Office Hours

For reliable meetings, please arrange an appointment via mail.
Otherwise, you can try to drop by at my office.

Dr. rer. nat. Benjamin Erb

Benjamin Erb is employed as a research assistant at the Institute of Distributed Systems. He holds a Diploma degree in Computer Science in Media and a Bachelor degree in Psychology from Ulm University. In 2019, he received his doctoral degree for his work on a novel live graph computing approach that combines concepts of traditional graph computing with features from event-driven architectures. 

His current research focuses on distributed data systems with special requirements. Such requirements include strong privacy requirements of input data as well as history-aware data collection and processing.

Research Interests 

  • Data-intensive Systems
    • processing on evolving graphs and offline graphs
    • programming models for data processing
    • distributed processing platforms
    • architectures for data systems with special requirements and capabilities
  • Distributed Systems & Architectures
    • event-driven architectures
    • event sourcing & CQRS
    • scalable web architectures
    • concurrency and parallelism
  • Privacy
    • psychological aspects of privacy
    • privacy aspects in empirical research
    • user-centered privacy


  • PePER (2021/07 – 2022/09; ongoing): PePER – A Privacy ­Enhanced Platform for Empirical Research. Funding: ProTrainU start-up funding (Ulm University).
  • ReSense (2020/11 – 2022/10; ongoing): Retrospective Sensor Networks and Edge Computing for Secure Event Detection and Monitoring. Funding: BMBF/DAAD-GERF.
  • SIDGRAPH (started 2014/08 – 2017/07; completed): Development of scalability and distribution mechanisms for graph-based and event-driven computations and simulations. Funding: Industry project.
  • PRIPARE (2013/10 – 2015/09; completed): Design and implementation of a collaborative web portal for patterns and best practices for privacy
  • diretto / diretto.resc (2009/10 – 2011/08; completed): The main target of this student project has been the design and prototypical implementation of a platform for distributed reporting. Use cases include collaborations in disaster scenarios and the live coverage of large-scale public events. The second stage of the project has been funded by MFG Stiftung Baden-Württemberg as part of a Karl-Steinbuch scholarship.


  • Member of the academic staff group on the Computer Science Study Committee.


Bauer, A., Leznik, M., Iqbal, M.S., Seybold, D., Trubin, I., Erb, B., Domaschka, J. and Jamshidi, P. 2022. SPEC Research — Introducing the Predictive Data Analytics Working Group. ICPE ’22: Companion of the ACM/SPEC International Conference on Performance Engineering (New York, NY, USA, 2022).


Herbert, C., Marschin, V., Erb, B., Meißner, D., Aufheimer, M. and Boesch, C. 2021. Are you willing to self-disclose for science? Effects of Privacy Awareness (PA) and Trust in Privacy (TIP) on self-disclosure of personal and health data in online scientific studies -an experimental study. Frontiers in Big Data. (Dec. 2021).
Digital interactions via the internet have become the norm rather than the exception in our global society. Concerns have been raised about human-centered privacy and the often unreflected self-disclosure behavior of internet users. This study on human-centered privacy follows two major aims: first, investigate the willingness of university students as digital natives to self-disclose private data and information from psychological domains including their person, social and academic life, their mental health as well as their health behavior habits when taking part as a volunteer in a scientific online survey. Second, examine to what extent the participants’ self-disclosure behavior can be modulated by experimental induction of Privacy Awareness (PA) or Trust in Privacy (TIP) or a combination of both (PA and TIP). In addition, the role of human factors such as personality traits, gender or mental health (e.g., self-reported depressive symptoms) on self-disclosure behavior was explored and the influence of PA and TIP induction were considered. Participants were randomly assigned to four experimental groups. In group A (n = 50, 7 males), privacy awareness (PA) was induced implicitly by the inclusion of privacy concern items. In group B (n = 43, 6 males), trust in privacy (TIP) was experimentally induced by buzzwords and by visual TIP primes promising safe data storage. Group C (n = 79, 12 males) received both, PA and TIP induction, while group D (n = 55, 9 males) served as control group. Participants had the choice to answer the survey items by agreeing to one of a number of possible answers including the options to refrain from self-disclosure by choosing the response options “don’t know” or “no answer”. Self-disclosure among participants was high irrespective of experimental group and irrespective of psychological domains of the information provided. The results of this study suggest that willingness of volunteers to self-disclose private data in a scientific online study cannot simply be overruled or changed by any of the chosen experimental privacy manipulations. The present results extend the previous literature on human-centered privacy and despite limitations can give important insights into self-disclosure behavior of young people and the privacy paradox.
Erb, B., Bösch, C., Herbert, C., Kargl, F. and Montag, C. 2021. Emerging Privacy Issues in Times of Open Science. (Jun. 2021). PsyArXiv Preprint
The open science movement has taken up the important challenge to increase transparency of statistical analyses, to facilitate reproducibility of studies, and to enhance reusability of data sets. To counter the replication crisis in the psychological and related sciences, the movement also urges researchers to publish their primary data sets alongside their articles. While such data publications represent a desirable improvement in terms of transparency and are also helpful for future research (e.g., subsequent meta-analyses or replication studies), we argue that such a procedure can worsen existing privacy issues that are insufficiently considered so far in this context. Recent advances in de-anonymization and re-identification techniques render privacy protection increasingly difficult, as prevalent anonymization mechanisms for handling participants' data might no longer be adequate. When exploiting publicly shared primary data sets, data from multiple studies can be linked with contextual data and eventually, participants can be de-anonymized. Such attacks can either re-identify specific individuals of interest, or they can be used to de-anonymize entire participant cohorts. The threat of de-anonymization attacks can endanger the perceived confidentiality of responses by participants, and ultimately, lower the overall trust of potential participants into the research process due to privacy concerns.
Bendig, E., Erb, B., Meißner, D., Bauereiß, N. and Baumeister, H. 2021. Feasibility of a Software agent providing a brief Intervention for Self-help to Uplift psychological wellbeing (“SISU”). A single-group pretest-posttest trial investigating the potential of SISU to act as therapeutic agent. Internet Interventions. 24, (2021), 100377.
Background: Software agents are computer-programs that conduct conversations with a human. The present study evaluates the feasibility of the software agent “SISU” aiming to uplift psychological wellbeing. Methods: Within a one-group pretest-posttest trial, N = 30 German-speaking participants were recruited. Assessments took place before (t1), during (t2) and after (t3) the intervention. The ability of SISU to guide participants through the intervention, acceptability, and negative effects were investigated. Data analyses are based on intention-to-treat principles. Linear mixed models will be used to investigate short-term changes over time in mood, depression, anxiety. Intervention: The intervention consists of two sessions. Each session comprises writing tasks on autobiographical negative life events and an Acceptance- and Commitment Therapy-based exercise respectively. Participants interact with the software agent on two consecutive days for about 30 min each. Results: All participants completed all sessions within two days. User experience was positive, with all subscales of the user experience questionnaire (UEQ) M > 0.8. Participants experienced their writings as highly self-relevant and personal. However, 57% of the participants reported at least one negative effect attributed to the intervention. Results on linear mixed models indicate an increase in anxiety over time (β = 1.33, p = .001). Qualitative User Feedback revealed that the best thing about SISU was its innovativeness (13%) and anonymity (13%). As worst thing about SISU participants indicated that the conversational style of SISU often felt unnatural (73%). Conclusion: SISU successfully guided participants through the two-day intervention. Moreover, SISU has the potential to enter the inner world of participants. However, intervention contents have the potential to evoke negative effects in individuals. Expectable short-term symptom deterioration due to writing about negative autobiographical life events could not be prevented by acceptance and commitment therapy-based exercises. Hence, results suggest a revision of intervention contents as well as of the conversational style of SISU. The good adherence rate indicates the useful and acceptable format of SISU as a mental health chatbot. Overall, little is known about the effectiveness of software agents in the context of psychological wellbeing. Results of the present trial underline that the innovative technology bears the potential of SISU to act as therapeutic agent but should not be used with its current intervention content. Trial-registration: The Trial is registered at the WHO International Clinical Trials Registry Platform via the German Clinical Studies Register (DRKS): DRKS00014933 (date of registration: 20.06.2018). Link:
Al-Momani, A., Wuyts, K., Sion, L., Kargl, F., Joosen, W., Erb, B. and Bösch, C. 2021. Land of the Lost: Privacy Patterns’ Forgotten Properties: Enhancing Selection-Support for Privacy Patterns. Proceedings of the 36th Annual ACM Symposium on Applied Computing (Virtual Event, Republic of Korea, 2021), 1217–1225. (acceptance rate: 29%)
Privacy patterns describe core aspects of privacy-enhancing solutions to recurring problems and can, therefore, be instrumental to the privacy-by-design paradigm. However, the privacy patterns domain is still evolving. While the main focus is currently put on compiling and structuring high-quality privacy patterns in catalogs, the support for developers to select suitable privacy patterns is still limited. Privacy patterns selection-support means, in essence, the quick and easy scoping of a collection of patterns to the most applicable ones based on a set of predefined criteria. To evaluate patterns against these criteria, a thorough understanding of the privacy patterns landscape is required. In this paper, (i) we show that there is currently a lack of extensive support for privacy patterns selection due to the insufficient understanding of pattern properties, (ii) we propose additional properties that need to be analyzed and can serve as a first step towards a robust selection criteria, (iii) we analyze and present the properties for 70 privacy patterns, and (iv) we discuss a potential approach of how such a selection-support method can be realized.
Meißner, D., Engelmann, F., Kargl, F. and Erb, B. 2021. PeQES: A Platform for Privacy-Enhanced Quantitative Empirical Studies. Proceedings of the 36th Annual ACM Symposium on Applied Computing (Virtual Event, Republic of Korea, 2021), 1226–1234. (acceptance rate: 29%)
Empirical sciences and in particular psychology suffer a methodological crisis due to the non-reproducibility of results, and in rare cases, questionable research practices. Pre-registered studies and the publication of raw data sets have emerged as effective countermeasures. However, this approach represents only a conceptual procedure and may in some cases exacerbate privacy issues associated with data publications. We establish a novel, privacy-enhanced workflow for pre-registered studies. We also introduce PeQES, a corresponding platform that technically enforces the appropriate execution while at the same time protecting the participants' data from unauthorized use or data repurposing. Our PeQES prototype proves the overall feasibility of our privacy-enhanced workflow while introducing only a negligible performance overhead for data acquisition and data analysis of an actual study. Using trusted computing mechanisms, PeQES is the first platform to enable privacy-enhanced studies, to ensure the integrity of study protocols, and to safeguard the confidentiality of participants' data at the same time.
Meißner, D., Kargl, F. and Erb, B. 2021. WAIT: Protecting the Integrity of Web Applications with Binary-Equivalent Transparency. Proceedings of the 36th Annual ACM Symposium on Applied Computing (Virtual Event, Republic of Korea, 2021), 1950–1953. (acceptance rate: 29%)
Modern single page web applications require client-side executions of application logic, including critical functionality such as client-side cryptography. Existing mechanisms such as TLS and Subresource Integrity secure the communication and provide external resource integrity. However, the browser is unaware of modifications to the client-side application as provided by the server and the user remains vulnerable against malicious modifications carried out on the server side. Our solution makes such modifications transparent and empowers the browser to validate the integrity of a web application based on a publicly verifiable log. Our Web Application Integrity Transparency (WAIT) approach requires (1) an extension for browsers for local integrity validations, (2) a custom HTTP header for web servers that host the application, and (3) public log servers that serve the verifiable logs. With WAIT, the browser can disallow the execution of undisclosed application changes. Also, web application providers cannot dispute their authorship for published modifications anymore. Although our approach cannot prevent every conceivable attack on client-side web application integrity, it introduces a novel sense of transparency for users and an increased level of accountability for application providers particularly effective against targeted insider attacks.


Erb, B. 2020. Distributed computing on event-sourced graphs. Dissertation
Modern applications with increasingly connected domain topologies require processing and programming abstractions that reflect the network structure inherent to these applications. At the same time, data-intensive applications necessitate more and more online processing capabilities when consuming incoming streams of events to execute continuous computations and provide fast results. Only very few systems have taken into account the combined challenge of executing graph processing on a dynamically evolving graph. However, this is a critical capability as timely computations enable reactive application behaviors upon graph changes. In addition, no existing system supports processing on a live graph and on past version of that evolving graph at the same time. The distinct characteristics of event processing and graph computing, as well as batch processing and live processing yield specific requirements for any computing platform that unifies these approaches. Solutions require (i) data management strategies to keep track of the continuous graph evolution, (ii) appropriate graph processing models that can simultaneously handle computations and graph updates, and (iii) an efficient platform implementation that provides the necessary performance at runtime. To this end, this thesis suggests a combination of an adapted actor model, an event-sourced persistence layer, and a vertex-based, asynchronous live programming model. The event-sourced actor model enables highly concurrent computations in which the full application history is implicitly persisted. This model is then refined into a live graph processing model with a particular focus on asynchronicity, liveness, and parallel execution support. At the same time, the use of event sourcing enables the model to reconstruct global and consistent graph representations from arbitrary points of the timeline. These graph representations form the basis for decoupled, non-live graph processing models. The Chronograph platform represents an implementation of the event-sourced graph model. The platform ingests external update streams and maintains a live graph representation as part of a user-specified graph application. It thus enables live and offline computations on event-driven, history-aware graphs and supports different processing models on the evolving graph. This thesis provides the following contributions: (i) a distributed computing approach with history support based on the actor model and event sourcing, as wall as corresponding and supplementary concepts, (ii) a data management approach for evolving graphs that builds on the event-sourced actor model, (iii) a set of novel and adapted programming and processing models that integrate well with event-sourced graphs, (iv) a distributed platform architecture that implements the event-sourced graph model; and (v) an evaluation framework for such live graph processing systems.


Kargl, F., van der Heijden, R.W., Erb, B. and Bösch, C. 2019. Privacy in mobile sensing. Digital Phenotyping and Mobile Sensing. H. Baumeister and C. Montag, eds. Springer. 3–12.
In this chapter, we discuss the privacy implications of mobile sensing and modern psycho-social sciences. We aim to raise awareness of the multifaceted nature of privacy, describing the legal, technical and applied aspects in some detail. Not only since the European GDPR, these aspects lead to a broad spectrum of challenges of which data processors cannot be absolved by a simple consent form from their users. Instead appropriate technical and organizational measures should be put in place through a proper privacy engineering process. Throughout the chapter, we illustrate the importance of privacy protection through a set of examples and also technical approaches to address these challenges. We conclude this chapter with an outlook on privacy in mobile sensing, digital phenotyping and, psychoinformatics.
Bendig, E., Erb, B., Schulze-Thuesing, L. and Baumeister, H. 2019. The Next Generation: Chatbots in Clinical Psychology and Psychotherapy to Foster Mental Health – A Scoping Review. Verhaltenstherapie. 29, 4 (2019), 266–280.
Background and Purpose: The present age of digitalization brings with it progress and new possibilities for health care in general and clinical psychology/psychotherapy in particular. Internet- and mobile-based interventions (IMIs) have often been evaluated. A fully automated version of IMIs are chatbots. Chatbots are automated computer programs that are able to hold, e.g., a script-based conversation with a human being. Chatbots could contribute to the extension of health care services. The aim of this review is to conceptualize the scope and to work out the current state of the art of chatbots fostering mental health. Methods: The present article is a scoping review on chatbots in clinical psychology and psychotherapy. Studies that utilized chatbots to foster mental health were included. Results: The technology of chatbots is still experimental in nature. Studies are most often pilot studies by nature. The field lacks high-quality evidence derived from randomized controlled studies. Results with regard to practicability, feasibility, and acceptance of chatbots to foster mental health are promising but not yet directly transferable to psychotherapeutic contexts. ­Discussion: The rapidly increasing research on chatbots in the field of clinical psychology and psychotherapy requires corrective measures. Issues like effectiveness, sustainability, and especially safety and subsequent tests of technology are elements that should be instituted as a corrective for future funding programs of chatbots in clinical psychology and psychotherapy.


Lukaseder, T., Stölze, K., Kleber, S., Erb, B. and Kargl, F. 2018. An SDN-based Approach for Defending Against Reflective DDoS Attacks. 2018 IEEE 43th Conference on Local Computer Networks (2018). (acceptance rate: 28%)
Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanisms that react to attacks without prior knowledge of the actual application protocols used. With the flexibility that software-defined networks offer, we developed a new approach for defending against DRDoS attacks; it not only protects against arbitrary DRDoS attacks but is also transparent for the attack target and can be used without assistance of the target host operator. The approach provides a robust mitigation system which is protocol-agnostic and effective in the defense against DRDoS attacks.
Erb, B., Meißner, D., Kargl, F., Steer, B.A., Cuadrado, F., Margan, D. and Pietzuch, P. 2018. Graphtides: A Framework for Evaluating Stream-Based Graph Processing Platforms. Proceedings of the 1st ACM SIGMOD Joint International Workshop on Graph Data Management Experiences & Systems (GRADES) and Network Data Analytics (NDA) (Houston, Texas, 2018). (acceptance rate: 38%)
Stream-based graph systems continuously ingest graph-changing events via an established input stream, performing the required computation on the corresponding graph. While there are various benchmarking and evaluation approaches for traditional, batch-oriented graph processing systems, there are no common procedures for evaluating stream-based graph systems. We, therefore, present GraphTides, a generic framework which includes the definition of an appropriate system model, an exploration of the parameter space, suitable workloads, and computations required for evaluating such systems. Furthermore, we propose a methodology and provide an architecture for running experimental evaluations. With our framework, we hope to systematically support system development, performance measurements, engineering, and comparisons of stream-based graph systems.
Erb, B., Meißner, D., Ogger, F. and Kargl, F. 2018. Log Pruning in Distributed Event-sourced Systems. Proceedings of the 12th ACM International Conference on Distributed and Event-based Systems (New York, NY, USA, 2018), 230–233. (acceptance rate: 39%)
Event sourcing is increasingly used and implemented in event-based systems for maintaining the evolution of application state. However, unbounded event logs are impracticable for many systems, as it is difficult to align scalability requirements and long-term runtime behavior with the corresponding storage requirements. To this end, we explore the design space of log pruning approaches suitable for event-sourced systems. Furthermore, we survey specific log pruning mechanisms for event-sourced logs. In a brief evaluation, we point out the trade-offs when applying pruning to event logs and highlight the applicability of log pruning to event-sourced systems.
Meißner, D., Erb, B. and Kargl, F. 2018. Performance Engineering in Distributed Event-sourced Systems. Proceedings of the 12th ACM International Conference on Distributed and Event-based Systems (New York, NY, USA, 2018), 242–245. (acceptance rate: 39%)
Distributed event-sourced systems adopt a fairly new architectural style for data-intensive applications that maintains the full history of the application state. However, the performance implications of such systems are not yet well explored, let alone how the performance of these systems can be improved. A central issue is the lack of systematic performance engineering approaches that take into account the specific characteristics of these systems. To address this problem, we suggest a methodology for performance engineering and performance analysis of distributed event-sourced systems based on specific measurements and subsequent, targeted optimizations. The methodology blends in well into existing software engineering processes and helps developers to identify bottlenecks and to resolve performance issues. Using our structured approach, we improved an existing event-sourced system prototype and increased its performance considerably.
Meißner, D., Erb, B., Kargl, F. and Tichy, M. 2018. retro-λ: An Event-sourced Platform for Serverless Applications with Retroactive Computing Support. Proceedings of the 12th ACM International Conference on Distributed and Event-based Systems (New York, NY, USA, 2018), 76–87. (acceptance rate: 39%)
State changes over time are inherent characteristics of stateful applications. So far, there are almost no attempts to make the past application history programmatically accessible or even modifiable. This is primarily due to the complexity of temporal changes and a difficult alignment with prevalent programming primitives and persistence strategies. Retroactive computing enables powerful capabilities though, including computations and predictions of alternate application timelines, post-hoc bug fixes, or retroactive state explorations. We propose an event-driven programming model that is oriented towards serverless computing and applies retroaction to the event sourcing paradigm. Our model is deliberately restrictive, but therefore keeps the complexity of retroactive operations in check. We introduce retro-λ, a runtime platform that implements the model and provides retroactive capabilites to its applications. While retro-λ only shows negligible performance overheads compared to similar solutions for running regular applications, it enables its users to execute retroactive computations on the application histories as part of its programming model.
Lukaseder, T., Maile, L., Erb, B. and Kargl, F. 2018. SDN-Assisted Network-Based Mitigation of Slow DDoS Attacks. Proceedings of the 14th EAI International Conference on Security and Privacy in Communication Networks. (Cham, 2018), 102–121.
Slow-running attacks against network applications are often not easy to detect, as the attackers behave according to the specification. The servers of many network applications are not prepared for such attacks, either due to missing countermeasures or because their default configurations ignores such attacks. The pressure to secure network services against such attacks is shifting more and more from the service operators to the network operators of the servers under attack. Recent technologies such as software-defined networking offer the flexibility and extensibility to analyze and influence network flows without the assistance of the target operator. Based on our previous work on a network-based mitigation, we have extended a framework to detect and mitigate slow-running DDoS attacks within the network infrastructure, but without requiring access to servers under attack. We developed and evaluated several identification schemes to identify attackers in the network solely based on network traffic information. We showed that by measuring the packet rate and the uniformity of the packet distances, a reliable identificator can be built, given a training period of the deployment network.


Erb, B., Meißner, D., Pietron, J. and Kargl, F. 2017. Chronograph: A Distributed Processing Platform for Online and Batch Computations on Event-sourced Graphs. Proceedings of the 11th ACM International Conference on Distributed and Event-Based Systems (New York, NY, USA, 2017), 78–87. (acceptance rate: 37%)
Several data-intensive applications take streams of events as a continuous input and internally map events onto a dynamic, graph-based data model which is then used for processing. The differences between event processing, graph computing, as well as batch processing and near-realtime processing yield a number of specific requirements for computing platforms that try to unify theses approaches. By combining an altered actor model, an event-sourced persistence layer, and a vertex-based, asynchronous programming model, we propose a distributed computing platform that supports event-driven, graph-based applications in a single platform. Our Chronograph platform concept enables online and offline computations on event-driven, history-aware graphs and supports different processing models on the evolving graph.
Erb, B., Meißner, D., Habiger, G., Pietron, J. and Kargl, F. 2017. Consistent Retrospective Snapshots in Distributed Event-sourced Systems. Conference on Networked Systems (NetSys’17) (Göttingen, Germany, Mar. 2017).
An increasing number of distributed, event-based systems adopt an architectural style called event sourcing, in which entities keep their entire history in an event log. Event sourcing enables data lineage and allows entities to rebuild any previous state. Restoring previous application states is a straight-forward task in event-sourced systems with a global and totally ordered event log. However, the extraction of causally consistent snapshots from distributed, individual event logs is rendered non-trivial due to causal relationships between communicating entities. High dynamicity of entities increases the complexity of such reconstructions even more. We present approaches for retrospective and global state extraction of event-sourced applications based on distributed event logs. We provide an overview on historical approaches towards distributed debugging and breakpointing, which are closely related to event log-based state reconstruction. We then introduce and evaluate our approach for non-local state extraction from distributed event logs, which is specifically adapted for dynamic and asynchronous event-sourced systems.


Lukaseder, T., Bradatsch, L., Erb, B., Van Der Heijden, R.W. and Kargl, F. 2016. A comparison of TCP congestion control algorithms in 10G networks. 41st Conference on Local Computer Networks (2016), 706–714. (acceptance rate: 28%)
The increasing availability of 10G Ethernet network capabilities challenges existing transport layer protocols. As 10G connections gain momentum outside of backbone networks, the choice of appropriate TCP congestion control algorithms becomes even more relevant for networked applications running in environments such as data centers. Therefore, we provide an extensive overview of relevant TCP congestion control algorithms for high-speed environments leveraging 10G. We analyzed and evaluated six TCP variants using a physical network testbed, with a focus on the effects of propagation delay and significant drop rates. The results indicate that of the algorithms compared, BIC is most suitable when no legacy variant is present, CUBIC is suggested otherwise.
Erb, B. and Kargl, F. 2016. Chronograph: A Distributed Platform for Event-Sourced Graph Computing. Proceedings of the Posters and Demos Session of the 17th International Middleware Conference (New York, NY, USA, Dec. 2016), 15–16.
Many data-driven applications require mechanisms for processing interconnected or graph-based data sets. Several platforms exist for offline processing of such data and fewer solutions address online computations on dynamic graphs. We combined a modified actor model, an event-sourced persistence layer, and a vertex-based, asynchronous programming model in order to unify event-driven and graph-based computations. Our distributed chronograph platform supports both near-realtime and batch computations on dynamic, event-driven graph topologies, and enables full history tracking of the evolving graphs over time.
Seybold, D., Wagner, N., Erb, B. and Domaschka, J. 2016. Is elasticity of scalable databases a Myth? 2016 IEEE International Conference on Big Data (Big Data) (Dec. 2016), 2827–2836. (acceptance rate: 18.7%)
The age of cloud computing has introduced all the mechanisms needed to elastically scale distributed, cloud-enabled applications. At roughly the same time, NoSQL databases have been proclaimed as the scalable alternative to relational databases. Since then, NoSQL databases are a core component of many large-scale distributed applications. This paper evaluates the scalability and elasticity features of the three widely used NoSQL database systems Couchbase, Cassandra and MongoDB under various workloads and settings using throughput and latency as metrics. The numbers show that the three database systems have dramatically different baselines with respect to both metrics and also behave unexpected when scaling out. For instance, while Couchbase's throughput increases by 17% when scaled out from 1 to 4 nodes, MongoDB's throughput decreases by more than 50%. These surprising results show that not all tested NoSQL databases do scale as expected and even worse, in some cases scaling harms performances.
Meißner, D., Erb, B., van der Heijden, R., Lange, K. and Kargl, F. 2016. Mobile triage management in disaster area networks using decentralized replication. Proceedings of the Eleventh ACM Workshop on Challenged Networks (2016), 7–12. (acceptance rate: 52%)
In large-scale disaster scenarios, efficient triage management is a major challenge for emergency services. Rescue forces traditionally respond to such incidents with a paper-based triage system, but technical solutions can potentially achieve improved usability and data availability. We develop a triage management system based on commodity hardware and software components to verify this claim. We use a single-hop, ad-hoc network architecture with multi-master replication, a tablet-based device setup, and a mobile application for emergency services. We study our system in cooperation with regional emergency services and report on experiences from a field exercise. We show that state-of-the-art commodity technology provides the means necessary to implement a triage management system compatible with existing emergency service procedures, while introducing additional benefits. This work highlights that powerful real-world ad-hoc networking applications do not require unreasonable development effort, as existing tools from distributed systems, such as replicating NoSQL databases, can be used successfully.
Erb, B., Habiger, G. and Hauck, F.J. 2016. On the Potential of Event Sourcing for Retroactive Actor-based Programming. First Workshop on Programming Models and Languages for Distributed Computing (New York, NY, USA, 2016), 1–5.
The actor model is an established programming model for distributed applications. Combining event sourcing with the actor model allows the reconstruction of previous states of an actor. When this event sourcing approach for actors is enhanced with additional causality information, novel types of actor-based, retroactive computations are possible. A globally consistent state of all actors can be reconstructed retrospectively. Even retroactive changes of actor behavior, state, or messaging are possible, with partial recomputations and projections of changes in the past. We believe that this approach may provide beneficial features to actor-based systems, including retroactive bugfixing of applications, decoupled asynchronous global state reconstruction for recovery, simulations, and exploration of distributed applications and algorithms.
Lukaseder, T., Bradatsch, L., Erb, B. and Kargl, F. 2016. Setting Up a High-Speed TCP Benchmarking Environment - Lessons Learned. 41st Conference on Local Computer Networks (Nov. 2016), 160–163. (acceptance rate: 33%)
There are many high-speed TCP variants with different congestion control algorithms, which are designed for specific settings or use cases. Distinct features of these algorithms are meant to optimize different aspects of network performance, and the choice of TCP variant strongly influences application performance. However, setting up tests to help with the decision of which variant to use can be problematic, as many systems are not designed to deal with high bandwidths, such as 10 Gbps or more. This paper provides an overview of pitfalls and challenges of realistic network analysis to help in the decision making process.
Bösch, C., Erb, B., Kargl, F., Kopp, H. and Pfattheicher, S. 2016. Tales from the dark side: Privacy dark strategies and privacy dark patterns. Proceedings on Privacy Enhancing Technologies. 2016, 4 (2016), 237–254. (acceptance rate: 23,8% for volume 2016)
Privacy strategies and privacy patterns are fundamental concepts of the privacy-by-design engineering approach. While they support a privacy-aware development process for IT systems, the concepts used by malicious, privacy-threatening parties are generally less understood and known. We argue that understanding the “dark side”, namely how personal data is abused, is of equal importance. In this paper, we introduce the concept of privacy dark strategies and privacy dark patterns and present a framework that collects, documents, and analyzes such malicious concepts. In addition, we investigate from a psychological perspective why privacy dark strategies are effective. The resulting framework allows for a better understanding of these dark concepts, fosters awareness, and supports the development of countermeasures. We aim to contribute to an easier detection and successive removal of such approaches from the Internet to the benefit of its users.
Kraft, R., Erb, B., Mödinger, D. and Kargl, F. 2016. Using Conflict-free Replicated Data Types for Serverless Mobile Social Applications. Proceedings of the 8th ACM International Workshop on Hot Topics in Planet-scale mObile Computing and Online Social neTworking (New York, NY, USA, 2016), 49–54.
A basic reason for backend systems in mobile application architectures is the centralized management of state. Mobile clients synchronize local states with the backend in order to maintain an up-to-date view of the application state. As not all mobile social applications require strong consistency guarantees, we survey an alternative approach using special data structures for mobile applications. These data structures only provide eventual consistency, but allow for conflict-free replication between peers. Our analysis collects the requirements of social mobile applications for being suitable for this approach. Based on exemplary mobile social applications, we also point out the benefits of serverless architecture or architectures with a thin backend layer.


Erb, B. and Kargl, F. 2015. A Conceptual Model for Event-sourced Graph Computing. Proceedings of the 9th ACM International Conference on Distributed Event-Based Systems (New York, NY, USA, 2015), 352–355.
Systems for highly interconnected application domains are increasingly taking advantage of graph-based computing platforms. Existing platforms employ a batch-oriented computing model and neglect near-realtime processing or temporal analysis. We suggest an extended conceptual model for event-driven computing on graphs. It takes into account the evolution of a graph and enables temporal analyses, processing on previous graph states, and retroactive modifications.
Erb, B. 2015. Towards Distributed Processing on Event-sourced Graphs. Doctoral Symposium
The processing of large-scale data sets and streaming data is challenging traditional computing platforms and lacks increasingly relevant features such as data lineage and inherent support for retrospective and predictive analytics. By combining concepts from event processing and graph computing, an Actor-related programming model, and an event-based, time-aware persistence approach into a unified distributed processing solution, we suggest a novel processing approach that embraces the idea of graph-based computing with built-in support for application history.


Domaschka, J., Hauser, C.B. and Erb, B. 2014. Reliability and Availability Properties of Distributed Database Systems. 18th International Enterprise Distributed Object Computing Conference (Sep. 2014), 226–233. (acceptance rate: 22%)
Distributed database systems represent an essential component of modern enterprise application architectures. If the overall application needs to provide reliability and availability, the database has to guarantee these properties as well. Entailing non-functional database features such as replication, consistency, conflict management, and partitioning represent subsequent challenges for successfully designing and operating an available and reliable database system. In this document, we identify why these concepts are important for databases and classify their design options. Moreover, we survey how eleven modern database systems implement these reliability and availability properties.
Erb, B. and Kargl, F. 2014. Combining Discrete Event Simulations and Event Sourcing. Proceedings of the 7th International ICST Conference on Simulation Tools and Techniques (ICST, Brussels, Belgium, Belgium, 2014), 51–55.
Discrete event simulations (DES) represent the status quo for many different types of simulations. There are still open challenges, such as designing distributed simulation architectures, providing development and debugging support, or analyzing and evaluating simulation runs. In the area of scalable, distributed application architectures exists an architectural style called event sourcing, which shares the same inherent idea as DES. We believe that both approaches can benefit from each other and provide a comparison of both approaches. Next, we point out how event sourcing concepts can address DES issues. Finally, we suggest a hybrid architecture that allows to mutually execute simulations and real applications, enabling seamless transitions between both.
Erb, B., Kargl, F. and Domaschka, J. 2014. Concurrent Programming in Web Applications. it-Information Technology. 56, 3 (2014), 119–126.
Modern web applications are concurrently used by many users and provide increasingly interactive features. Multi-core processors, highly distributed backend architectures, and new web technologies force a reconsideration of approaches for concurrent programming in order to fulfil scalability demands and to implement modern web application features. We provide a survey on different concepts and techniques of concurrency inside web architectures and guide through viable concurrency alternatives for architects and developers.
Engelmann, F., Lukaseder, T., Erb, B., van der Heijden, R. and Kargl, F. 2014. Dynamic packet-filtering in high-speed networks using NetFPGAs. Third International Conference on Future Generation Communication Technologies (FGCT 2014) (Aug. 2014), 55–59.
Computational power for content filtering in high-speed networks reaches a limit, but many applications as intrusion detection systems rely on such processes. Especially signature based methods need extraction of header fields. Hence we created an parallel protocol-stack parser module on the NetFPGA 10G architecture with a framework for simple adaption to custom protocols. Our measurements prove that the appliance operates at 9.5 Gb/s with a delay in order of any active hop. The work provides the foundation to use for application specific projects in the NetFPGA context.


Erb, B., Kaufmann, S., Schlecht, T., Schaub, F. and Weber, M. 2011. diretto: A Toolkit for Distributed Reporting and Collaboration. Mensch & Computer 2011: überMEDIEN ÜBERmorgen (München, 2011), 151–160.
The goal of the diretto project is the creation of an extensible infrastructure and easy-to-use toolset for distributed on-site media reporting and collaborative event coverage in real-time. It empowers collocated users to participate dynamicallyin event reporting, andfacilitatescollaboration with remote users. For example, to cover public events or support disaster relief missions with on-site information. The diretto platform focuses on scalability to support large crowd participation. Our platform currently supports smartphone clients, areportingsolution for SLR cameras, and a rich web application for remote collaborators. diretto is easily extensible and can be tailored to mission-specific requirements.

Teaching in Summer Term 2022
  • Architectures for Distributed Internet Services (ADIS)
  • Concepts for Concurrent, Parallel and Distributed Programming (CCPDP)
  • Computer Networks and IT-Security (RNSEC)
  • Privacy in the Internet (PRIV)
  • Selected Topics in Distributed Systems  (ATVS)
  • Research Trends in Distributed Systems (RTDS)
Teaching in Winter Term 2021/2022
  • Introduction to Computer Networks (GRN)
  • Computer Networks and IT-Security (RNSEC)


Compulsory Courses (Lectures)

Introduction to Computer Networks (Grundlagen der Rechnernetze; GRN)
Lecture with exercises, 2V+2Ü, 5LP
WiSe 2021, WiSe 2020

Elective Courses (Lectures)

Architectures for Distributed Internet Services (Architekturen für Verteilte Internetdienste; ADIS/AVID)
Lecture with exercises, 3V+1Ü, 6 LP
SoSe 2022, SoSe 2021, SoSe 2020
Concepts for Concurrent, Parallel and Distributed Programming (Konzepte für nebenläufige, parallele und verteilte Programmierung; CCPDP)
Lecture with exercises, 3V+1Ü, 6 LP
SoSe 2022, SoSe 2021
Distributed Computing Platforms in Practice (Verteilte Berechnungsplattformen in der Praxis; VBP)
Lecture with exercises, 1V+2Ü, 6 LP
SoSe 2020, SoSe 2019
Practical IT-Security (Praktische IT-Sicherheit; PSEC)
Lecture with exercises, 1V+2Ü, 6 LP
SoSe 2021, SoSe 2020

Lab Courses

Compulsory Courses (Lab Courses)

Introduction to Computer Networks (Grundlagen der Rechnernetze; GRN)
Lecture with exercises, 2V+2Ü, 5LP
WiSe 2019, WiSe 2018, WiSe 2017, WiSe 2016, WiSe 2015, WiSe 2014, WiSe 2013, WiSe 2012

Elective Courses (Lab Courses)

Advanced Concepts of Communication Networks (Fortgeschrittene Konzepte der Rechnernetze; FKR)
Lecture with exercises, 2V+2Ü, 6LP
SoSe 2016, SoSe 2015, SoSe 2014, SoSe 2013, SoSe 2012


Proseminars (Bachelor)

Privacy in the Internet (Privacy im Internet; PRIV)
Proseminar, 2S, 4LP
SoSe 2022, SoSe 2021, SoSe 2020, WiSe 2018, WiSe 2017, WiSe 2016, WiSe 2015, WiSe 2014, WiSe 2013, WiSe 2012
Effective Java (Kniffe, Tricks und Techniken für Java; KTT)
Proseminar, 2S, 4LP
SoSe 2015, SoSe 2013

Seminars (Bachelor/Master)

Selected Topics in Distributed Systems (Ausgewählte Themen in Verteilten Systemen; ATVS)
Seminar, 2S, 4LP
SoSe 2022, WiSe 2018, SoSe 2018, WiSe 2017, SoSe 2017, WiSe 2016, SoSe 2016, WiSe 2015, SoSe 2015, WiSe 2014, SoSe 2014, WiSe 2013, SoSe 2013, WiSe 2012
Research Trends in Distributed Systems (Forschungstrends in Verteilten Systemen; RTDS)
Seminar, 2S, 4LP
SoSe 2022, WiSe 2018, SoSe 2018, WiSe 2017, SoSe 2017, WiSe 2016, SoSe 2016, WiSe 2015, SoSe 2015, WiSe 2014, SoSe 2014, WiSe 2013, SoSe 2013, WiSe 2012

Student Projects

Individual Master Projects

Computer Networks and IT-Security (Rechnernetze und IT-Sicherheit; RNSEC)
Project, 4S, 8LP
(individual topics each term)

Joint Master Projects

Interactive Driving Simulator (Interaktiver Fahrsimulator)
Project, 4S, 8LP
WiSe 2013, SoSe 2013