Franziska Lichtblau

Franziska Lichtblau

Address
Max-Planck-Institut für Informatik
Saarland Informatics Campus
Campus E1 4
66123 Saarbrücken
Location
E1 4 - Room 514
Phone
+49 681 9325 3514
Fax
+49 681 9325 3599
Email
Get email via email

Personal Information

GPG / Fingerprint:

 

GPG:0x91EC5CD5 (don't trust short ids!)
0xC6C6278691EC5CD5
Fingerprint: 4FA0 F1BC 8B9A 7F64 797C
221C C6C6 2786 91EC 5CD5

 

Publications

2018
Streibelt, F., Lichtblau, F., Beverly, R., Feldmann, A., Pelsser, C., Smaragdakis, G., & Bush, R. (2018). BGP Communities: Even more Worms in the Routing Can. In IMC’18, Internet Measurement Conference. Boston, MA, USA: ACM. doi:10.1145/3278532.3278557
Export
BibTeX
@inproceedings{Streibelt_IMC2018, TITLE = {{BGP} Communities: {E}ven more Worms in the Routing Can}, AUTHOR = {Streibelt, Florian and Lichtblau, Franziska and Beverly, Robert and Feldmann, Anja and Pelsser, Cristel and Smaragdakis, Georgios and Bush, Randy}, LANGUAGE = {eng}, ISBN = {978-1-4503-5619-0}, DOI = {10.1145/3278532.3278557}, PUBLISHER = {ACM}, YEAR = {2018}, DATE = {2018}, BOOKTITLE = {IMC'18, Internet Measurement Conference}, PAGES = {279--292}, ADDRESS = {Boston, MA, USA}, }
Endnote
%0 Conference Proceedings %A Streibelt, Florian %A Lichtblau, Franziska %A Beverly, Robert %A Feldmann, Anja %A Pelsser, Cristel %A Smaragdakis, Georgios %A Bush, Randy %+ Internet Architecture, MPI for Informatics, Max Planck Society Internet Architecture, MPI for Informatics, Max Planck Society External Organizations Internet Architecture, MPI for Informatics, Max Planck Society External Organizations External Organizations External Organizations %T BGP Communities: Even more Worms in the Routing Can : %G eng %U http://hdl.handle.net/21.11116/0000-0002-BFC7-7 %R 10.1145/3278532.3278557 %D 2018 %B Internet Measurement Conference %Z date of event: 2018-10-31 - 2018-11-02 %C Boston, MA, USA %B IMC'18 %P 279 - 292 %I ACM %@ 978-1-4503-5619-0
2017
Lichtblau, F., Streibelt, F., Krüger, T., Richter, P., & Feldmann, A. (2017). Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source IP Addresses. In IMC’17, ACM Internet Measurement Conference. London, UK: ACM. doi:10.1145/3131365.3131367
Export
BibTeX
@inproceedings{Lichtblau_IMC2017, TITLE = {Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source {IP} Addresses}, AUTHOR = {Lichtblau, Franziska and Streibelt, Florian and Kr{\"u}ger, Thorben and Richter, Philipp and Feldmann, Anja}, LANGUAGE = {eng}, ISBN = {978-1-4503-5118-8}, DOI = {10.1145/3131365.3131367}, PUBLISHER = {ACM}, YEAR = {2017}, MARGINALMARK = {$\bullet$}, DATE = {2017}, BOOKTITLE = {IMC'17, ACM Internet Measurement Conference}, EDITOR = {Uhlig, Steve and Maennel, Olaf}, PAGES = {86--99}, ADDRESS = {London, UK}, }
Endnote
%0 Conference Proceedings %A Lichtblau, Franziska %A Streibelt, Florian %A Krüger, Thorben %A Richter, Philipp %A Feldmann, Anja %+ External Organizations External Organizations External Organizations External Organizations External Organizations %T Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source IP Addresses : %G eng %U http://hdl.handle.net/21.11116/0000-0000-3C35-2 %R 10.1145/3131365.3131367 %D 2017 %B ACM Internet Measurement Conference %Z date of event: 2017-11-01 - 2017-11-03 %C London, UK %B IMC'17 %E Uhlig, Steve; Maennel, Olaf %P 86 - 99 %I ACM %@ 978-1-4503-5118-8
2016
Fiebig, T., Lichtblau, F., Streibelt, F., Krueger, T., Lexis, P., Bush, R., & Feldmann, A. (2016). SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment. Retrieved from http://arxiv.org/abs/1610.05531
(arXiv: 1610.05531)
Abstract
Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users.
Export
BibTeX
@online{Fiebig2016, TITLE = {{SoK}: {An} Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment}, AUTHOR = {Fiebig, Tobias and Lichtblau, Franziska and Streibelt, Florian and Krueger, Thorben and Lexis, Pieter and Bush, Randy and Feldmann, Anja}, LANGUAGE = {eng}, URL = {http://arxiv.org/abs/1610.05531}, EPRINT = {1610.05531}, EPRINTTYPE = {arXiv}, YEAR = {2016}, MARGINALMARK = {$\bullet$}, ABSTRACT = {Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users.}, }
Endnote
%0 Report %A Fiebig, Tobias %A Lichtblau, Franziska %A Streibelt, Florian %A Krueger, Thorben %A Lexis, Pieter %A Bush, Randy %A Feldmann, Anja %+ External Organizations External Organizations External Organizations External Organizations External Organizations External Organizations External Organizations %T SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment : %G eng %U http://hdl.handle.net/11858/00-001M-0000-002E-5698-D %U http://arxiv.org/abs/1610.05531 %D 2016 %X Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users. %K Computer Science, Cryptography and Security, cs.CR

Research Interests

  • Interdomain routing
  • Internet Measurement
  • Internet topology mapping
  • Internet operations, e.g., peering

Teachings

Recent Positions

Education