Volker Fusenig

Learn More
Our work proposes a generic architecture for runtime monitoring and optimization of IDS based on the challenge insertion. The challenges, known instances of malicious or legitimate behavior, are inserted into the network traffic represented by NetFlow records, processed with the current traffic and the system’s response to the challenges is used to(More)
The number of Android-based smartphones is growing rapidly. They are increasingly used for security-critical private and business applications, such as online banking or to access corporate networks. This makes them a very valuable target for an adversary. Up to date, significant or large-scale attacks have failed, but attacks are becoming more(More)
We present an architecture for cloud networking, the provision of virtual infrastructure in a multi-administrative domain scenario, where data centre and network operators interact through defined interfaces to provide seamless virtual infrastructure. To support this scenario we introduce the flash network slice, dynamic elastic network connections that(More)
Cloud computing aims to provide services and resources on a pay-as you-use basis with additional possibilities for efficient adaptation of the required resources to the actual needs. Cloud networking extends this approach by providing more flexibility in the placement, movement, and interconnection of these virtual resources. Depending on the use, customers(More)
We present a trust-based mechanism for the acquisition of information from possibly unreliable sources. Our mechanism addresses the case where the acquired information cannot be verified. The idea is to intersperse questions (“challenges”) for which the correct answers are known. By evaluating the answers to these challenges, probabilistic conclusions about(More)
Cloud computing offers reduced capital expenditure, operational risks, complexity and maintenance, and increased scalability while providing services at different abstraction levels, namely Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS). A new approach called cloud networking adds networking(More)
In this paper we present a slotted packet counting attack against anonymity protocols. Common packet counting attacks make strong assumptions on the setup and can easily lead to wrong conclusions, as we will show in our work. To overcome these limitations, we account for the variation of tra c load over time. We use correlation to express the relation(More)