Filter by Type

Filter by Year

Sort by Date

  August 2021  30th USENIX Security Symposium Conference

PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop

Alexander Heinrich, Matthias Hollick, Thomas Schneider, Milan Stute, Christian Weinert


Apple’s offline file-sharing service AirDrop is integrated into more than 1.5 billion end-user devices worldwide. We discovered two design flaws in the underlying protocol that allow attackers to learn the phone numbers and email addresses of both sender and receiver devices. As a remediation, we study the applicability of private set intersection (PSI) to mutual authentication, which is similar to contact discovery in mobile messengers. We propose a novel optimized PSI-based protocol called PrivateDrop that addresses the specific challenges of offline resource-constrained operation and integrates seamlessly into the current AirDrop protocol stack. Using our native PrivateDrop implementation for iOS and macOS, we experimentally demonstrate that PrivateDrop preserves AirDrop’s exemplary user experience with an authentication delay well below one second. We responsibly disclosed our findings to Apple and open-sourced our PrivateDrop implementation.

  June 2021  14th ACM Conference on Security and Privacy in Wireless and Mobile Networks Conference

AirCollect: Efficiently Recovering Hashed Phone Numbers Leaked via Apple AirDrop

Alexander Heinrich, Matthias Hollick, Thomas Schneider, Milan Stute, Christian Weinert

PDF BibTeX DOI: 10.1145/3448300.3468252

Apple’s file-sharing service AirDrop leaks phone numbers and email addresses by exchanging vulnerable hash values of the user’s own contact identifiers during the authentication handshake with nearby devices. In a paper presented at USENIX Security’21, we theoretically describe two attacks to exploit these vulnerabilities and propose “PrivateDrop” as a privacy-preserving drop-in replacement for Apple’s AirDrop protocol based on private set intersection. In this demo, we show how these vulnerabilities are efficiently exploitable via Wi-Fi and physical proximity to a target. Privacy and security implications include the possibility of conducting advanced spear phishing attacks or deploying multiple “collector” devices in order to build databases that map contact identifiers to specific locations. For our proof-of-concept, we leverage a custom rainbow table construction to reverse SHA-256 hashes of phone numbers in a matter of milliseconds. We discuss the trade-off between success rate and storage requirements of the rainbow table and, after following responsible disclosure with Apple, we publish our proof-of-concept implementation as “AirCollect” on GitHub.

  June 2021  14th ACM Conference on Security and Privacy in Wireless and Mobile Networks Conference

OpenHaystack: A Framework for Tracking Personal Bluetooth Devices via Apple’s Massive Find My Network

Alexander Heinrich, Milan Stute, Matthias Hollick

BibTeX DOI: 10.1145/3448300.3468251

OpenHaystack is an open-source framework for locating personal Bluetooth devices using Apple’s Find My Network. A user can integrate it into Bluetooth-capable devices, such as notebooks, or create custom tracking accessories that can be attached to personal items (key rings, backpacks, etc.). We provide firmware images for the Nordic nRF5 chips and the ESP32. We show that they consume little energy and run from a single coin cell for a year. Our macOS application can locate personal accessories. Finally, we make both application and firmware available on GitHub.

  May 2021 Book

Sicherheitskritische Mensch-Computer-Interaktion : Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement

PDF BibTeX DOI: 10.1007/978-3-658-32795-8

Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

  May 2021  TU Darmstadt Wiesbaden Book

Information Refinement Technologies for Crisis Informatics: User Expectations and Design Implications for Social Media and Mobile Apps

Marc-André Kaufhold


Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.

  April 2021  IEEE Transactions on Mobile Computing Article

Performance and Pitfalls of 60 GHz WLANs Based on Consumer-Grade Hardware

Swentank Kumar Saha, Hany Assasa, Adrian Loch, Naveen Muralidhar Prakash, Roshan Shyamsunder, Shivang Aggarwal, Daniel Steinmetzer, Dimitrios Koutsonikolas, Joerg Widmer, Matthias Hollick

PDF BibTeX DOI: 10.1109/TMC.2020.2967386

Wireless networks operating in the 60 GHz band have the potential to provide very high throughput but face a number of challenges (e.g., high attenuation, beam training, and coping with mobility) which are widely accepted but often not well understood in practice. Understanding these challenges, and especially their actual impact on consumer-grade hardware is fundamental to fully exploit the high physical layer rates in the 60 GHz band. To this end, we perform an extensive measurement campaign using two commercial off-the-shelf 60 GHz routers in real-world environments. Our results allow us to revisit a range of issues and provide much deeper insights into the reasons for specific performance compared to prior work on performance characterization. Further, our study goes beyond basic link characterization and explores for the first time practical considerations such as coverage and access point deployment. While some of our observations are expected, we also obtain highly surprising insights that challenge the prevailing wisdom in the community. We derive the shortcomings of current commercial 60 GHz devices, and the fundamental problems that remain open on the way to fast and efficient 60 GHz networking.

  March 2021  Fachtagung Mechatronik 2021 Conference

Entwicklung eines autonomiefokussierten hochmobilen Bodenrobotersystems für den Katastrophenschutz

Marius Schnaubelt, Tobias Ullrich, Moritz Torchalla, Jonas Diegelmann, Matthias Hoffmann, Oskar von Stryk


Mobile Rettungsroboter ermöglichen den menschlichen Bedienern die Bearbeitung von Aufgaben aus sicherer Entfernung in risikoreichen Umgebungen. Durch die unstrukturierte Umgebung der komplexen und vorab unbekannten Einsatzszenarien, verursacht die aktuell übliche Teleoperation der Robotersysteme eine hohe kognitive Belastung für den Roboteroperator, was schnell zur Ermüdung führt. Durch intelligente autonome Assistenzfunktionen können die Operatoren entlastet werden, wodurch die Wahrscheinlichkeit von Bedienfehlern reduziert und die Effizienz des Robotereinsatzes erhöht werden kann. Diese innovativen Assistenzfunktionen benötigen jedoch ein mechatronisches Design, dessen Anforderungen an Hard- und Software für ein effektives Gesamtsystem eng aufeinander abgestimmt und umgesetzt werden müssen. Die Entwicklung eines hochmobilen autonomiefokussierten Bodenroboters mit modularen Sensornutzlasten ermöglicht dem Operator ein umfassendes Situationsbewusstsein sowie Unterstützung bei Navigation und Manipulation. Die Evaluation des Gesamtsystems und von Einzelkomponenten analysiert die Erfüllung des Anforderungskatalogs und demonstriert so die Eignung für (semi-)autonome Rettungsrobotikeinsätze.

  2021  60th Conference on Decision and Control (CDC2021) Conference

Discrete-Time Mean Field Control with Environment States

K. Cui, A. Tahir, M. Sinzger, H. Koeppl


Multi-agent reinforcement learning methods have shown remarkable potential in solving complex multi-agent problems but mostly lack theoretical guarantees. Recently, mean field control and mean field games have been established as a tractable solution for large-scale multi-agent problems with many agents. In this work, driven by a motivating scheduling problem, we consider a discrete-time mean field control model with common environment states. We rigorously establish approximate optimality as the number of agents grows in the finite agent case and find that a dynamic programming principle holds, resulting in the existence of an optimal stationary policy. As exact solutions are difficult in general due to the resulting continuous action space of the limiting mean field Markov decision process, we apply established deep reinforcement learning methods to solve the associated mean field control problem. The performance of the learned mean field control policy is compared to typical multi-agent reinforcement learning approaches and is found to converge to the mean field performance for sufficiently many agents, verifying the obtained theoretical results and reaching competitive solutions

  2021  24th International Conference on Artificial Intelligence and Statistics Conference

Approximately Solving Mean Field Games via Entropy-Regularized Deep Reinforcement Learning

Kai Cui, Heinz Koeppl


The recent mean field game (MFG) formalism facilitates otherwise intractable computation of approximate Nash equilibria in many-agent settings. In this paper, we consider discrete-time finite MFGs subject to finite-horizon objectives. We show that all discrete-time finite MFGs with non-constant fixed point operators fail to be contractive as typically assumed in existing MFG literature, barring convergence via fixed point iteration. Instead, we incorporate entropy-regularization and Boltzmann policies into the fixed point iteration. As a result, we obtain provable convergence to approximate fixed points where existing methods fail, and reach the original goal of approximate Nash equilibria. All proposed methods are evaluated with respect to their exploitability, on both instructive examples with tractable exact solutions and high-dimensional problems where exact methods become intractable. In high-dimensional scenarios, we apply established deep reinforcement learning methods and empirically combine fictitious play with our approximations.

  2021  2021 IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR) Conference

HectorGrapher: Continuous-time Lidar SLAM with Multi-resolution Signed Distance Function Registration for Challenging Terrain

Kevin Daun, Marius Schnaubelt, Stefan Kohlbrecher, Oskar von Stryk


For deployment in previously unknown, unstructured, and GPS-denied environments, autonomous mobile rescue robots need to localize themselves in such environments and create a map of it using a simultaneous localization and mapping (SLAM) approach. Continuous-time SLAM approaches represent the pose as a time-continuous estimate that provides high accuracy and allows correcting for distortions induced by motion during the scan capture. To enable robust and accurate real-time SLAM in challenging terrain, we propose HectorGrapher which enables accurate localization by continuous-time pose estimation and robust scan registration based on multi-resolution signed distance functions. We evaluate the method in multiple publicly available real-world datasets, as well as a data set from the RoboCup 2021 Rescue League, where we applied the proposed method to win the Best-in-Class “Exploration and Mapping” Award.

  2021  WiSec ‘20: 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks Conference

DEMO: BTLEmap: Nmap for Bluetooth Low Energy

Alexander Heinrich, Milan Stute, Matthias Hollick

PDF BibTeX DOI: 10.26083/tuprints-00017839

The market for Bluetooth Low Energy (BLE) devices is booming and, at the same time, has become an attractive target for adversaries. To improve BLE security at large, we present BTLEmap, an auditing application for BLE environments. BTLEmap is inspired by network discovery and security auditing tools such as Nmap for IP-based networks. It allows for device enumeration, Generic Attribute Profile (GATT) service discovery, and device fingerprinting. It also features a BLE advertisement dissector, data exporter, and a user-friendly UI including a proximity view. BTLEmap currently runs on iOS and macOS using Apple’s CoreBluetooth API but also accepts alternative data inputs such as a Raspberry Pi to overcome the restricted vendor API. The open-source project is under active development and will provide more advanced capabilities such as long-term device tracking (in spite of MAC address randomization) in the future.

  2021  Water Article

Optimal Resilience Enhancement of Water Distribution Systems

Imke-Sophie Lorenz, Peter F. Pelz

PDF BibTeX DOI: 10.26083/tuprints-00019245

Water distribution systems (WDSs) as critical infrastructures are subject to demand peaks due to daily consumption fluctuations, as well as long term changes in the demand pattern due to increased urbanization. Resilient design of water distribution systems is of high relevance to water suppliers. The challenging combinatorial problem of high-quality and, at the same time, low-cost water supply can be assisted by cost-benefit optimization to enhance the resilience of existing main line WDSs, as shown in this paper. A Mixed Integer Linear Problem, based on a graph-theoretical resilience index, is implemented considering WDS topology. Utilizing parallel infrastructures, specifically those of the urban transport network and the water distribution network, makes allowances for physical constraints, in order to adjust the existing WDS and to enhance resilience. Therefore, decision-makers can be assisted in choosing the optimal adjustment of WDS depending on their investment budget. Furthermore, it can be observed that, for a specific urban structure, there is a convergence of resilience enhancement with higher costs. This cost-benefit optimization is conducted for a real-world main line WDS, considering also the limitations of computational expenses.

  2021  30th USENIX Security Symposium Conference

Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi

Milan Stute, Alexander Heinrich, Jannik Lorenz, Matthias Hollick


Apple controls one of the largest mobile ecosystems, with 1.5 billion active devices worldwide, and offers twelve proprietary wireless Continuity services. Previous works have unveiled several security and privacy issues in the involved protocols. These works extensively studied AirDrop while the coverage of the remaining vast Continuity service space is still low. To facilitate the cumbersome reverse-engineering process, we describe the first guide on how to approach a structured analysis of the involved protocols using several vantage points available on macOS. Also, we develop a toolkit to automate parts of this otherwise manual process. Based on this guide, we analyze the full protocol stacks involved in three Continuity services, in particular, Handoff (HO), Universal Clipboard (UC), and Wi-Fi Password Sharing (PWS). We discover several vulnerabilities spanning from Bluetooth Low Energy (BLE) advertisements to Apple’s proprietary authentication protocols. These flaws allow for device tracking via HO’s mDNS responses, a denial-of-service (DoS) attack on HO and UC, a DoS attack on PWS that prevents Wi-Fi password entry, and a machine-in-the-middle (MitM) attack on PWS that connects a target to an attacker-controlled Wi-Fi network. Our PoC implementations demonstrate that the attacks can be mounted using affordable off-the-shelf hardware ($20 micro:bit and a Wi-Fi card). Finally, we suggest practical mitigations and share our findings with Apple, who have started to release fixes through iOS and macOS updates.

  2021  IEEE Transactions on Dependable and Secure Computing Article

RESCUE: A Resilient and Secure Device-to-Device Communication Framework for Emergencies

Milan Stute, Florian Kohnhauser, Lars Baumgärtner, Lars Almon, Matthias Hollick, Stefan Katzenbeisser, Bernd Freisleben

PDF BibTeX DOI: 10.26083/tuprints-00017838

During disasters, existing telecommunication infrastructures are often congested or even destroyed. In these situations, mobile devices can form a backup communication network for civilians and emergency services using disruption-tolerant networking (DTN) principles. Unfortunately, such distributed and resource-constrained networks are particularly susceptible to a wide range of attacks such as terrorists trying to cause more harm. In this paper, we present RESCUE, a resilient and secure device-to-device communication framework for emergency scenarios that provides comprehensive protection against common attacks. RESCUE features a minimalistic DTN protocol that, by design, is secure against notable attacks such as routing manipulations, dropping, message manipulations, blackholing, or impersonation. To further protect against message flooding and Sybil attacks, we present a twofold mitigation technique. First, a mobile and distributed certificate infrastructure particularly tailored to the emergency use case hinders the adversarial use of multiple identities. Second, a message buffer management scheme significantly increases resilience against flooding attacks, even if they originate from multiple identities, without introducing additional overhead. Finally, we demonstrate the effectiveness of RESCUE via large-scale simulations in a synthetic as well as a realistic natural disaster scenario. Our simulation results show that RESCUE achieves very good message delivery rates, even under flooding and Sybil attacks.

  2021  2021 IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR) Conference

Robust Multisensor Fusion for Reliable Mapping and Navigation in Degraded Visual Conditions

Moritz Torchalla, Marius Schnaubelt, Kevin Daun, Oskar von Stryk


We address the problem of robust simultaneous mapping and localization in degraded visual conditions using low-cost off-the-shelf radars. Current methods often use high- end radar sensors or are tightly coupled to specific sensors, limiting the applicability to new robots. In contrast, we present a sensor-agnostic processing pipeline based on a novel forward sensor model to achieve accurate updates of signed distance function-based maps and robust optimization techniques to reach robust and accurate pose estimates. Our evaluation demonstrates accurate mapping and pose estimation in indoor environments under poor visual conditions and higher accuracy compared to existing methods on publicly available benchmark data.

  November 2020  45th Local Computer Networks Symposium on Emerging Topics in Networking Conference

Topology-aware Path Planning for In-Transit Coverage of Aerial Post-Disaster Communication Assistance Systems

Julian Zobel, Benjamin Becker, Ralf Kundel, Patrick Lieser, Ralf Steinmetz

BibTeX DOI: 10.1109/LCNSymposium50271.2020.9363268

The increase in natural disasters that impair and destroy communication infrastructure over the last years simultaneously increased the importance of infrastructure-independent ad hoc communication. Especially delay-tolerant networks (DTNs) are able to provide basic communication functionality for civilians, but performance suffers from a typically highly intermittent network with clusters around important locations like shelters. Small Unmanned Aerial Vehicles (UAVs) have proven to be efficient data ferries between clusters, but they require knowledge of cluster locations and also do not cover network nodes in transit between clusters. These in-transit nodes are therefore disconnected from the network for a long time and might miss critical messages like evacuation notices or hazard warnings. This paper provides two contributions for UAV-assisted post-disaster DTN communication. First, we present a novel approach to estimate the location of dynamically changing clusters in a post-disaster scenario. Second, we introduced a topology-aware path planning approach for UAV data ferry flights, covering in-transit node on their way between clusters. Our evaluation results highlight the quality requirements on topology information for an efficient application of Aerial Post-Disaster Communication Assistance Systems and demonstrate the positive impact of in-transit node coverage on the DTN’s communication performance.

  November 2020  Proceedings of the ACM on Programming Languages Article

Rethinking Safe Consistency in Distributed Object-Oriented Programming

Mirko Köhler, Nafise Eskandani, Pascal Weisenburger, Alessandro Margara, Guido Salvaneschi

BibTeX DOI: 10.1145/3428256

Large scale distributed systems require to embrace the trade off between consistency and availability, accepting lower levels of consistency to guarantee higher availability. Existing programming languages are, however, agnostic to this compromise, resulting in consistency guarantees that are the same for the whole application and are implicitly adopted from the middleware or hardcoded in configuration files. In this paper, we propose to integrate availability in the design of an object-oriented language, allowing developers to specify different consistency and isolation constraints in the same application at the granularity of single objects. We investigate how availability levels interact with object structure and define a type system that preserves correct program behavior. Our evaluation shows that our solution performs efficiently and improves the design of distributed applications.

  September 2020  Proceedings of the 14th International Workshop on Wireless Network Testbeds, Experimental evaluation & Characterization Conference

Hardware-Accelerated Real-Time Stream Data Processing on Android with GNU Radio

Bastian Bloessl, Lars Baumgärtner, Matthias Hollick

PDF BibTeX DOI: 10.1145/3411276.3412184

With the ever-increasing performance of smartphones and tablets, they become viable platforms for applications that were, in the past, only possible on desktops or laptops. In this paper, we study their applicability for real-time stream-data processing, which is particularly interesting for Software Defined Radio (SDR) applications, enabling wireless measurement and experimentation campaigns on mobile platforms. To this end, we port GNU Radio, a state-of-theart, open source, real-time stream-data processing framework, to Android and evaluate its performance. We show that it is possible to fully benefit from available accelerators, i.e., Single Instruction Multiple Data (SIMD) and the Graphics Processing Unit (GPU), which provide considerable speedups and allow for efficient implementations. As a general-purpose real-time data processing framework, GNU Radio can provide the base for a wide range of applications. To demonstrate its flexibility, we provide example applications that implement FM and Wireless LAN (WLAN). Our toolchain is published as open source software, thus serving as an enabler for highly mobile SDR applications.

  August 2020  Datenschutz und Datensicherheit (DuD) Article

Datensicherheit von Corona-Apps nach der DSGVO

Tim Grube, Alexander Heinrich, Jan-Philipp Stroscher, Sabrina Schomberg

BibTeX DOI: 10.1007/s11623-020-1314-0

Der Beitrag analysiert die Protokolle der Konsortien DP-3T und PEPP-PT aus technischer Perspektive und grenzt diese voneinander ab. Zudem wird die technische Ausgestaltung der Entwicklerschnittstelle (API) von Google und Apple dargestellt. Aufbauend darauf erfolgt eine rechtliche Beurteilung der sich aus Art. 5 Abs. 1 lit. f, 25, 32 DSGVO ergebenden und die Datensicherheit betreffenden Kriterien und deren konkrete Umsetzung in den Protokollen.

  July 2020  WiSec 2020: 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks Conference

Acoustic Integrity Codes: Secure Device Pairing Using Short-Range Acoustic Communication

Florentin Putz, Flor Álvarez, Jiska Classen

PDF BibTeX DOI: 10.1145/3395351.3399420

Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate devices. This requires a common hardware interface, which limits the use of existing SDP systems. We propose to use short-range acoustic communication for the initial pairing. Audio hardware is commonly available on existing off-the-shelf devices and can be accessed from user space without requiring firmware or hardware modifications. We improve upon previous approaches by designing Acoustic Integrity Codes (AICs): a modulation scheme that provides message authentication on the acoustic physical layer. We analyze their security and demonstrate that we can defend against signal cancellation attacks by designing signals with low autocorrelation. Our system can detect overshadowing attacks using a ternary decision function with a threshold. In our evaluation of this SDP scheme’s security and robustness, we achieve a bit error ratio below 0.1% for a net bit rate of 100 bps with a signal-to-noise ratio (SNR) of 14 dB. Using our open-source proof-of-concept implementation on Android smartphones, we demonstrate pairing between different smartphone models.

  June 2020  International Journal of Disaster Risk Reduction (IJDRR) Article

Emergency service staff and social media – A comparative empirical study of the attitude by Emergency Services staff in Europe in 2014 and 2017

Christian Reuter, Marc-André Kaufhold, Fabian Spahr, Thomas Spielhofer, Anna Sophie Hahne

PDF BibTeX DOI: 10.1016/j.ijdrr.2020.101516

Finding a way to ensure an effective use of social media has become increasingly important to emergency services over the past decade. Despite all efforts to determine the utility of social media for emergency organisations, it is necessary to benefit from such institutions’ staffs’ opinions to establish effective use. To provide empirical evidence we present a comparison of two surveys, conducted across Europe with emergency services in 2014 and 2017 respectively, with a total of 1169 answers. The analysis shows that personal experience has an effect on how organisational usage of social media is perceived and how emergency service staff view the future use of social media. Furthermore, the use has increased. This article not only shows emergency services what their staff think about their social media usage but also discusses challenges and future directions for the design of systems that can be useful for further development of optimized organisational social media usage.

  June 2020  International Journal of Mechanics and Control Article

Optimization-Based Planning for Autonomous Traversal of Obstacles with Mobile Ground Robots

Martin Oehler, Stefan Kohlbrecher, Oskar von Stryk


Mobile robotic platforms which are traversing unstructured environments with challenging uneven terrain are permanently endangered of falling over. Previous research on trajectory planning methods for the prevention of vehicle tip-over is mostly limited to basic mobility systems with only few degrees of freedom (DOF). This paper proposes a novel optimization-based planning approach that enables mobile robots to autonomously traverse obstacles and rough terrain more safely. A 3D world model as provided from external sensors like Lidar is used to compute a whole-body motion plan in advance by optimizing the trajectories of each joint. Active flipper tracks maximize ground contact for improved traction and, if available, manipulator arm joints are used to further improve stability metrics. Additional constraints prevent collisions with the environment and the robot itself. The presented approach makes only few assumptions about the robot’s configuration and is applicable to a wide range of wheeled or tracked platforms. This is demonstrated by experimental evaluation for two different robots in simulation and for one physical robot. In four different test scenarios it is shown, that the proposed approach effectively prevents vehicle tip-over during traversal of uneven ground.

  May 2020  28th European Conference on Information Systems Conference

Warning the Public: A Survey on Attitudes, Expectations and Use of Mobile Crisis Apps in Germany

Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter


As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.

  May 2020  17th International Conference on Information Systems for Crisis Response and Management (ISCRAM 2020) Conference

LoRa-based Device-to-Device Smartphone Communication for Crisis Scenarios

Jonas Höchst, Lars Baumgärtner, Franz Kuntke, Alvar Penning, Artur Sterz, Bernd Freisleben


In this paper, we present an approach to facilitate long-range device-to-device communication via smartphones in crisis scenarios. Through a custom firmware for low-cost LoRa capable micro-controller boards, called rf95modem, common devices for end users can be enabled to use LoRa through a Bluetooth, Wi-Fi, or serial connection. We present two applications utilizing the flexibility provided by the proposed firmware. First, we introduce a novel device-to-device LoRa chat application that works a) on the two major mobile platforms Android and iOS and b) on traditional computers like notebooks using a console-based interface. Second, we demonstrate how other infrastructure-less technology can benefit from our approach by integrating it into the DTN7 delay-tolerant networking software. The firmware, the device-to-device chat application, the integration into DTN7, as well as the experimental evaluation code fragments are available under permissive open-source licenses.

  April 2020  Proceedings of the International Conference on Wirtschaftsinformatik (WI) Conference

Sticking with Landlines? Citizens’ Use and Perception of Social Media in Emergencies and Expectations Towards Emergency Services in Germany

Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter

BibTeX DOI: 10.30844/wi_2020_o2-haunschild

Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens’ perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens’ perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services’ social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.

  April 2020  2020 CHI Conference on Human Factors in Computing Systems Conference

Walk The Line: Leveraging Lateral Shifts of the Walking Path as an Input Modality for Head-Mounted Displays

Florian Müller, Martin Schmitz, Daniel Schmitt, Sebastian Günther, Markus Funk, Max Mühlhäuser

BibTeX DOI: 10.1145/3313831.3376852

Recent technological advances have made head-mounted displays (HMDs) smaller and untethered, fostering the vision of ubiquitous interaction in a digitally augmented physical world. Consequently, a major part of the interaction with such devices will happen on the go, calling for interaction techniques that allow users to interact while walking. In this paper, we explore lateral shifts of the walking path as a hands-free input modality. The available input options are visualized as lanes on the ground parallel to the user’s walking path. Users can select options by shifting the walking path sideways to the respective lane. We contribute the results of a controlled experiment with 18 participants, confirming the viability of our approach for fast, accurate, and joyful interactions. Further, based on the findings of the controlled experiment, we present three example applications.

  March 2020  Technische Universität Darmstadt Thesis

Secure device-to-device communication for emergency response

Flor Álvarez

PDF BibTeX DOI: 10.25534/tuprints-00011486

Mobile devices have the potential to make a significant impact during disasters. However, their practical impact is severely limited by the loss of access to mobile communication infrastructure: Precisely, when there is a surge in demand for communications from people in a disaster zone, this capacity for communications is severely curtailed. This loss of communications undermines the effectiveness of the many recent innovations in the use of smartphones and similar devices to mitigate the effects of disasters. While various solutions have been proposed, e. g., by having handsets form wireless ad hoc networks, none are complete: Some are specific to certain mobile operating systems or operating system versions. Others result in unacceptably increased energy consumption, flattening the batteries of phones at a time when users need to conserve energy due to the loss of access to opportunities to recharge their mobile devices. Realistic user behaviour, including patterns of movement and communications, are also rarely addressed. Further, security is rarely considered in a comprehensive and satisfying manner, leaving users exposed to a variety of potential attacks. Thus there is a compelling need to find more effective solutions for communications, energy management, and security of mobile devices operating in disaster conditions. To address these shortcomings, this thesis provides a suite of comprehensive solutions that contribute to facilitate secure device-to-device communication for emergency response. This thesis works to solve these problems by: (i) Conducting a large-scale field-trial to understand and analyze civilians’ behaviour during disaster scenarios; (ii) Proposing a practical, lightweight scheme for bootstrapping device-to-device security, that is tailored for local urban operations representative of disaster scenarios; (iii) Realizing novel energy management strategies for the neighbour discovery problem, which deliver significant energy savings in return for only a minimal reduction in neighbour discovery efficiency; (iv) The description of novel concepts for using devices in a smart city environment that remain functional following a disaster to support communications among mobile devices. In short, this thesis adds considerably to the understanding of the difficulties in the formation of direct device-to-device communications networks composed primarily of civilians’ mobile devices, and how several facets of this problem can be mitigated. Several of the proposed enhancements are also implemented. Thus, this thesis also takes essential steps in the direction of realizing such solutions to demonstrate their feasibility on real devices, intending to improve the tools available to civilians post-disaster.

  February 2020  The Art, Science, and Engineering of Programming Article

Implementing a Language for Distributed Systems: Choices and Experiences with Type Level and Macro Programming in Scala

Pascal Weisenburger, Guido Salvaneschi

PDF BibTeX DOI: 10.22152/

Multitier programming languages reduce the complexity of developing distributed systems by developing the distributed system in a single coherent code base. The compiler or the runtime separate the code for the components of the distributed system, enabling abstraction over low level implementation details such as data representation, serialization and network protocols. Our ScalaLoci language allows developers to declare the different components and their architectural relation at the type level, allowing static reasoning about about distribution and remote communication and guaranteeing static type safety across components. The compiler splits the multitier program into the component-specific code and automatically generates the communication boilerplate. Communication between components can be modeled by declaratively specifying data flows between components using reactive programming. In this paper, we report on the implementation of our design and our experience with embedding our language features into Scala as a host language. We show how a combination of Scala’s advanced type level programming and its macro system can be used to enrich the language with new abstractions. We comment on the challenges we encountered and the solutions we developed for our current implementation and outline suggestions for an improved macro system to support the such use cases of embedding of domain-specific abstractions.

  February 2020  Embedded Wireless Systems and Networks (EWSN) Conference

Improving the Reliability of Bluetooth Low Energy Connections

Michael Spörk, Jiska Classen, Carlo Alberto Boano, Matthias Hollick, Kay Römer


o sustain a reliable data exchange, applications based on Bluetooth Low Energy (BLE) need to effectively blacklist channels and adapt the physical mode of an active connection at runtime. Although the BLE specification foresees the use of these two mechanisms, their implementation is left up to the radio vendors and has not been studied in detail yet. This paper fills this gap: we first investigate experimentally how to assess the quality of a BLE connection at runtime using information gathered from the radio. We then show how this information can be used to promptly blacklist poor channels and select a physical mode that sustains a high link-layer reliability while minimizing power consumption. We implement both mechanisms on two popular platforms and show experimentally that they allow to significantly improve the reliability of BLE connections, with a reduction in packet loss by up to 22 % compared to existing solutions.

  February 2020  Technische Universität Darmstadt Thesis

Availability by Design: Practical Denial-of-Service-Resilient Distributed Wireless Networks

Milan Stute

PDF BibTeX DOI: 10.25534/tuprints-00011457

Distributed wireless networks (DWNs) where devices communicate directly without relying on Internet infrastructure are on the rise, driving new applications and paradigms such as multimedia, authentication, payment, Internet of things (IoT), vehicular communication, and emergency response. However, the increased societal reliance on technology and the resulting “always-on” expectations of the users increase the risk of denial-of-service (DoS) attacks as they can leverage disruption in new ways beyond extortions (ransomware) that are common in today’s Internet ecosystem. These new risks extend to our physical world, directly impacting our daily lives, e.g., by being locked out of a smart home or by disrupting vehicular collision avoidance systems. As a research community, we need to protect those new applications that—as we find—can be mapped to a total of three distinct networking scopes: neighbor, island, and archipelago. In this thesis, we advance the field in each of these scopes. First, we analyze two proprietary neighbor communication protocols, Apple Wireless Direct Link (AWDL) and Apple AirDrop, that are deployed on more than 1.4 billion devices worldwide. During the process, we uncover several security and privacy vulnerabilities ranging from design flaws to implementation bugs leading to a machine-in-the-middle (MitM) attack on AirDrop, a DoS attack on AWDL preventing communication, and DoS attacks enabling crashing of neighboring devices. In addition, we found privacy leaks that enable user identification and long-term tracking. All attacks can be mounted using low-cost off-the-shelf hardware. In total, we disclose eight distinct vulnerabilities that we mitigate in collaboration with Apple. Second, we design and implement a new island communication protocol tailored to IoT scenarios, which provides provable protections against previously neglected risks such as wormhole- and replay-supported greyhole attacks. We support our analytical findings with testbed experiments. Third, we propose an archipelago-scope communication framework for emergencies that achieves resiliency against flooding and Sybil attacks. We evaluate our design using an original expert knowledge-based simulation that models human mobility during the aftermath of the 2013 Typhoon Haiyan in the Philippines. Finally, and to nourish future research, we provide a guide for analyzing Apple’s wireless ecosystem and publish several software artifacts, including an AWDL Wireshark dissector, open AWDL and AirDrop implementations, a prototype of our IoT communication protocol, and our natural disaster mobility model.

  January 2020  Information Processing & Management Article

Rapid relevance classification of social media posts in disasters and emergencies: A system and evaluation featuring active, incremental and online learning

Marc-André Kaufhold, Markus Bayer, Christian Reuter

BibTeX DOI: 10.1016/j.ipm.2019.102132

The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28%/89.19% accuracy, 98.3%/89.6% precision and 80.4%/87.5% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.

  2020  IEEE Internet of Things Journal Article

LIDOR: A Lightweight DoS-Resilient Communication Protocol for Safety-Critical IoT Systems

Milan Stute, Pranay Agarwal, Abhinav Kumar, Arash Asadi, Matthias Hollick

PDF BibTeX DOI: 10.25534/tuprints-00013320

IoT devices penetrate different aspects of our life including critical services, such as health monitoring, public safety, and autonomous driving. Such safety-critical IoT systems often consist of a large number of devices and need to withstand a vast range of known Denial-of-Service (DoS) network attacks to ensure a reliable operation while offering low-latency information dissemination. As the first solution to jointly achieve these goals, we propose LIDOR, a secure and lightweight multihop communication protocol designed to withstand all known variants of packet dropping attacks. Specifically, LIDOR relies on an end-to-end feedback mechanism to detect and react on unreliable links and draws solely on efficient symmetric-key cryptographic mechanisms to protect packets in transit. We show the overhead of LIDOR analytically and provide the proof of convergence for LIDOR which makes LIDOR resilient even to strong and hard-to-detect wormhole-supported grayhole attacks. In addition, we evaluate the performance via testbed experiments. The results indicate that LIDOR improves the reliability under DoS attacks by up to 91% and reduces network overhead by 32% compared to a state-of-the-art benchmark scheme.

  2020  International Journal of Disaster Risk Reduction Article

Empirical insights for designing Information and Communication Technology for International Disaster Response

Milan Stute, Max Maass, Tom Schons, Marc-André Kaufhold, Christian Reuter, Matthias Hollick

PDF BibTeX DOI: 10.25534/tuprints-00013309

Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.

  2020  Disaster Research Days 2020 - Konferenzband Conference

Politische Naturkatastrophen - Wie Ideologien den Umgang mit Hochwasser prägten

Nadja Thiessen


Die Bewältigung von Krisen und Katastrophen weist stets auch eine politische Dimension auf. Exemplarisch lässt sich dies für das 20. Jahrhundert in Deutschland und den dortigen Umgang mit Flusshochwassern nachweisen. In den ausgewählten Fallstädten Mannheim und Dresden konnte zwar ein konstanter Bewältigungskreislauf im städtischen Hochwasserschutz identifiziert werden, wenn dieser jedoch in seinen historischen Kontext gesetzt wird, offenbaren sich Unterschiede. Sie können vor allem auf die verschiedenen politischen Rahmenbedingungen wie Staatsform und vorherrschende Ideologie zurückgeführt werden. Im folgenden Beitrag werden die Einflüsse historischer autoritärer Regime, insbesondere des Nationalsozialismus und der DDR, den demokratischen Systemen gegenübergestellt.

  2020  2020 CHI Conference on Human Factors in Computing Systems (CHI ‘20) Conference

Podoportation: Foot-Based Locomotion in Virtual Reality

Julius von Willich, Martin Schmitz, Florian Müller, Daniel Schmitt, Max Mühlhäuser

BibTeX DOI: dx.10.1145/3313831.3376626

Virtual Reality (VR) allows for infinitely large environments. However, the physical traversable space is always limited by real-world boundaries. This discrepancy between physical and virtual dimensions renders traditional locomotion methods used in real world unfeasible. To alleviate these limitations, research proposed various artificial locomotion concepts such as teleportation, treadmills, and redirected walking. However, these concepts occupy the user’s hands, require complex hardware or large physical spaces. In this paper, we contribute nine VR locomotion concepts for foot-based and hands-free locomotion, relying on the 3D position of the user’s feet and the pressure applied to the sole as input modalities. We evaluate our concepts and compare them to state-of-the-art point & teleport technique in a controlled experiment with 20 participants. The results confirm the viability of our approaches for hands-free and engaging locomotion. Further, based on the findings, we contribute a wireless hardware prototype implementation.

  November 2019  ASE2019 Conference

Automated Refactoring to Reactive Programming

Mirco Köhler, Guido Salvaneschi

PDF BibTeX DOI: 10.1109/ASE.2019.00082

Reactive programming languages and libraries, such as ReactiveX, have been shown to significantly improve software design and have seen important industrial adoption over the last years. Asynchronous applications – which are notoriously error-prone to implement and to maintain – greatly benefit from reactive programming because they can be defined in a declarative style, which improves code clarity and extensibility. In this paper, we tackle the problem of refactoring existing code bases that are designed using traditional abstractions for asynchronous programming. We propose 2Rx, a refactoring tool to automatically convert asynchronous code to reactive programming. Our evaluation on top-starred GitHub projects shows that 2Rx is effective with the most common asynchronous constructs, covering ~94.7% of the projects with asynchronous computations, and it can provide a refactoring for ~91.7% of their occurrences.

  October 2019  2019 IEEE Global Humanitarian Technology Conference (GHTC 2019) Conference

Smart Street Lights and Mobile Citizen Apps for Resilient Communication in a Digital City

Lars Baumgärtner, Jonas Höchst, Patrik Lampe, Ragnar Mogk, Artur Sterz, Pascal Weisenburger, Mira Mezini, Bernd Freisleben


Currently, nearly four billion people live in urban areas. Since this trend is increasing, natural disasters or terrorist attacks in such areas affect an increasing number of people. While information and communication technology is crucial for the operation of urban infrastructures and the well-being of its inhabitants, current technology is quite vulnerable to disruptions of various kinds. In future smart cities, a more resilient urban infrastructure is imperative to handle the increasing number of hazardous situations. We present a novel resilient communication approach based on smart street lights as part of the public infrastructure. It supports people in their everyday life and adapts its functionality to the challenges of emergency situations. Our approach relies on various environmental sensors and in-situ processing for automatic situation assessment, and a range of communication mechanisms (e.g., public WiFi hotspot functionality and mesh networking) for maintaining a communication network. Furthermore, resilience is not only achieved based on infrastructure deployed by a digital city’s municipality, but also based on integrating citizens through software that runs on their mobile devices (e.g., smartphones and tablets). Web-based zero-installation and platform-agnostic apps can switch to device-to-device communication to continue benefiting people even during a disaster situation. Our approach, featuring a covert channel for professional responders and the zero-installation app, is evaluated through a prototype implementation based on a commercially available street light.

  October 2019  13th International Workshop on Wireless Network Testbeds, Experimental Evaluation & Characterization (WiNTECH ’19) Conference

Free Your CSI: A Channel State Information Extraction Platform For Modern Wi-Fi Chipsets

Francesco Gringoli, Matthias Schulz, Jakob Link, Matthias Hollick

PDF BibTeX DOI: 10.1145/3349623.3355477

Modern wireless transmission systems heavily benefit from knowing the channel response. The evaluation of Channel State Information (CSI) during the reception of a frame preamble is fundamental to properly equalizing the rest of the transmission at the receiver side. Reporting this state information back to the transmitter facilitates mechanisms such as beamforming and MIMO, thus boosting the network performance. While these features are an integral part of standards such as 802.11ac, accessing CSI data on commercial devices is either not possible, limited to outdated chipsets or very inflexible. This hinders the research and development of innovative CSI-dependent techniques including localization, object tracking, and interference evaluation. To help researchers and practitioners, we introduce the nexmon CSI Extractor Tool. It allows per-frame CSI extraction for up to four spatial streams using up to four receive chains on modern Broadcom and Cypress Wi-Fi chips with up to 80MHz bandwidth in both the 2.4 and 5GHz bands. The tool supports devices ranging from the low-cost Raspberry Pi platform, over mobile platforms such as Nexus smartphones to state-of-the-art Wi-Fi APs. We release all tools and Wi-Fi firmware patches as extensible open source project. It includes our user-friendly smartphone application to demonstrate the CSI extraction capabilities in form of a waterfall diagram.

  October 2019  18th International Conference on Ad Hoc Networks and Wireless (ADHOC-NOW 2019) Conference

DTN7: An Open-Source Disruption-tolerant Networking Implementation of Bundle Protocol 7

Alvar Penning, Lars Baumgärtner, Jonas Höchst, Artur Sterz, Mira Mezini, Bernd Freisleben


In disruption-tolerant networking (DTN), data is transmitted in a store-carry-forward fashion from network node to network node. In this paper, we present an open source DTN implementation, called DTN7, of the recently released Bundle Protocol Version 7 (draft version 13). DTN7 is written in Go and provides features like memory safety and concurrent execution. With its modular design and interchangeable components, DTN7 facilitates DTN research and application development. Furthermore, we present results of a comparative experimental evaluation of DTN7 and other DTN systems including Serval, IBR-DTN, and Forban. Our results indicate that DTN7 is a flexible and efficient open-source multi-platform implementation of the most recent Bundle Protocol Version 7.

  October 2019  44th IEEE Conference on Local Computer Networks (LCN 2019) Conference

OPPLOAD: Offloading Computational Workflows in Opportunistic Networks

Artur Sterz, Lars Baumgärtner, Jonas Höchst, Patrick Lampe, Bernd Freisleben


Computation offloading is often used in mobile cloud computing, edge computing, and/or fog computing to cope with resource limitations of mobile devices in terms of computational power, storage, and energy. Computation offloading is particularly challenging in situations where network connectivity is periodic, intermittent, or error-prone. In this paper, we present OPPLOAD, a novel framework designed for offloading computational workflows in opportunistic networks that provide support for communication in such situations. The individual tasks forming a workflow can be assigned to particular remote execution platforms, called workers, either preselected ahead of time or decided just in time where a matching worker will automatically be assigned for the next task in the workflow. Workers announce their capabilities, i.e., tasks are only assigned to capable workers. Furthermore, tasks of a workflow can be executed on multiple workers that are automatically selected to balance the overall load. OPPLOAD also offers the ability to handle several types of error and exceptions appropriately. Our Python implementation of OPPLOAD, which uses the Serval Mesh to handle networking and routing, is publicly available as open source software. The results of our experimental evaluation demonstrate the feasibility of our approach.

  October 2019  44th IEEE Conference on Local Computer Networks (LCN) Conference

Multi-Strategy Simulation of Aerial Post-Disaster Ad Hoc Communication Support Systems

Julian Zobel, Patrick Lieser, Ralf Steinmetz


In case of destroyed or impaired infrastructure due to natural catastrophes, mobile devices such as smartphones can be used to create civilian ad hoc networks to provide basic means of communication. Due to the human behavior to form groups and cluster around significant locations in such situations, however, the network is often heavily intermittent, and thus, communication between clusters is impossible. Aerial Post-Disaster Ad Hoc Communication Support Systems can overcome the gaps between clusters, but the performance is highly dependent on factors like the applied strategy, the amount of UAVs, or their technical specifications. In this demonstration, we present different support strategies in an urban post-disaster scenario. Attendees can interact and select strategies and explore different strategy parameter settings, while observing the effect on the network performance and, additionally, gaining a comprehensive insight into the strategy behavior. The interaction with the demonstration underlines the vast amount of different settings and influence factors, an aerial system operator must take into account when selecting and adapting a strategy suitable for the current situation, as motivated in our accompanying main conference pape ZLD+19.

  August 2019  2019 World Congress on Resilience, Reliability and Asset Management (WCRRAM) Conference

The Emergency Responsive Digital City

Matthias Hollick, Anne Hofmeister, Jens Ivo Engels, Bernd Freisleben, Gerrit Hornung, Anja Klein, Michèle Knodt, Imke Lorenz, Max Mühlhäuser, Peter F. Pelz, Annette Rudolph-Cleff, Ralf Steinmetz, Florian Steinke, Oskar von Stryk


  2019  Proceedings of the ACM on Programming Languages Article

A Fault-Tolerant Programming Model for Distributed Interactive Applications

Ragnar Mogk, Joscha Drechsler, Guido Salvaneschi, Mira Mezini

PDF BibTeX DOI: 10.25534/tuprints-00014554

Ubiquitous connectivity of web, mobile, and IoT computing platforms has fostered a variety of distributed applications with decentralized state. These applications execute across multiple devices with varying reliability and connectivity. Unfortunately, there is no declarative fault-tolerant programming model for distributed interactive applications with an inherently decentralized system model. We present a novel approach to automating fault tolerance using high-level programming abstractions tailored to the needs of distributed interactive applications. Specifically, we propose a calculus that enables formal reasoning about applications’ dataflow within and across individual devices. Our calculus reinterprets the functional reactive programming model to seamlessly integrate its automated state change propagation with automated crash recovery of device-local dataflow and disconnection-tolerant distribution with guaranteed automated eventual consistency semantics based on conflict-free replicated datatypes. As a result, programmers are relieved of handling intricate details of distributing change propagation and coping with distribution failures in the presence of interactivity. We also provides proofs of our claims, an implementation of our calculus, and an empirical evaluation using a common interactive application.

  2019  Proceedings of the ACM on Programming Languages Article

Language-Integrated Privacy-Aware Distributed Queries

Guido Salvaneschi, Mirko Köhler, Daniel Sokolowski, Philipp Haller, Sebastian Erdweg, Mira Mezini

PDF BibTeX DOI: 10.25534/tuprints-00014553

Distributed query processing is an effective means for processing large amounts of data. To abstract from the technicalities of distributed systems, algorithms for operator placement automatically distribute sequential data queries over the available processing units. However, current algorithms for operator placement focus on performance and ignore privacy concerns that arise when handling sensitive data. We present a new methodology for privacy-aware operator placement that both prevents leakage of sensitive information and improves performance. Crucially, our approach is based on an information-flow type system for data queries to reason about the sensitivity of query subcomputations. Our solution unfolds in two phases. First, placement space reduction generates deployment candidates based on privacy constraints using a syntax-directed transformation driven by the information-flow type system. Second, constraint solving selects the best placement among the candidates based on a cost model that maximizes performance. We verify that our algorithm preserves the sequential behavior of queries and prevents leakage of sensitive data. We implemented the type system and placement algorithm for a new query language SecQL and demonstrate significant performance improvements in benchmarks.

Policy Papers

In our view, there is an urgent need to increase and sustain the resilience of current and future information and communication technology (ICT). We call ICT resilient if it can maintain an acceptable minimum or substitute functionality despite significant impairments and is equipped for a swift return to normal behaviour.
Auch verfügbar unter

The system of our critical infrastructures is becoming more complex and crisis-prone. Human or technical failure, natural disasters, pandemics, cyber or terrorist attacks can also lead to a supraregional power blackout in Germany that lasts longer than 24 hours.
Auch verfügbar unter

Software and Tools


In disruption-tolerant networking (DTN), data is transmitted in a store-carry-forward fashion from network node to network node. We are presenting free and open source DTN implementations of the recently released Bundle Protocol Version 7. DTN7-go is written in Go and provides features like memory safety and concurrent execution.

Source Code Project Website


Rust implementation of a daemon for DTN7 Bundle Protocol draft.

Source Code Buschfunk Project


OpenDrop is a command-line tool written in Python that allows sharing files between devices directly over Wi-Fi. Its unique feature is that it is protocol-compatible with Apple AirDrop which allows to share files with Apple devices running iOS and macOS.

Source Code Python Package Project Website


Open Wireless Link (OWL) is an open implementation of the Apple Wireless Direct Link (AWDL) ad hoc protocol for Linux and macOS written in C.

Source Code Project Website


OpenHaystack is a framework for tracking personal Bluetooth devices via Apple’s massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, …) or integrate it into other Bluetooth-capable devices such as notebooks.

Source Code Project Website


ChirpOTLE is a practical LoRaWAN security evaluation framework that provides tools for the deployment and management of a LoRa testbed based on COTS hardware. It allows managing LoRa field nodes from a central controller and to orchestrate experiments and tests using a Python 3 interface.

Source Code Project Description


“Adapter” refers to a set of newly introduced weights, typically within the layers of a transformer model. Adapters provide an alternative to fully fine-tuning the model for each downstream task, while maintaining performance.

Project Website Demonstration


We proposed SPARCODE, a community detection method that uses spectral partitioning based on estimating a robust and sparse graph model.

Source Code


image_projection is a ROS package to create various projections from multiple calibrated cameras.

Source Code


We developed a solution named PrivateDrop to replace the flawed original AirDrop design. PrivateDrop is based on optimized cryptographic private set intersection protocols that can securely perform the contact discovery process between two users without exchanging vulnerable hash values.

Source Code Project Website