Research

The Institute of Distributed Systems is actively researching scalability, reliability, security and privacy, self-organization, and complexity management issues in distributed systems. We apply our research to a wide range of practical use cases, including cloud computing and vehicular communication networks.

Teaching

Moreover, we offer lectures and projects related to our research, including computer networks, distributed systems, and security and privacy. Open theses and projects can be found on the corresponding web pages. For exams, please refer to corresponding details.

Social Media

Our Most Recent Publications

Kargl, F., Erb, B. and Bösch, C. 2023. Defining Privacy. Digital Phenotyping and Mobile Sensing: New Developments in Psychoinformatics. C. Montag and H. Baumeister, eds. Springer International Publishing. 461–463.
Kleber, S. and Kargl, F. 2022. Refining Network Message Segmentation with Principal Component Analysis. Proceedings of the tenth annual IEEE Conference on Communications and Network Security (Austin, TX, USA, Oct. 2022).
Reverse engineering of undocumented protocols is a common task in security analyses of networked services. The communication itself, captured in traffic traces, contains much of the necessary information to perform such a protocol reverse engineering. The comprehension of the format of unknown messages is of particular interest for binary protocols that are not human-readable. One major challenge is to discover probable fields in a message as the basis for further analyses. Given a set of messages, split into segments of bytes by an existing segmenter, we propose a method to refine the approximation of the field inference. We use principle component analysis (PCA) to discover linearly correlated variance between sets of message segments. We relocate the boundaries of the initial coarse segmentation to more accurately match with the true fields. We perform different evaluations of our method to show its benefit for the message format inference and subsequent analysis tasks from literature that depend on the message format. We can achieve a median improvement of the message format accuracy across different real-world protocols by up to 100 %.
Kleber, S., Stute, M., Hollick, M. and Kargl, F. 2022. Network Message Field Type Classification and Recognition for Unknown Binary Protocols. Proceedings of the DSN Workshop on Data-Centric Dependability and Security (Baltimore, Maryland, USA, Jun. 2022).
Reverse engineering of unknown network protocols based on recorded traffic traces enables security analyses and debugging of undocumented network services. In particular for binary protocols, existing approaches (1) lack comprehensive methods to classify or determine the data type of a discovered segment in a message, e.,g., a number, timestamp, or network address, that would allow for a semantic interpretation and (2) have strong assumptions that prevent analysis of lower-layer protocols often found in IoT or mobile systems. In this paper, we propose the first generic method for analyzing unknown messages from binary protocols to reveal the data types in message fields. To this end, we split messages into segments of bytes and use their vector interpretation to calculate similarities. These can be used to create clusters of segments with the same type and, moreover, to recognize specific data types based on the clusters' characteristics. Our extensive evaluation shows that our method provides precise classification in most cases and a data-type-recognition precision of up to 100% at reasonable recall, improving the state-of-the-art by a factor between 1.3 and 3.7 in realistic scenarios. We open-source our implementation to facilitate follow-up works.
Bauer, A., Leznik, M., Iqbal, M.S., Seybold, D., Trubin, I., Erb, B., Domaschka, J. and Jamshidi, P. 2022. SPEC Research — Introducing the Predictive Data Analytics Working Group. Companion of the 2022 ACM/SPEC International Conference on Performance Engineering (Bejing, China, 2022), 13–14.
The research field of data analytics has grown significantly with the increase of gathered and available data. Accordingly, a large number of tools, metrics, and best practices have been proposed to make sense of this vast amount of data. To this end, benchmarking and standardization are needed to understand the proposed approaches better and continuously improve them. For this purpose, numerous associations and committees exist. One of them is SPEC (Standard Performance Evaluation Corporation), a non-profit corporation for the standardization and benchmarking of performance and energy evaluations. This paper gives an overview of the recently established SPEC RG Predictive Data Analytics Working Group. The mission of this group is to foster interaction between industry and academia by contributing research to the standardization and benchmarking of various aspects of data analytics.
Bradatsch, L., Haeberle, M., Steinert, B., Kargl, F. and Menth, M. 2022. Secure Service Function Chaining in the Context of Zero Trust Security. 2022 IEEE 47th Conference on Local Computer Networks (LCN) (2022), 123–131. (acceptance rate: 24%)
Service Function Chaining (SFC) enables dynamic steering of traffic through a set of service functions based on classification of packets, allowing network operators fine-grained and flexible control of packet flows. New paradigms like Zero Trust (ZT) pose additional requirements to the security of network architectures. This includes client authentication, confidentiality, and integrity throughout the whole network, while also being able to perform operations on the unencrypted payload of packets. However, these requirements are only partially addressed in existing SFC literature. Therefore, we first present a comprehensive analysis of the security requirements for SFC architectures. Based on this analysis, we propose a concept towards the fulfillment of the requirements while maintaining the flexibility of SFC. In addition, we provide and evaluate a proof of concept implementation, and discuss the implications of the design choices.
Kargl, F., Krontiris, I., Weimerskirch, A., Williams, I. and Trkulja, N. 2022. Privacy Protection of Automated and Self-Driving Vehicles (Dagstuhl Seminar 22042). Dagstuhl Reports. 12, 1 (2022), 83–100.
This report documents the program and the outcomes of Dagstuhl Seminar 22042 "Privacy Protection of Automated and Self-Driving Vehicles". The Seminar reviewed existing privacy-enhancing technologies, standards, tools, and frameworks for protecting personal information in the context of automated and self-driving vehicles (AVs). We specifically focused on where such existing techniques clash with requirements of an AV and its data processing and identified the major road blockers on the way to deployment of privacy protection in AVs from a legal, technical, business and ethical perspective. Therefore, the seminar took an interdisciplinary approach involving autonomous and connected driving, privacy protection, and legal data protection experts. This report summarizes the discussions and findings during the seminar, includes the abstracts of talks, and includes a report from the working groups.

Click here for an overview of all our publications.

Old news can be found in the archive.

Contact

Secretary's Office

Marion Köhler
E-Mail
Phone: +49 731 50-24140
available in the morning
Fax: +49 731 50-24142

Postal Address

Institute of Distributed Systems
Ulm University
Albert-Einstein-Allee 11
89081 Ulm

Visiting Address

James-Franck-Ring
Gebäude O27, Raum 349
89081 Ulm
manned in the morning Monday to Thursday

Directions