security threat against the open academic networks. Common de- fenses are hard to maintain, error-prone and do not reliably discriminat...
Conference Paper
Full-text available
Multicast DNS Service Discovery (mDNS-SD), made fashionable through Apple's Bonjour, is a prevalent technique allowing service distribution and discovery in local networks without configuration (Zeroconf). Possible application areas are device synchronization, instant messaging, VoIP, file and screen sharing. It is very convenient for users, becaus...
Conference Paper
Full-text available
In today's local networks a significant amount of traffic is caused by Multicast DNS Service Discovery (mDNS-SD), a prevalent technique used for configurationless service distribution and discovery. It allows users to offer and use services like device synchronization, file sharing, and chat, when joining a local network without any manual configur...
Conference Paper
Full-text available
Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applica-tions. Botnet-based brute-force password scans are a common security threat against the open academic networks. Common defenses are hard to maintain, error-prone and do not reliably discriminate...
Article
Full-text available
Instant Messaging, Audio- und Videoanrufe, kurz Chat, ist aus unserem täglichen Leben nicht mehr wegzudenken. Die meisten nutzen dafür geschlossene Systeme, die für den Privatgebrauch bequem sind, für den dienstlichen Einsatz in Forschung und Lehre aber an Datenschutz und Privatsphäre scheitern. Das muss nicht so sein: Auf Basis des offenen, föderi...
Technical Report
Full-text available
Homepages von Forschern, Informationsseiten der Verwaltung, Support-und Beratungsseiten, Webmail oder sonstige Groupware begleiten uns bei der täglichen Arbeit im akademischen Umfeld. Unmittelbare Rückfragen zu den Inhalten oder In-teraktionen sind jedoch weiterhin nicht möglich; eine Integration von Direktkontak-ten wäre häufig angenehm und hilfre...
Article
Full-text available
Epidemic routing (Flooding) is considered as a simple routing protocol for opportunistic networks where the participants attempt to transmit whatever information they have to everyone who does not already have that information. However, it is plagued with disadvantages of resource scarcity as it exerts stress on available bandwidth as well as stora...
Article
Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applications. Botnet-based brute-force password scans are a common security threat against the open academic networks. Common de- fenses are hard to maintain, error-prone and do not reliably discriminat...
Article
Instant Messaging, Audio- und Videoanrufe, kurz Chat, ist aus unserem täglichen Leben nicht mehr wegzudenken. Die meisten nutzen dafür geschlossene Systeme, die für den Privatgebrauch bequem sind, für den dienstlichen Einsatz in Forschung und Lehre aber an Datenschutz und Privatsphäre scheitern. Das muss nicht so sein: Auf Basis des offenen, föderi...
Technical Report
Several network applications, like service discovery, file discovery in P2P networks, distributed hash tables, and distributed caches, use or would benefit from distributed key value stores. The Domain Name System (DNS) is a key value store which has a huge infrastructure and is accessible from almost everywhere. Nevertheless storing information in...
Article
Full-text available
Social networking is moving to mobile phones. This not only means continuous access, but also allows to link virtual and physical neighbourhood in novel ways. To make such systems useful, personal data such as lists of friends and interests need to be shared with more and frequently unknown people, posing a risk to your privacy. In this paper, we p...
Article
Full-text available
In cellular networks, the locations of all subscribers are continously tracked even when they only passively carry their mobile devices with them. This privacy sensitive data can be an invaluable source of information, not only for benevolent parties. We therefore present CallForge, the concept of a location management scheme that preserves the sub...
Technical Report
Full-text available
Cloud storage promises unlimited, flexible and cheap storages, including all-time availability and accessibility with the help of various technologies. Free-of-charge offers for endusers allure customers the same way as professional, pay-as-you-go storages do. The delocalization of the data provokes security concerns especially regarding the confid...
Patent
There are introduced ways for retrieving or depositing a replica of an electronic document in a computer network. After having selected at least one replica number, a given function is applied. The function requires as input the replica number and a document identifier. The function returns as a result at least one entity identifier, each entity id...
Technical Report
Cloud Storages combine high availability with the unencessity to maintain any own infrastructure and all-time availability. A wide field of different providers offer a flexible portfolio for any technical need and financial possibility. Yet, the possibilities of different cloud storage providers have all one issue in common: Basic storage is cheap...
Technical Report
Cloud storage promises unlimited, flexible and cheap storages, including all-time availability and accessibility with the help of various technologies. Free-of-charge offers for endusers allure customers the same way as professional, pay-as-you-go storages do. The delocalization of the data provokes security concerns especially regarding the confid...
Conference Paper
Full-text available
Not only does storing data in the cloud utilize specialized infrastructures facilitating immense scalability and high availability, but it also offers a convenient way to share any information with user-defined third-parties. However, storing data on the infrastructure of commercial third party providers, demands trust and confidence. Simple approa...
Article
Full-text available
Java Remote Method Invocation (RMI) is a built-in and easy-to-use framework for the distribution of remote Java objects. Its simplicity and seamless inter-virtual machine communication has made it a valuable tool for distributed services. It nevertheless exhibits certain constraints that practically limit RMI applications to the classical client/se...
Conference Paper
Full-text available
With the beginning of the 21st century emerging peer-to-peer networks ushered in a new era of large scale media exchange. Faced with ever increasing volumes of traffic, legal threats by copyright holders, and QoS demands of customers, network service providers are urged to apply traffic classification and shaping techniques. These systems usually a...
Conference Paper
Full-text available
During the last decade, large scale media distribution populated peer-to-peer applications. Faced with ever increasing volumes of traffic, legal threats by copyright holders, and QoS demands of customers, network service providers are urged to apply traffic classification and shaping techniques. These highly integrated systems require constant main...
Conference Paper
Full-text available
Zur organisationsübergreifenden Nutzung von IT-Diensten werden Dienst-Föderationen gebildet. Dabei kann das Nutzerkonto der sogenannten Heimateinrichtung auch zum Zugriff auf nicht-lokale Dienste genutzt werden. Während die Integration webbasierter Dienste in Föderationen mit SAML und beispielsweise Shibboleth mittlerweile in vielen Anwendungsberei...
Article
Full-text available
Most of the existing opportunistic network routing protocols are based on some type of utility function that is directly or indirectly dependent on the past behavior of devices. The past behavior or history of a device is usually referred to as contacts that the device had in the past. Whatever may be the metric of history, most of these routing pr...
Conference Paper
Full-text available
Setting up connections to hosts behind Network Address Translation (NAT) equipment has last been the subject of research debates half a decade ago when NAT technology was still immature. This paper fills this gap and provides a solid comparison of two essential TCP hole punching approaches: sequential and parallel TCP hole punching. The comparison...
Conference Paper
Full-text available
Routing in opportunistic networks heavily relies on past behavior of the mobile devices it is formed of to predict their future and thus making routing decisions. While almost every protocol relies on this history, its prediction quality has never been studied in a realistic setting. Using extensive simulations on real traces, we are able to descri...
Conference Paper
Full-text available
The potentials of REST offers new ways for communications between louse coupled entities featured through the Web of Things [12]. The binding of the disjunct components of this architecture creates security issues, such as the centralized authorization techniques respecting the independence of the underlying entities. This results in the question h...
Conference Paper
Full-text available
The big challenge of routing in opportunistic mobile networks, overlooked by most researchers, is to not only find any path to the destination, but a path that is stable and powerful enough to actually carry the message. Few attempts addressed this problem, all of them under controlled scenarios, avoiding the complexity of real-world connectivity....
Conference Paper
Full-text available
Routing in Opportunistic Networks, as a relatively young discipline, still lacks coherent, simple and valid benchmarks. It is customary to use epidemic routing as performance benchmark for Opportunistic Networks. We identify and describe the current simulation practices that do not expose the shortcomings of flooding as an upper bound. In this pape...
Conference Paper
Full-text available
While multiple techniques exist to utilize the tree structure of the Extensible Markup Language(XML) regarding integrity checks, they all rely on adaptions of the Merkle Tree: All children are acting as one slice regarding the check-sum of one node with the help of an one-way hash concatenation. This results in postorder traversals regarding the (r...
Conference Paper
Full-text available
The REpresentational State Transfer (REST) represents an extensible, easy and elegant architecture for accessing web-based re- sources. REST alone and in combination with XML is fast gaining mo- mentum in a diverse set of web applications. REST is stateless, as is HTTP on which it is built. For many applications, this not enough, es- pecially in th...
Technical Report
Full-text available
Since the advent of P2P networks they have grown to be the biggest source of internet traffic, superseding HTTP and FTP. For service providers P2P traffic results in increased costs for both infrastructure and transportation. Interest is high to reliably identify the type of service to ensure quality of service. In this document we analyze P2P netw...
Technical Report
Since the advent of P2P networks they have grown to be the biggest source of internet traffic, superseding HTTP and FTP. For service providers P2P traffic results in increased costs for both infrastructure and transportation. Interest is high to reliably identify the type of service to ensure quality of service. In this document we analyze P2P netw...
Article
Full-text available
We propose a new, streamlined, two-step geographic visual analytics (GVA) workflow for efficient data storage and access based on a native web XML database called TreeTank coupled with a Scalable Vector Graphics (SVG) graphical user interface for visualization. This new storage framework promises better scalability with rapidly growing datasets ava...
Technical Report
Full-text available
This report discusses our proposed improvements to Fast Hash Tables (FHT) which we name ’Efficient Hash Table’ (EHT) where ’efficient’ relates to both memory efficiency and lookup performance. The mechanism we use to design the EHT lead to improvements in terms of SRAM memory requirements by the factor of ten over the FHT. Our results back the theo...
Conference Paper
Full-text available
For most mobile networks, providers need the current position of their users to provide efficient service. The resulting motion data is not only an invaluable source for analyzing traffic or flow patterns, but also for tracking an individual's whereabouts, even without their knowledge. Today, many carry at least one mobile networked device with the...
Article
Full-text available
We propose a new, streamlined, two-step geographic visual analytics (GVA) workflow for efficient data storage and access based on a native web XML database called TreeTank coupled with a Scalable Vector Graphics (SVG) graphical user interface for visualization. This new storage framework promises better scalability with rapidly growing datasets ava...
Article
Full-text available
While more and more applications require higher network bandwidth, there is also a tendency that large portions of this bandwidth are misused for dubious purposes, such as unauthorized VoIP, file sharing, or criminal botnet activity. Automatic intrusion detection methods can detect a large portion of such misuse, but novel patterns can only be dete...
Conference Paper
Full-text available
New social networks are born each day, at a formal conference, at informal social gathering, at family reunions etc. Internet has already been playing an important role in modern way of socialising. But it is still not the optimal way of interaction as one has to be very active updating profiles. With the easy access to mobile devices, modern techn...
Article
Full-text available
Users and providers increasingly disagree on what Denial of Service (DoS) is. For example, an ISP might consider large multimedia downloads an attack to overload its infrastructure or have it pay high interconnection fees. On the other hand, a user will certainly consider selective bandwidth reduction that is used by ISPs as a countermea- sure, as...
Conference Paper
Full-text available
Many applications of ad-hoc networks include intermittent connectivity. Anyone wishing to implement routing into her delay-tolerant network can select from a wide variation of options, but the choice is hard, as there is no strong comparative evidence to the relative performance of the algorithms. Every paper uses a different setting, mostly far fr...
Article
Full-text available
The importance of the Internet and our dependency on computer networks are steadily growing, which results in high costs and substantial consequences in case of successful intrusions, stolen data, and interrupted services. At the same time, a trend towards massive attacks against the network infrastructure is noticeable. Therefore, monitoring large...
Article
Full-text available
In contrast to relational databases the distribution of document-centric XML is not well researched. While there are some suggestions on how to split and distribute large XML documents, these approaches do not consider the parallel query evaluation. In this paper, we present and compare five different algorithms to search after suitable split nodes...
Conference Paper
Full-text available
Interest in distributed storage is fueled by demand for reliability and resilience combined with decreasing hardware costs. Peer-to-peer storage networks based on distributed hash tables are attractive for their efficient use of resources and resulting performance. The placement and subsequent efficient location of replicas in such systems remain o...
Conference Paper
Full-text available
This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only propose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a light...
Conference Paper
Full-text available
Bloom filters impress by their sheer elegance and have become a widely and, perhaps, indiscriminately used tool in network applications, although, as we show, their performance can often be far from optimal. Notably in application areas where false negatives are tolerable, other techniques can clearly be better. We show that, at least for a specifi...
Article
Full-text available
The research project KTI Da CaPo++ is based on the project Da CaPo (Dynamic Configuration of Protocols) at the ETH. The extended system of Da CaPo++ provides a basis for an application framework for, e.g., banking environments and tele-seminars. It includes the support of prototypical multimedia applications to be used on top of high-speed networks...
Article
Full-text available
Two competing encoding concepts are known to scale well with growing amounts of XML data: XPath Accelerator encoding implemented by MonetDB for in-memory documents and X-Hive's Persistent DOM for on-disk storage. We identified two ways to improve XPath Accelerator and present prototypes for the respective techniques: BaseX boosts in-memory performa...