Tobias Heer

Hochschule Esslingen · Computer Science and Engineering

Today, industrial real-time communication is commonly designed based on two key principles to satisfy the challenging Quality of Service (QoS) requirements of industrial applications: a) local communication and b) purpose-built networks. IEEE Time-Sensitive Networking (TSN) and IETF Deterministic Networking (DetNet) promise to lift these two limita...

Zusammenfassung In view of recent cyberattacks and new regulatory requirements, companies in different industries and countries are forced to implement additional IT security measures. Nevertheless, a large number of services with vulnerable or outdated software can be found on the Internet. In this work, we investigate whether industry-specific di...

In view of recent cyberattacks and new regulatory requirements, companies in different industries and countries are forced to implement additional IT security measures. Nevertheless, a large number of services with vulnerable or outdated software can be found on the Internet. In this work, we investigate whether industry-specific differences exist...

The Industrial Internet of Things, Industry 4.0 and cloud computing are fundamentally transforming today’s industrial networks towards high connectivity. At the same time, the number of cyber-attacks against industrial infrastructure increased drastically over the last years, requiring to tightly limit the connectivity between the networked devices...

Drahtlosen Funklösungen haftet immer noch der Makel der Störbarkeit und Unzuverlässigkeit an. Durch die Verwendung von Redundanztechniken wie dem Parallel Redundancy Protocol (PRP) lässt sich die Verfügbarkeit deutlich erhöhen.

Kooperative Netze beruhen auf dem Prinzip der Zusammenarbeit von Benutzern auf Netzwerkebene. Sie ermöglichen dabei Kommunikation, wo andere Netzformen an wirtschaftliche oder technische Grenzen stoßen. Beispiele für kooperative Netzwerke sind dezentrale drahtlose Mesh-Netzwerke, Wi-Fi-Communities oder hybride Formen dieser Netzwerk-Typen. In koope...

Wireless mesh networks (WMNs) provide high-bandwidth wireless network access to mobile clients in extensible, robust multi-hop networks. WMNs support distributed service provision and data storage, catering to the advanced capabilities of current mobile devices. Services and data discovery using undirected broadcast or multicast messages, as in tra...

Distributed Hash Tables (DHTs) offer an elegant and fully distributed solution for reliably storing and retrieving data. Wireless Mesh Networks (WMNs) envision a fully decentralized fashion, and as such require efficient decentralized mechanisms for service discovery, mobility support and data storage and retrieval. Hence, DHTs and WMNs seem to com...

On-path network elements, such as NATs and firewalls, are an accepted commonality in today's networks. They are essential when extending network functionality and providing additional security. However, these so called middleboxes are not explicitly considered in the original TCP/IP-based network architecture. As a result, the protocols of the TCP/...

Many efforts of the network research community focus on the introduction of a new identifier to relieve the IP address from its dual role of end-host identifier and routable locator. This identifier-locator split introduces a new identifier between human readable domain names and routable IP addresses. Mapping between identifiers and locators requi...

A direct interpretation of the term Internet of Things refers to the use of standard Internet protocols for the human-to-thing or thing-to-thing communication in embedded networks. Although the security needs are well-recognized in this domain, it is still not fully understood how existing IP security protocols and architectures can be deployed. In...

Municipal Wi-Fi networks aim at city-wide wireless access to selected city services for a variety of users. Collaborative Muni-Fi approaches use existing private access points and provide controlled access to these services. However, the distributed and decentralized nature of a network comprised of strangers makes access control challenging. We pr...

Cooperation enables single devices or applications to estab-lish systems that exceed the capabilities of single entities. A prime example for cooperation are Wi-Fi-sharing networks, in which multiple parties cooperatively share their resources, such as wireless access points and Internet uplinks, to form a large-scale Wi-Fi network that offers acce...

Network emulation brings together the strengths of network simulation (scalability, modeling flexibility) and real-world software prototypes (realistic analysis). Unfortunately network emulation fails if the simulation is not real-time capable, e.g., due to large scenarios or complex models. So far, this problem has generally been addressed by prov...

Large-scale municipal wireless networks are currently being established all around the world. These networks provide a rich set of local services, such as tourist guides, environmental information, pedestrian navigation, and local shopping guides. As recent financial failures of prominent municipal wireless networks show, it is economically challen...

Municipal Wi-Fi networks aim at providing Internet access and selected mobile network services to citizens, travelers, and civil servants. The goals of these networks are to bridge the digital divide, stimulate innovation, support economic growth, and increase city operations efficiency. While establishing such urban networks is financially challen...

The concept of network emulation brings together the flexibility of network simulations and the accuracy of real-world prototype implementations. However, this approach suffers from the fundamental problem of simulation overload which occurs if the simulation is not able to execute in real-time. We tackle this problem with a concept we call Synchro...

Wireless sensor networks are going to allow for ubiquitous health monitoring, improving users' well-being, making the healthcare system more efficient, and helping to quickly react on emergency situations. Meeting the strict security needs of ubiquitous medical applications is a big challenge: safety and privacy of patient data has to be guaranteed...

Wireless sensor networks are going to allow for ubiquitous health monitoring, improving users' well-being, the healthcare system, and helping to quickly react on emergency situations. Meeting the strict security needs of these ubiquitous medical applications is a big challenge, since safety and privacy of medical data has to be guaranteed all the w...

Today, middleboxes such as firewalls and network address translators have advanced beyond simple packet forwarding and address mapping. They also inspect and filter traffic, detect network intrusion, control access to network resources, and enforce different levels of quality of service. The cornerstones for these security-related network services...

Die Allgegenwärtigkeit mobiler und drahtlos kommunizierender IP-Geräte steht in starkem Kontrast zur häufig unzureichenden Mobilitätsunterstützung in den heute verwendeten Kommunikationsprotokollen. Ein erfolgversprechendes Protokoll zur Behebung dieses Misstands ist das Host Identity Protocol (HIP), welches dezentrales und infrastrukturloses Mobil...

Key agreement and digital certificates allow bootstrapping secure communication links and verifying identities or information. Thus, they are the cornerstone of many basic security functionalities. However, the resource-constrained nature of wireless sensor nodes limits the use of traditional solutions in wireless sensor networks. We propose a nove...

In recent years numerous solutions for overcoming the architectural constraints of the Internet have emerged. One of the most promising among them is the Host Identity Protocol (HIP) [2], which was recently approved as an experimental standard by the IETF. HIP adds an additional protocol layer between TCP and IP to implement the Identifier/Locator...

Although modularized protocol frameworks are flexible and adaptive to the increasing heterogeneity of networking environments, it remains a challenge to automatically compose communication stacks from protocol modules. The typical static classification into network layers or class hierarchies cannot appropriately accommodate cross-cutting changes s...

Network emulation, in which real systems interact with a network simulation, is a common evaluation method in computer networking research. Until now, the simulation in charge of representing the network has been required to be real-time capable, as otherwise a time drift between the simulation and the real network devices may occur and corrupt the...

Process management incorporates a plethora of models, which are expressed in different languages for different layers of abstraction. A holistic process modeling environment must provide means for dealing with three types of modeling constraints. First, it must ensure a model's correctness. Second, a modeling environment must account for compliance...

The proliferation of broadband Internet connections has lead to an almost pervasive coverage of densely populated areas with private wireless access points. To leverage this coverage, sharing of access points as Internet uplinks among users has first become popular in communities of individuals and has recently been adopted as a business model by s...

The Host Identity Protocol uses a wide range of cryptographicmechanisms to secure the Host Identity (HI) namespace, to securely establish a protected channel, to defend against Denialof- Service attacks, and to protect the mechanisms that, among other features, enable mobility and multihoming. This chapter introduces some basics that are necessary...

Apart from mobility and multihoming support, HIP also supports host authentication, payload encryption, and a cryptographic namespacewithout requiring changes to the network infrastructure or network applications. However, in particular, mobile devices with few CPU resources are slowed down by HIP. The poor performance of HIP on mobile devices resu...

Wireless multi-hop networks are particularly susceptible to attacks based on flooding and the interception, tampering with, and forging of packets. Thus, reliable communication in such networks quintessentially depends on mechanisms to verify the authenticity of network traffic and the identity of communicating peers. A major challenge to achieve t...

,Abstract Definition: ,A threatin a communication,network,is any possible event or sequence of actions that might lead to a violation of one or more security goals ,The actual realization of a threat is called an attack ,Examples: ,A hacker breaking into a corporate computer ,Disclosure of emails in transit ,Someone,changing,financial accounting,da...

Distributed sensor network protocols, such as routing, time synchronization or data aggregation protocols make use of collaborative techniques to minimize the consumption of scarce resources in sensors. However, compromised and misbehaving nodes are a serious threat, as an attacker can employ them to eavesdrop on communication, inject forged data,...

The demand for cheap broadband Internet for nomadic users has created a market for Internet sharing. Wi- Fi communities which allow their users to share their wired Internet connections have emerged and become increasingly popular. Organizations like FON promise to provide free wireless Internet access in many places. However, user authentication i...

Zusammenfassung Mobile Ad-hoc-Netzwerke und verteilte Hash-Tabellen (DHT) besitzen ähnliche Eigenschaften in Bezug auf Selbstorganisation, Dezentralisierung, mangelnde Infrastruktur und die Notwendigkeit von Redundanz. Die hohe Knotenmobilität und die Dynamik des Netzwerks sind jedoch eine besondere Herausforderung für das Design und insbesondere f...

While unstructured P2P systems have been embraced widely in mobile ad-hoc networks (MANETs), the applicability of structured approaches like distributed hash tables (DHTs) to such settings remains controversial. Existing research delivers promising empirical results addressing the concerns about performance, complexity, and reliability, but does no...

Recently, Distributed Hash Tables evolved to a preferred approach for de- centralized data management in widely distributed systems. Due to their crucial char- acteristics - namely scalability, flexibility, and resilience - they are quite interesting for being applied in ad-hoc networks. But, there are plenty of open questions concern- ing the appl...

This paper describes our work on the Alpha protocol [3] for the duration of our UROP project. Based on the origi-nal Alpha paper, which purely specifies the basic algorith-mic details of the protocol, we developed a fully functional Alpha implementation for IP networks. In this process, we significantly extended the functionality and behaviour of t...