Search Results

Documents authored by Carle, Georg


Document
The Critical Internet Infrastructure (Dagstuhl Seminar 13322)

Authors: Georg Carle, Jochen Schiller, Steve Uhlig, Walter Willinger, and Matthias Wählisch

Published in: Dagstuhl Reports, Volume 3, Issue 8 (2013)


Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 13322 "The Critical Internet Infrastructure". The scope of the seminar includes three main topics, rethinking perspectives on the Internet backbone, methodologies to analyze the Internet structure, and paradigms overlaying IP connectivity. The results are based on fruitful discussions between people from the research and operational community.

Cite as

Georg Carle, Jochen Schiller, Steve Uhlig, Walter Willinger, and Matthias Wählisch. The Critical Internet Infrastructure (Dagstuhl Seminar 13322). In Dagstuhl Reports, Volume 3, Issue 8, pp. 27-39, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2013)


Copy BibTex To Clipboard

@Article{carle_et_al:DagRep.3.8.27,
  author =	{Carle, Georg and Schiller, Jochen and Uhlig, Steve and Willinger, Walter and W\"{a}hlisch, Matthias},
  title =	{{The Critical Internet Infrastructure (Dagstuhl Seminar 13322)}},
  pages =	{27--39},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2013},
  volume =	{3},
  number =	{8},
  editor =	{Carle, Georg and Schiller, Jochen and Uhlig, Steve and Willinger, Walter and W\"{a}hlisch, Matthias},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.3.8.27},
  URN =		{urn:nbn:de:0030-drops-43416},
  doi =		{10.4230/DagRep.3.8.27},
  annote =	{Keywords: Internet, Backbone, Internet Services, Critical Infrastructure}
}
Document
Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)

Authors: Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König

Published in: Dagstuhl Reports, Volume 2, Issue 2 (2012)


Abstract
The increasing dependence of human society on information technology (IT) systems requires appropriate measures to cope with their misuse. The growing potential of threats, which make these systems more and more vulnerable, is caused by the complexity of the technologies themselves. The potential of threats in networked systems will further grow as well as the number of individuals who are able to abuse these systems. It becomes increasingly apparent that IT security cannot be achieved by prevention alone. Preventive measures and reactive aspects need to complement one another. A major challenge of modern IT security technologies is to cope with an exploding variability of attacks which stems from a significant commercial motivation behind them. Increasingly proactive measures are required to ward off these threats. Increased efforts in research and society are required to protect critical civil infrastructures, such as the health care system, the traffic system, power supply, trade, military networks, and others in developed countries. This is a consequence of the increasing shift of industrial IT systems to the IP protocol leading to sensible IT infrastructures which are more vulnerable as the proprietary systems used in the past. The abundance of services of modern infrastructures critically depends on information and communication technologies. Though, being key enablers of critical infrastructures, these technologies are, at the same time, reckoned among the most vulnerable elements of the whole system. The cooperative information exchange between institutions is mandatory in order to detect distributed and coordinated attacks. Based on a large-scale acquisition of pertinent information, Early Warning Systems are a currently pursued approach to draw up situation pictures that allows the detection of trends and upcoming threats, allowing furthermore taking appropriate measures. The Dagstuhl seminar brought together researchers from academia and industry. The objective of the seminar was to further discuss challenges and methods in the area of attack detection and defense. The seminar was supposed to focus on design aspects of early warning systems and related monitoring infrastructures, e.g., intrusion detection overlays, to protect computer systems, networks, and critical infrastructures. The seminar was jointly organized by Georg Carle, Hervé Debar, Hartmut König, and Jelena Mirkovic. It was attended by 34 participants from nine countries.

Cite as

Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König. Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061). In Dagstuhl Reports, Volume 2, Issue 2, pp. 1-20, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2012)


Copy BibTex To Clipboard

@Article{carle_et_al:DagRep.2.2.1,
  author =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  title =	{{Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)}},
  pages =	{1--20},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2012},
  volume =	{2},
  number =	{2},
  editor =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.2.2.1},
  URN =		{urn:nbn:de:0030-drops-34761},
  doi =		{10.4230/DagRep.2.2.1},
  annote =	{Keywords: early warning systems, critical infrastructure protection, botnets, intrusion detection, malware assessment, vulnerability analysis, network monitoring, flow analysis, denial-of-service detection and response, event correlation, attack response and countermeasures}
}
Document
Improving Markov-based TCP Traffic Classification

Authors: Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle

Published in: OASIcs, Volume 17, 17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011)


Abstract
This paper presents an improved variant of our Markov-based TCP traffic classifier and demonstrates its performance using traffic captured in a university network. Payload length, flow direction, and position of the first data packets of a TCP connection are reflected in the states of the Markov models. In addition, we integrate a new "end of connection" state to further improve the classification accuracy. Using 10-fold cross validation, we identify appropriate settings for the payload length intervals and the number of data packets considered in the models. Finally, we discuss the classification results for the different applications.

Cite as

Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle. Improving Markov-based TCP Traffic Classification. In 17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011). Open Access Series in Informatics (OASIcs), Volume 17, pp. 61-72, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2011)


Copy BibTex To Clipboard

@InProceedings{munz_et_al:OASIcs.KiVS.2011.61,
  author =	{M\"{u}nz, Gerhard and Heckm\"{u}ller, Stephan and Braun, Lothar and Carle, Georg},
  title =	{{Improving Markov-based TCP Traffic Classification}},
  booktitle =	{17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011)},
  pages =	{61--72},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-939897-27-9},
  ISSN =	{2190-6807},
  year =	{2011},
  volume =	{17},
  editor =	{Luttenberger, Norbert and Peters, Hagen},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/OASIcs.KiVS.2011.61},
  URN =		{urn:nbn:de:0030-drops-29582},
  doi =		{10.4230/OASIcs.KiVS.2011.61},
  annote =	{Keywords: Markov model, TCP Traffic Classification, network}
}
Document
1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense

Authors: Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, and Christopher Kruegel

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
From March 2nd to 6th, 2008, the Dagstuhl Perspective Workshop 08102 Net-work Attack Detection and Defense was held at the International Conference and Research Center (IBFI), Schloss Dagstuhl. The objective of the workshop was to work out a manifesto that identifies past shortcomings and future direc-tions for the field. During the workshop, several participants presented their perspective on the development of the area. Furthermore, ongoing work and on open problems were discussed. Six working groups were formed to discuss the state of the art and the challenges of future research directions. The Executive Summary describes the workshop topics and goals in general, and gives an overview of its course. Abstracts of the presentations given during the work-shop, the outcomes of the working groups, and the manifesto are put together in the online proceedings.

Cite as

Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, and Christopher Kruegel. 1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-6, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{carle_et_al:DagSemProc.08102.1,
  author =	{Carle, Georg and Dressler, Falko and Kemmerer, Richard A. and Koenig, Hartmut and Kruegel, Christopher},
  title =	{{1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--6},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.1},
  URN =		{urn:nbn:de:0030-drops-14926},
  doi =		{10.4230/DagSemProc.08102.1},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
5. 08102 Working Group – Measurement Requirements

Authors: Lothar Braun, Thorsten Braun, Georg Carle, Falko Dressler, Anja Feldmann, Dirk Haage, Tobias Limmer, and Tanja Zseby

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
The objective of this working group was to derive measurement requirements and challenges that originate from intrusion detection.

Cite as

Lothar Braun, Thorsten Braun, Georg Carle, Falko Dressler, Anja Feldmann, Dirk Haage, Tobias Limmer, and Tanja Zseby. 5. 08102 Working Group – Measurement Requirements. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{braun_et_al:DagSemProc.08102.5,
  author =	{Braun, Lothar and Braun, Thorsten and Carle, Georg and Dressler, Falko and Feldmann, Anja and Haage, Dirk and Limmer, Tobias and Zseby, Tanja},
  title =	{{5. 08102 Working Group – Measurement Requirements}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.5},
  URN =		{urn:nbn:de:0030-drops-14962},
  doi =		{10.4230/DagSemProc.08102.5},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense

Authors: Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, Christopher Kruegel, and Pavel Laskov

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
This manifesto is the result of the Perspective Workshop Network Attack Detection and Defense held in Schloss Dagstuhl (Germany) from March 2nd – 6th, 2008. The participants of the workshop represent researchers from Austria, France, Norway, the Switzerland, the United States, and Germany who work actively in the field of intrusion detection and network monitoring. The workshop attendee’s opinion was that intrusion detection and flow analysis, which have been developed as complementary approaches for the detection of network attacks, should more strongly combine event detection and correlation techniques to better meet future challenges in future reactive security. The workshop participants considered various perspectives to envision future network attack detection and defense. The following topics are seen as important in the future: the development of early warning systems, the introduction of situation awareness, the improvement of measurement technology, taxonomy of attacks, the application of intrusion and fraud detection for web services, and anomaly detection. In order to realize those visions the state of the art, the challenges, and research priorities were identified for each topic by working groups. The outcome of the discussion is summarized in working group papers which are published in the workshop proceedings. The papers were compiled by the editors to this manifesto.

Cite as

Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, Christopher Kruegel, and Pavel Laskov. 8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{carle_et_al:DagSemProc.08102.8,
  author =	{Carle, Georg and Dressler, Falko and Kemmerer, Richard A. and Koenig, Hartmut and Kruegel, Christopher and Laskov, Pavel},
  title =	{{8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--16},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.8},
  URN =		{urn:nbn:de:0030-drops-14917},
  doi =		{10.4230/DagSemProc.08102.8},
  annote =	{Keywords: Manifesto of the Dagstuhl Perspective Workshop, March 2nd - 6th, 2008}
}
Document
04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks

Authors: Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
From 03.10.04 to 06.10.04, the Dagstuhl Seminar 04411 ``Service Management and Self-Organization in IP-based Networks'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.

Cite as

Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner. 04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, pp. 1-18, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{bossardt_et_al:DagSemProc.04411.1,
  author =	{Bossardt, Matthias and Carle, Georg and Hutchison, David and Meer, Hermann de and Plattner, Bernhard},
  title =	{{04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  pages =	{1--18},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.1},
  URN =		{urn:nbn:de:0030-drops-1141},
  doi =		{10.4230/DagSemProc.04411.1},
  annote =	{Keywords: Service management , network service , self-organization , network management , programmable network , active network , peer-to-peer network ad-hoc network}
}
Document
04411 Preface – Service Management and Self-Organization in IP-based Networks

Authors: Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
Preface to the online proceedings of Dagstuhl Seminar 04411

Cite as

Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner. 04411 Preface – Service Management and Self-Organization in IP-based Networks. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{bossardt_et_al:DagSemProc.04411.2,
  author =	{Bossardt, Matthias and Carle, Georg and Hutchison, David and Meer, Hermann de and Plattner, Bernhard},
  title =	{{04411 Preface – Service Management and Self-Organization in IP-based Networks}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.2},
  URN =		{urn:nbn:de:0030-drops-827},
  doi =		{10.4230/DagSemProc.04411.2},
  annote =	{Keywords: Service management , self-organization , network management}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail