Jan Rüth

Enabling ubiquitous interaction with smart things

Within the Internet of Things (IoT), Smart Things (STs) promise to permeate all contexts of daily life, offering digital access to their physical functionality. Mobile users then would be able to ubiquitously and spontaneously interact with things they encounter, enabling a wealth of diverse usage scenarios and applications. Currently, however, ST interaction requires a pre-controlled Internet or network connection as well as the prior installation of the ST-specific interaction interface, i.e., smartphone app. Users can thus only interact with known things, in contrast to the vision of spontaneous, ubiquitous discovery and interaction. We thus propose STIF (Smart Things Interaction Framework), enabling local wireless discovery of STs spontaneously via Wi-Fi, Bluetooth Low Energy, Visible Light Communication, or Acoustic Communication. STIF allows STs to transmit their interaction interface directly to users and supports interaction based on user input via touch and AR GUIs as well as motion and speech recognition. We implement STIF for Android phones as well as Arduino and Raspberry Pi things and demonstrate the real-life applicability of the supported communication and interaction techniques.

A First Look at QUIC in the Wild

For the first time since the establishment of TCP and UDP, the Internet transport layer is subject to a major change by the introduction of QUIC. Initiated by Google in 2012, QUIC provides a reliable, connection-oriented low-latency and fully encrypted transport. In this paper, we provide the first broad assessment of QUIC usage in the wild. We monitor the entire IPv4 address space since August 2016 and about 46% of the DNS namespace to detected QUIC-capable infrastructures. Our scans show that the number of QUIC-capable IPs has more than tripled since then to over 617.59 K. We find around 161K domains hosted on QUIC-enabled infrastructure, but only 15K of them present valid certificates over QUIC. Second, we analyze one year of traffic traces provided by MAWI, one day of a major European tier-1 ISP and from a large IXP to understand the dominance of QUIC in the Internet traffic mix. We find QUIC to account for 2.6% to 9.1% of the current Internet traffic, depending on the vantage point. This share is dominated by Google pushing up to 42.1% of its traffic via QUIC.

Large-scale scanning of TCP's initial window

Improving web performance is fueling the debate of sizing TCPs initial congestion window (IW), which is a critical performance parameter especially for short-lived flows. This debate yielded several RFC updates to recommended IW sizes, e.g., an increase to IW10 in 2010. The current adoption of IW recommendations is, however, unknown. In this paper, we therefore conduct large-scale measurements covering the entire IPv4 space inferring the IW distribution size by probing HTTP and HTTPS servers. We present an HTTP and TLS scanning method implemented in ZMap, enabling quick estimations of IW sizes at Internet scale. For the first time since the standardization and implementation of IW 10, we shed light on the rugged landscape of IW configurations on the Internet.

Demo: Ubiquitous interaction with smart objects

Increasingly, everyday physical objects become “smart” by making their functionality accessible, controllable, and extensible for Internet-based users and services via a connection to the digital world. Deployed in scenarios that range from private households over offices to public spaces, smart objects enable ubiquitous “smart spaces” that build on interaction with mobile users. However, ubiquitous interaction with smart objects is currently complicated by three factors. 1) Communication with objects requires Internet or local network access, a requirement that is not met under ground, abroad, or when lacking access credentials to 802.11 networks. 2) Identifying a specific object from the envisioned billions of objects requires a suitable discovery mechanism, introducing delays and mandating object owners to disclose object semantics. 3) Interacting with object functionalities mandates an a-priori installation of a specific app, that provides a human-usable interface, per object and use case, resulting in an abundance of (redundant) apps. We argue that smart object interaction is thereby restricted to pre-defined scenarios and objects, e.g., at home or in offices. In this demonstration, we strive to make smart object interaction ubiquitous. Current approaches abstract from user locations and contexts via the Internet but lack support for spontaneous discovery and interaction with possibly unknown objects in the immediate vicinity of the user. In order to enable such interaction, we address the aforementioned factors by 1) enabling direct communication and interaction with objects over Bluetooth 4.0 Low Energy (BLE), removing the need for network access and reducing the discovery scope to the intuitive local interaction scope of the user and 2) enable

Digging into Browser-based Crypto Mining.

Mining is the foundation of blockchain-based cryptocurrencies such as Bitcoin rewarding the miner for finding blocks for new transactions. The Monero currency enables mining with standard hardware in contrast to special hardware (ASICs) as often used in Bitcoin, paving the way for in-browser mining as a new revenue model for website operators. In this work, we study the prevalence of this new phenomenon. We identify and classify mining websites in 138M domains and present a new fingerprinting method which finds up to a factor of 5.7 more miners than publicly available block lists. Our work identifies and dissects Coinhive as the major browser-mining stakeholder. Further, we present a new method to associate mined blocks in the Monero blockchain to mining pools and uncover that Coinhive currently contributes 1.18% of mined blocks having turned over 1293 Moneros in June 2018.

Privacy-Preserving HMM Forward Computation

In many areas such as bioinformatics, pattern recognition, and signal processing, Hidden Markov Models (HMMs) have become an indispensable statistical tool. A fundamental building block for these applications is the Forward algorithm which computes the likelihood to observe a given sequence of emissions for a given HMM. The classical Forward algorithm requires that one party holds both the model and observation sequences. However, we observe for many emerging applications and services that the models and observation sequences are held by different parties who are not able to share their information due to applicable data protection legislation or due to concerns over intellectual property and privacy. This renders the application of HMMs infeasible. In this paper, we show how to resolve this evident conflict of interests using secure two-party computation. Concretely, we propose Priward which enables two mutually untrusting parties to compute the Forward algorithm securely, i.e., without requiring either party to share her sensitive inputs with the other or any third party. The evaluation of our implementation of Priward shows that our solution is efficient, accurate, and outperforms related works by a factor of 4 to 126. To highlight the applicability of our approach in real-world deployments, we combine Priward with the widely used HMMER biosequence analysis framework and show how to analyze real genome sequences in a privacy-preserving manner.

A wireless application overlay for ubiquitous mobile multimedia sensing and interaction

Mobile users are continuously surrounded by heterogeneous (mobile) devices that provide a basis for direct multimedia interaction within the immediate physical context. However, current multimedia approaches are restricted to sense the availability of devices and their respective multimedia application content through Internet services that manage the locality of devices and content. Each service thereby manages only the narrow context of each device according to the respective application, preventing devices and approaches from sensing the diversity, spontaneity, and dynamics of mobile contexts and the physical interaction scope. Orthogonally, we facilitate direct and ubiquitous mobile multimedia sensing and interaction in 802.11 and 802.15.4 within the unrestricted physical context of mobile devices. Removing the need for Internet services or wireless networks, we derive a wireless service overlay over the sensed media in the locality of a device that exposes media to applications. Our technical evaluation shows the feasibility of the underlying uncoordinated, unrestricted network-less communication. We substantiate our design along an implementation of traditional and novel mobile use cases, illustrating the design space made accessible by our approach.

Characterizing a Meta-CDN

CDNs have reshaped the Internet architecture at large. They operate (globally) distributed networks of servers to reduce latencies as well as to increase availability for content and to handle large traffic bursts. Traditionally, content providers were mostly limited to a single CDN operator. However, in recent years, more and more content providers employ multiple CDNs to serve the same content and provide the same services. Thus, switching between CDNs, which can be beneficial to reduce costs or to select CDNs by optimal performance in different geographic regions or to overcome CDN-specific outages, becomes an important task. Services that tackle this task emerged, also known as CDN broker, Multi-CDN selectors, or Meta-CDNs. Despite their existence, little is known about Meta-CDN operation in the wild. In this paper, we thus shed light on this topic by dissecting a major Meta-CDN. Our analysis provides insights into its infrastructure, its operation in practice, and its usage by Internet sites. We leverage PlanetLab and Ripe Atlas as distributed infrastructures to study how a Meta-CDN impacts the web latency.

Towards In-Network Industrial Feedback Control

Controlling physical machinery and processes is at the core of production automation. However, challenged by inflexibility, automation and control is evaluating to outsource this control to resourceful cloud environments. While this enables to derive better control through a plethora of measurements, it challenges the control quality through delay introduced through networks. In this paper, we show how to unify control and communication by offloading delay sensitive control tasks from the cloud to local network elements --- a previously unexplored area for in-network processing --- enabling both, ultra-high quality-of-control and scalable orchestration through cloud environments. Our implementation demonstrates how we combine state of the art control with communication. We achieve this by expressing the control and the datapath in P4 which we synthesize to BPF programs that we execute in XDP environments on Netronome SmartNICs. Further, we highlight the demands of control towards communication to build more involved and complex in-network controllers.

Communication and Networking for the Industrial Internet of Things

In the past, communication in industrial monitoring, automation, and control was mostly realized locally, often relying on wired solutions, restricting communication and control to single factory environments. To overcome this limitation, the Industrial Internet of Things (IIoT) envisions the integration of these local communication structures into larger systems, such as the interconnection between factories and suppliers, or even the Internet. Moreover, to achieve flexibility with regard to automation processes and to save costs in deployment and maintenance, wireless solutions more and more find their way into factories. In this chapter, we present recent efforts and standardized solutions to realize wireless communication for local industrial automation and ultimately identify the requirements and mechanisms for connecting these setups to globally accessible communication infrastructures. To this end, we focus on special requirements unique to the IIoT, e.g., the use of highly constraint devices and the resulting effects on the use of standardized protocols.