GINO

Global INternet Observatory

Contact

If you want to get in touch with our research group, feel free to contact us:

For questions and complaints on our scanning activity use the following mail address:

Motivation

Internet measurements have long been a research priority at our chair. These measurements help us better understand the Internet and its security.

Over the years, we acquired vast knowledge in the area of large scale network measurements and set up a variety of regular Internet-wide measurements. This helps us to understand the current network state and its development. GINO has supported over 30 papers and was honored with multiple Best Paper and Community Contribution awards. We seek to be harmless and conduct all measurements in an ethical manner.

If you are an interested researcher or student who wants to cooperate with us or if you have any questions, feel free to contact us. GINO is an initiative for exchanging ongoing research, concepts, and ideas in the Internet measurement domain. We are happy to talk about collaborations sharing data and insights based on our scans and work.

Internet-wide scans

We conduct various regular and ad-hoc Internet-wide scans for protocols such as HTTPS, DNS, QUIC and IPv6. These are purely scientific, and we never attempt to intrude into any system (more information on our ethical guidelines).

IPv6 Hitlist

We provide a regularly updated IPv6 Hitlist service which collects IPv6 address candidates from different sources, identifies fully responsive prefixes and tests addresses for their responsiveness. You can find more information about the service and get access to all data (historic and new) on our dedicated IPv6 Hitlist Service page. The service was established in 2018 and improved in 2022.

You can find more information about preliminary work on our dedicated IPv6 hitlist page.

DNS Scans

We conduct regular large-scale DNS scans. We collect domains from full zone files (e.g., .com, .net, .org), toplists, CT log and static domain lists. All sources combined cover more than 500M domains. We resolve all domains on a daily basis to their A, AAAA, NS and MX records. Furthermore, we resolve all domains to their SVCB and HTTPS records on a weakly basis. You can find a first overview about these records in our study A First Look at SVCB and HTTPS DNS Resource Records in the Wild.

Domain Parking

We analyzed the prevalence of domain parking on the DNS ecosystem based on active DNS scans. Parked domains can be identified using DNS indicators referring to A/AAAA/CNAME or NS values. We published the list of indicators on a github page. If you are interested in domain parking, a list of parked domains or any further information, we are happy to share our insights or data.

TLS and QUIC Scans

We conduct weekly TLS and QUIC scans. Both scans rely on ZMap to identify targets. Afterwards, stateful scanners are used to conduct full handshakes, to extract protocol, TLS and certificate information, and to send an HTTP request. We scan all identified IP addresses supporting either TLS over TCP or QUIC without SNI but also join all domains with our DNS scans and use an SNI value if possible.

Our TLS scans are based on the Goscanner. It can conduct full TLS over TCP handshakes and additional HTTP requests. It supports all TLS versions including TLS 1.3. Furthermore, methodologies to send different Client Hellos and to fingerprint servers exist (TMA'22, PAM'23, TNSM'24).

We conduct regular QUIC discovery scans based on ZMap but also complete QUIC application layer handshakes using the QScanner. Furthermore, we implemented test environment for QUIC scanners and developed a methodology to identify used QUIC libraries. For more information take a look at our papers (IMC'21, PAM'24) and published code. Feel free to contact us for further information regarding the scans, insight and available data.

Mature Studies

Toplists

We provided a day-to-day analysis of regularly used toplists. Find more information on our github Toplist page.

SMB Scans

In cooperation with the Chair of IT Security, SMB scans to detect honeypots were conducted at our chair. Find more information on SMB Scans.

Ethics

We follow best practices laid out by the scientific community such as by Dittrich et al. 1, and Partridge and Allman 2. If you are affected by these, e.g., because of IDS alerts, please contact us and we will be happy to blacklist you immediately. Further information can be found on Scans.

The involved machines are:

Host IPv6 address IPv4 address
planetlabX.gino-research.net.in.tum.de 2001:4ca0:108:42::X 138.246.253.X
dallas 2600:3c00::f03c:91ff:fe3b:d2d 45.33.5.55
singapore 2400:8901::f03c:91ff:fe3b:d08 139.162.29.117

References

  1. D. Dittrich, E. Kenneally et al., “The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research,” US Department of Homeland Security, 2012. 

  2. C. Partridge and M. Allman, “Ethical Considerations in Network Measurement Papers”, Communications of the ACM, 2016. 

Related publications

2024-07-01 Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Juliane Aulbach, Jonas Lang, Georg Carle, “An Internet-wide View on HTTPS Certificate Revocations: Observing the Revival of CRLs via Active TLS Scans,” in Proc. IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Jul. 2024. [Pdf] [DOI] [Bib]
2024-06-01 Fahad Hilal, Patrick Sattler, Kevin Vermeulen, Oliver Gasser, “A First Look At IPv6 Hypergiant Infrastructure,” Proc. ACM Netw., vol. 2, no. CoNEXT2, Jun. 2024. [Url] [Pdf] [DOI] [Bib]
2024-06-01 Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Georg Carle, Claas Grohnfeldt, Michele Russo, Daniele Sgandurra, “EFACTLS: Effective Active TLS Fingerprinting for Large-scale Server Deployment Characterization,” IEEE Transactions on Network and Service Management, vol. 21, no. 3, pp. 2582–2595, Jun. 2024. [Homepage] [Rawdata] [DOI] [Bib]
2024-05-01 Markus Sosnowski, Patrick Sattler, Johannes Zirngibl, Tim Betzer, Georg Carle, “Propagating Threat Scores With a TLS Ecosystem Graph Model Derived by Active Measurements,” in Proc. Network Traffic Measurement and Analysis Conference (TMA), May 2024. [Pdf] [Slides] [Homepage] [DOI] [Bib]
2024-03-01 Johannes Zirngibl, Florian Gebauer, Patrick Sattler, Markus Sosnowski, Georg Carle, “QUIC Hunter: Finding QUIC Deployments and Identifying Server Libraries Across the Internet,” in Passive and Active Measurement Conference (PAM), Mar. 2024. [Homepage] [DOI] [Bib]
2023-12-01 Patrick Sattler, Johannes Zirngibl, Mattijs Jonker, Oliver Gasser, Georg Carle, Ralph Holz, “Packed to the Brim: Investigating the Impact of Highly Responsive Prefixes on Internet-wide Measurement Campaigns,” Proc. ACM Netw., vol. 1, no. CoNEXT3, Dec. 2023. [Url] [Pdf] [Homepage] [DOI] [Bib]
2023-07-01 Simon Bauer, Patrick Sattler, Johannes Zirngibl, Christoph Schwarzenberg, Georg Carle, “Evaluating the Benefits: Quantifying the Effects of TCP Options, QUIC, and CDNs on Throughput,” in Proceedings of the Applied Networking Research Workshop, Jul. 2023. [Pdf] [Sourcecode] [Bib]
2023-07-01 Johannes Naab, Patrick Sattler, Johannes Zirngibl, Stephan Günther, Georg Carle, “Gotta Query ’Em All, Again! Repeatable Name Resolution with Full Dependency Provenance,” in Proceedings of the Applied Networking Research Workshop, Jul. 2023. [Pdf] [Rawdata] [Bib]
2023-07-01 Johannes Zirngibl, Patrick Sattler, Georg Carle, “A First Look at SVCB and HTTPS DNS Resource Records in the Wild,” in 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Jul. 2023. [Pdf] [DOI] [Bib]
2023-06-01 Lion Steger, Liming Kuang, Johannes Zirngibl, Georg Carle, Oliver Gasser, “Target Acquired? Evaluating Target Generation Algorithms for IPv6,” in Proceedings of the Network Traffic Measurement and Analysis Conference (TMA), Jun. 2023. Best Paper Award [Pdf] [Bib]
2023-05-01 Simon Bauer, Janluka Janelidze, Benedikt Jaeger, Patrick Sattler, Patrick Brzoza, Georg Carle, “On the Accuracy of Active Capacity Estimation in the Internet,” in 2023 IEEE/IFIP Network Operations and Management Symposium (NOMS 2023), Miami, USA, May 2023. [Pdf] [Bib]
2023-03-01 Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Georg Carle, “DissecTLS: A Scalable Active Scanner for TLS Server Configurations, Capabilities, and TLS Fingerprinting,” in Passive and Active Measurement, Mar. 2023, pp. 110–126. [Pdf] [Homepage] [Rawdata] [DOI] [Bib]
2023-01-01 Florian Streibelt, Patrick Sattler, Franziska Lichtblau, Carlos H. Gañán, Anja Feldmann, Oliver Gasser, Tobias Fiebig, “How Ready is DNS for an IPv6-Only World?,” in Passive and Active Measurement, Cham, 2023. Best Paper Award [Pdf] [DOI] [Bib]
2022-10-01 Patrick Sattler, Juliane Aulbach, Johannes Zirngibl, Georg Carle, “Towards a Tectonic Traffic Shift? Investigating Apple’s New Relay Network,” in Proceedings of the 2022 Internet Measurement Conference, Oct. 2022. [Pdf] [Homepage] [Rawdata] [Bib]
2022-10-01 Johannes Zirngibl, Lion Steger, Patrick Sattler, Oliver Gasser, Georg Carle, “Rusty Clusters? Dusting an IPv6 Research Foundation,” in Proceedings of the 2022 Internet Measurement Conference, Oct. 2022. [Pdf] [Homepage] [Rawdata] [DOI] [Bib]
2022-06-01 Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Georg Carle, Claas Grohnfeldt, Michele Russo, Daniele Sgandurra, “Active TLS Stack Fingerprinting: Characterizing TLS Server Deployments at Scale,” in Proc. Network Traffic Measurement and Analysis Conference (TMA), Jun. 2022. Best Paper Award [Pdf] [Slides] [Homepage] [Rawdata] [Bib]
2022-06-01 Johannes Zirngibl, Steffen Deusch, Patrick Sattler, Juliane Aulbach, Georg Carle, Mattijs Jonker, “Domain Parking: Largely Present, Rarely Considered!,” in Proc. Network Traffic Measurement and Analysis Conference (TMA) 2022, Jun. 2022. [Pdf] [Bib]
2022-06-01 Fabian Franzen, Lion Steger, Johannes Zirngibl, Patrick Sattler, “Looking for Honey Once Again: Detecting RDP and SMB Honeypots on the Internet,” in International Workshop on Traffic Measurements for Cybersecurity 2022, Jun. 2022. [Pdf] [Slides] [Sourcecode] [Bib]
2021-11-01 Johannes Zirngibl, Philippe Buschmann, Patrick Sattler, Benedikt Jaeger, Juliane Aulbach, Georg Carle, “It’s over 9000: Analyzing early QUIC Deployments with the Standardization on the Horizon,” in Proceedings of the 2021 Internet Measurement Conference, New York, NY, USA, Nov. 2021. [Preprint] [Homepage] [Rawdata] [Recording] [DOI] [Bib]
2019-10-01 Johannes Naab, Patrick Sattler, Jonas Jelten, Oliver Gasser, Georg Carle, “Prefix Top Lists: Gaining Insights with Prefixes from Domain-based Top Lists on DNS Deployment,” in Proceedings of the Internet Measurement Conference, New York, NY, USA, Oct. 2019, pp. 351–357. [Pdf] [Slides] [Homepage] [DOI] [Bib]
2019-10-01 Pawel Foremski, Oliver Gasser, Giovane Moura, “DNS Observatory: The Big Picture of the DNS,” in Proceedings of the 2019 Internet Measurement Conference, New York, NY, USA, Oct. 2019. [Pdf] [Slides] [DOI] [Bib]
2019-03-01 Wouter B. de Vries, Quirin Scheitle, Moritz Müller, Willem Toorop, Ralph Dolmans, Roland van Rijswijk-Deij, “A First Look at QNAME Minimization in the Domain Name System,” in Proceedings of the Passive and Active Measurement Conference (PAM 2019), Best Dataset Award, Puerto Varas, Chile, Mar. 2019. [Url] [Bib]
2018-11-01 Oliver Gasser, Quirin Scheitle, Pawel Foremski, Qasim Lone, Maciej Korczynski, Stephen D. Strowes, Luuk Hendriks, Georg Carle, “Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists,” in Proceedings of the 2018 Internet Measurement Conference, New York, NY, USA, Nov. 2018. [Pdf] [Slides] [Homepage] [Rawdata] [Arxiv] [Blog] [DOI] [Bib]
2018-11-01 Quirin Scheitle, Oliver Gasser, Theodor Nolte, Johanna Amann, Lexi Brent, Georg Carle, Ralph Holz, Thomas C. Schmidt, Matthias Wählisch, “The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem,” in Internet Measurement Conference (2018), Boston, USA, Nov. 2018, pp. 343–349. [Rawdata] [Arxiv] [DOI] [Bib]
2018-11-01 Quirin Scheitle, Oliver Hohlfeld, Julien Gamba, Jonas Jelten, Torsten Zimmermann, Stephen D. Strowes, Narseo Vallina-Rodriguez, “A Long Way to the Top: Significance, Structure, and Stability of Internet Top Lists,” in Internet Measurement Conference (IMC’18), IMC’18 Community Contribution Award, Boston, USA, Nov. 2018, pp. 478–493. [Homepage] [Rawdata] [Arxiv] [DOI] [Bib]
2018-10-01 Paul Emmerich, Maximilian Pudelko, Quirin Scheitle, Georg Carle, “Efficient Dynamic Flow Tracking for Packet Analyzers,” in CloudNet, Tokyo, Japan, Oct. 2018. [Pdf] [Bib]
2018-04-01 Quirin Scheitle, Taejoong Chung, Jens Hiller, Oliver Gasser, Johannes Naab, Roland van Rijswijk-Deij, Oliver Hohlfeld, Ralph Holz, Dave Choffnes, Alan Mislove, Georg Carle, “A First Look at Certification Authority Authorization (CAA),” ACM SIGCOMM Computer Communications Review (CCR), Apr. 2018. [Url] [Pdf] [Preprint] [Homepage] [Rawdata] [Bib]
2018-03-01 Tobias Brunnwieser, Oliver Gasser, Sree Harsha Totakura, Georg Carle, “Live Detection and Analysis of HTTPS Interceptions,” in Passive and Active Measurement Conference (PAM), Poster, Berlin, Germany, Mar. 2018. [Pdf] [Poster] [Bib]
2018-03-01 Oliver Gasser, Benjamin Hof, Max Helm, Maciej Korczynski, Ralph Holz, Georg Carle, “In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements,” in Proceedings of the Passive and Active Measurement Conference (PAM 2018), Best Paper Award, Berlin, Germany, Mar. 2018. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Blog] [Bib]
2018-03-01 Quirin Scheitle, Jonas Jelten, Oliver Hohlfeld, Luca Ciprian, Georg Carle, “Structure and Stability of Internet Top Lists,” in PAM’18 Poster, Berlin, Mar. 2018. [Arxiv] [Bib]
2017-11-01 Johanna Amann*, Oliver Gasser*, Quirin Scheitle*, Lexi Brent, Georg Carle, Ralph Holz, “Mission Accomplished? HTTPS Security after DigiNotar,” in Proceedings of the Internet Measurement Conference (IMC 2017), IMC’17 Community Contribution Award, IRTF Applied Networking Research Prize (ANRP) 2018, London, UK, Nov. 2017. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Bib]
2017-11-01 Patricia Callejo, Connor Kelton, Narseo Vallina-Rodriguez, Rubén Cuevas, Oliver Gasser, Christian Kreibich, Florian Wohlfart, Ángel Cuevas, “Opportunities and Challenges of Ad-based Measurements from the Edge of the Network,” in Proc. of the 16th ACM Workshop on Hot Topics in Networks, Nov. 2017. [Pdf] [Bib]
2017-10-01 Oliver Gasser, Quirin Scheitle, Benedikt Rudolph, Carl Denis, Nadja Schricker, Georg Carle, “The Amplification Threat Posed by Publicly Reachable BACnet Devices,” Journal of Cyber Security and Mobility, Oct. 2017. [Url] [Pdf] [Bib]
2017-08-01 Quirin Scheitle, Matthias Wählisch, Oliver Gasser, Thomas C. Schmidt, Georg Carle, “Towards an Ecosystem for Reproducible Research in Computer Networking,” in ACM SIGCOMM Reproducibility Workshop, Los Angeles, USA, Aug. 2017. [Pdf] [Slides] [Bib]
2017-06-01 Matthias Wachs, Quirin Scheitle, Georg Carle, “Push Away Your Privacy: Precise User Tracking Based on TLS Client Certificate Authentication,” in Network Traffic Measurement and Analysis Conference (TMA), Best Paper Award TMA’17, IEEE ComSoc ITC Best Paper Award 2017, Jun. 2017. [Pdf] [Slides] [Recording] [Bib]
2017-06-01 Quirin Scheitle, Oliver Gasser, Minoo Rouhi, Georg Carle, “Large-Scale Classification of IPv6-IPv4 Siblings with Variable Clock Skew,” in Network Traffic Measurement and Analysis Conference (TMA), Jun. 2017. [Pdf] [Slides] [Rawdata] [Recording] [Arxiv] [Bib]
2017-06-01 Quirin Scheitle, Oliver Gasser, Patrick Sattler, Georg Carle, “HLOC: Hints-Based Geolocation Leveraging Multiple Measurement Frameworks,” in Network Traffic Measurement and Analysis Conference (TMA), Best Dataset Award, Dublin, Ireland, Jun. 2017. [Pdf] [Slides] [Rawdata] [Arxiv] [Bib]
2017-05-01 Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Security Implications of Publicly Reachable Building Automation Systems,” in Proc. 2nd Int. Workshop on Traffic Measurements for Cybersecurity, San Jose, CA, USA, May 2017. [Pdf] [Bib]
2017-02-01 Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle, “Öffentlich erreichbare Gebäudeautomatisierung: Amplification-Anfälligkeit von BACnet und Deployment-Analyse im Internet und DFN,” in 24. DFN-Konferenz Sicherheit in vernetzten Systemen, Hamburg, Germany, Feb. 2017. [Pdf] [Bib]
2016-04-01 Oliver Gasser, Quirin Scheitle, Sebastian Gebhard, Georg Carle, “Scanning the IPv6 Internet: Towards a Comprehensive Hitlist,” in Proc. 8th Int. Workshop on Traffic Monitoring and Analysis, Louvain-la-Neuve, Belgium, Apr. 2016. [Url] [Pdf] [Slides] [Bib]
2016-03-01 Quirin Scheitle, Matthias Wachs, Johannes Zirngibl, Georg Carle, “Analyzing Locality of Mobile Messaging Traffic using the MATAdOR Framework,” in Passive and Active Measurements Conference (PAM) 2016 , Heraklion, Greece, Mar. 2016, pp. 190–202. [Pdf] [Preprint] [Slides] [Homepage] [Rawdata] [DOI] [Bib]

Finished student theses

Author Title Type Advisors Year Links
Matthias Kirstein Happy Eyeballs: A Comprehensive Analysis of the Deployment and Configuration Across Various Versions and Implementations BA Patrick Sattler, Johannes Zirngibl, Lars Wüstrich 2024
Dimitar Vasilev Sourcing Service-Specific IPv6-Hitlists using IPv4 Port Scans and Subdomain Analysis BA Patrick Sattler, Lion Steger, Johannes Zirngibl 2024
Tim Betzer Graph-based Modeling and Analysis of the TLS Ecosystem MA Markus Sosnowski 2024
Andreas Cselovsyky Exploring the Physical Locations of iCloud Private Relay Egress Nodes BA Patrick Sattler, Johannes Zirngibl, Lion Steger 2023
Christian Benedikt Dietze Tracking the Lifetime of Domains MA Johannes Zirngibl, Patrick Sattler 2023
Franz Bauernschmitt Evalution of Network Categorization Strategies BA Lion Steger, Johannes Zirngibl, Patrick Sattler 2023
Lukas Schröder Clustering Autonomous System Prefixes using BGP Data IDP Max Helm, Patrick Sattler 2023
Iñigo Varas Autonomous System Models using BGP Data and GNNs BA Max Helm, Benedikt Jaeger, Johannes Zirngibl, Patrick Sattler 2023
Niklas Beck Root Cause Analysis for Throughput Limitations of QUIC Connections MA Simon Bauer, Johannes Zirngibl 2023
Lukas Bernwald Towards Consistency in Distributed REST API Caching MA Markus Sosnowski, Richard von Seck 2023
Dan Bachar Enhancing Distributed REST APIs on the Fly BA Markus Sosnowski, Florian Wiedner 2023
David Weissmann The Impact of iCloud Private Relay on Networks BA Patrick Sattler, Johannes Zirngibl 2023
Tobias Wothge Egress Node Behavior in iCloud Private Relay IDP Patrick Sattler, Johannes Zirngibl, Lars Wüstrich, Lion Steger 2023
Louis Pydde TLS Certificate Usage Evaluation BA Patrick Sattler, Johannes Zirngibl 2023
Tobias Zierl Evaluating Domain Presence in Certificate Transparency Logs BA Patrick Sattler, Johannes Zirngibl 2023
Benedikt Ruben Schaschko Inferring AS Links from a Tier 1 Dataset BA Patrick Sattler, Johannes Zirngibl 2023
Tobias Wasner Continuous Monitoring and Quality Assessment of Internet-wide Scans IDP Patrick Sattler, Johannes Zirngibl 2023
Simon Karan Guayana Analyzing the Effect of Transport Parameters on QUIC’s Performance BA Johannes Zirngibl, Benedikt Jaeger 2022
Marcel Kempf Analysis of Performance Limitations in QUIC Implementations MA Benedikt Jaeger, Johannes Zirngibl 2022
Florian Gebauer Evaluating Different QUIC Scan Approaches BA Johannes Zirngibl, Patrick Sattler 2022
Yudhistira Wibowo Analysis of Blocklisted TLS Servers BA Johannes Zirngibl, Patrick Sattler 2022
Robert Dillitz Transformation and Evaluation of TLS Behavior Graphs MA Johannes Zirngibl, Benedikt Jaeger, Markus Sosnowski 2022
Zhou Lu Structural Analysis of Internet Measurement Anomalies MA Lion Steger, Johannes Zirngibl 2022
Liming Kuang Target Generation for IPv6 Hitlists BA Lion Steger, Johannes Zirngibl 2022
Christian Benedikt Dietze Setup and Deployment of a Resilient Internet Scanning Infrastructure IDP Patrick Sattler, Johannes Zirngibl 2022
Mohammad Shaharyar Shaukat Measuring the Impact of Transport Layer Protocols and Their Configuration on the Performance of Connections MA Simon Bauer, Patrick Sattler, Johannes Zirngibl 2022
Rene Jung Detecting the Internet Presence of Organizations Utilizing the Graph Structure of the TLS Ecosystem BA Markus Sosnowski, Patrick Sattler 2022
Patrick Großmann Extended Usage Analysis of EDNS Client Subnet BA Patrick Sattler, Johannes Zirngibl, Lion Steger 2022
Theresa Gräbner Setup and Deployment of a Large Scale Certificate Scan Database BA Patrick Sattler, Johannes Zirngibl 2022
Tim Betzer Propagate Distrust Among Servers Utilizing the Graph Structure of the TLS Ecosystem IDP Markus Sosnowski 2022
Jonas Lang Towards an Internet-Wide Certificate Revocation Observatory IDP Juliane Aulbach, Markus Sosnowski, Patrick Sattler 2022
Lion Steger State of the IPv6 Internet: Revisiting IPv6 Hitlists BA Johannes Zirngibl, Patrick Sattler, Juliane Aulbach, Oliver Gasser 2021
Raphael Schmid ROV + IRR: Are Authorized Routes Registered? BA Johannes Zirngibl, Patrick Sattler, Juliane Aulbach 2021
Pascal Henschke Analyzing BGP as a Graph BA Johannes Zirngibl, Patrick Sattler, Juliane Aulbach 2021
Steffen Deusch Analyzing the Effect of Domain Parking on DNS Based Research BA Johannes Zirngibl, Patrick Sattler, Juliane Aulbach 2021
Felix Myhsok Blocklists: Who is blocked? BA Johannes Zirngibl, Patrick Sattler, Markus Sosnowski 2021
Daniel Hegedüs The First Year of QUIC v1 Deployment BA Johannes Zirngibl, Patrick Sattler, Benedikt Jaeger, Juliane Aulbach 2021
Ben Riegel Assessing Link Utilization From Passive Datasets BA Simon Bauer, Johannes Zirngibl 2021
Patryk Brzoza KPI Analysis of Webserver Traffic through Active Measurements MA Simon Bauer, Benedikt Jaeger, Patrick Sattler, Christoph Schwarzenberg 2021
Yannik Gehring Revealing Organizational Structures in an Internet-wide TLS Graph MA Markus Sosnowski, Patrick Sattler, Juliane Aulbach 2021
Tim Betzer A Systematic TLS Scanning Approach Minimizing the Used Requests and Comparison with other TLS Scanners GR Markus Sosnowski, Patrick Sattler 2021
Zeynep Sonkaya Development of an Efficient Large Scale DNS Scanning Pipeline IDP Patrick Sattler, Johannes Zirngibl 2021
Tobias Wothge Industrial Control Systems (ICS) Protocol Detection BA Patrick Sattler, Lars Wüstrich, Johannes Zirngibl 2021
Karoline Ilse IPv6 Deployment Analysis using BGP Announcements BA Patrick Sattler, Johannes Zirngibl, Juliane Aulbach 2021
Roland Bernhard Reif Detecting BGP Hijacking in Real Time IDP Patrick Sattler, Johannes Zirngibl 2020
Christian Wahl Analyzing the Stability and Expressiveness of Large-Scale DNS Scans MA Patrick Sattler, Johannes Zirngibl, Juliane Aulbach 2020
Jasper von der Heidt Analyzing PTP Master Clocks in the Wild BA Johannes Zirngibl, Max Helm, Henning Stubbe 2020
Philippe Buschmann Analyzing Quic in the wild MA Johannes Zirngibl, Patrick Sattler, Benedikt Jaeger, Juliane Aulbach 2020
Christian Kilb Blocklists: What is blocked and why? IDP Johannes Zirngibl, Patrick Sattler, Markus Sosnowski 2020
Sebastian Heinrich Kappes An Analysis of the Development and Early Deployment of Encrypted SNI BA Johannes Zirngibl, Max Helm, Patrick Sattler 2020
Lennart Keller Packet Pacing with the QUIC Protocol BA Benedikt Jaeger, Johannes Zirngibl 2020
Robert Dillitz Uncovering PTP Master Clocks in the Wild BA Johannes Zirngibl, Max Helm, Henning Stubbe 2020
Roland Bernhard Reif Analysis of EDNS Client-Subnet Load Balancing BA Patrick Sattler, Johannes Zirngibl 2019
Leo Schedelbeck rDNS Leaks - Disclosing the Real Infrastructure of Shadowed Services BA, MA, IDP Johannes Zirngibl, Patrick Sattler 2019
Dominik Kreutzer Nameserver Rate Limits - Dynamic Adjustment of Scan Behavior BA, MA, IDP Johannes Zirngibl, Johannes Naab 2019
Johannes Zirngibl Extensive Analysis of IPv6 Address Assignment and its rDNS Special Domain ip6.arpa. MA Johannes Naab, Quirin Scheitle 2018
Johannes Zirngibl Creating IPv6 Hitlists through Rigorous and Deterministic rDNS Walking IDP Johannes Naab, Quirin Scheitle 2018
Hamza Zafar Amplification Attack Detection using Active Measurements MA Simon Bauer, Oliver Gasser, Stefan Metzger 2018
Felix Beil Long Term Analysis of HTTP Strict Transport Security BA Quirin Scheitle, Oliver Gasser 2018
Ralf Baun Performance and Security Analysis of Alternative DNS Transports BA Quirin Scheitle, Johannes Naab 2018
Glenn Skjong Internet Toplists: Creating an Alternative Internet Top List Service MA Quirin Scheitle, Jonas Jelten 2018
Johannes Schleger Detection and Characterization of TLS Interception in Access Networks MA Jonas Jelten, Florian Wohlfart, Quirin Scheitle 2018
Alexander Schulz Identification of IPv6-IPv4 Sibling Pairs from Passive Observations BA Quirin Scheitle, Oliver Gasser, Minoo Rouhi 2017
Samy el Deib Detecting IPv6-IPv4 Sibling Pairs Based on few Data Points BA Quirin Scheitle, Oliver Gasser, Minoo Rouhi 2017
Florens Werner Finding Active IPv6 Addresses BA Quirin Scheitle, Oliver Gasser, Johannes Naab 2017
Fabian Raab Influence of BGP Community Attributes on Routing and Internet Traffic IDP Oliver Gasser, Quirin Scheitle, Christoph Dietzel 2017
Tobias Brunnwieser A Framework for Detection and Analysis of HTTPS Interception MA Oliver Gasser, Sree Harsha Totakura, Florian Wohlfart 2017
Max Helm Traceable Measurement Result Publication in Append-only Ledgers MA Oliver Gasser, Benjamin Hof, Quirin Scheitle 2017
Emanuel Vintila Continuous Development of Open Source C++ Flow Toolkit HiWi Oliver Gasser, Johannes Naab 2017
Jan-Philipp Lauinger Evaluating Client Discrimination in Anonymization Networks Using Active Network Scans Forschungspraxis Oliver Gasser, Sree Harsha Totakura 2017
Hendrik Eichner Revisiting SSH Security in the Internet BA Oliver Gasser, Minoo Rouhi 2017
Max Helm Evaluating TLS Certificate Transparency Logs using Active Scans IDP Oliver Gasser, Benjamin Hof 2017
Maximilian Pudelko Payload Extraction for Flows with Anomalous TTL Behaviour IDP Quirin Scheitle, Paul Emmerich 2017
Markus Sosnowski Internet-Wide Assessment of TCP Options BA Quirin Scheitle, Oliver Gasser, Minoo Rouhi, Paul Emmerich, Dominik Scholz 2017
Thomas Bachmaier Scanning for TCP SYN Proxy Implementations BA Dominik Scholz, Paul Emmerich, Quirin Scheitle, Minoo Rouhi 2017
Johannes Fischer Browser-based Internet connection testing MA Florian Wohlfart, Oliver Gasser 2016
Jonas Heintzenberg Browser-based Internet connection testing BA Florian Wohlfart, Oliver Gasser 2016
Sven Hertle Analysis of cellular ISP networks MA Florian Wohlfart 2016
Patrick Sattler Parsing geographical locations from DNS names GR Quirin Scheitle, Oliver Gasser 2016
Frank Schmidt Large Scale DNS Scanner in Go MA Johannes Naab, Oliver Gasser 2016
Pirmin Blanz IPv6 TLS Security Scanning MA Oliver Gasser, Quirin Scheitle 2016
Michael Köpferl Evaluation of amplification attacks in large-scale networks to improve detection performance IDP Oliver Gasser, Stefan Metzger 2016

Open and running student theses

Author Title Type Advisors Year Links
Saloni Mordekar Analysis and Measurement of Internet Security Best Practices BA Tim Betzer, Christian Dietze 2024
Ben Asam Evaluating Methods for Increasing AS Coverage of IPv6 Hitlists BA Lion Steger, Michael Oberrauch, Tim Betzer 2024
Max Reimann Identifying Trends in Aftermarket Domain Sales MA Christian Dietze, Patrick Sattler 2024
Louis Pydde Efficient x509 Certificate Metadata Store IDP Patrick Sattler, Lion Steger, Christian Dietze 2024
Jenna Gudehege Analysis of IPv6 Hitlist sources BA Lion Steger, Patrick Sattler, Johannes Zirngibl 2024
Eduard Rupp Improving Efficiency of IPv6 Measurements IDP Lion Steger, Patrick Sattler, Johannes Zirngibl 2024
Tobias Wothge ASQ-GINO: Answering Scoped Queries with the Global INternet Observatory MA Patrick Sattler, Lion Steger, Johannes Zirngibl 2024