Informatik VIII: Lehrstuhl für
Netzarchitekturen und Netzdienste 
Sie sind hier: Mitarbeiter → Dr. Ralph Holz
Photo of Ralph  Holz

Dr. Ralph Holz

Assoziiertes Mitglied des Lehrstuhls

Postanschrift

School of IT
University of Sydney
1 Cleveland St
Darlington NSW 2008
Australia

-

Kontakt

Tel:
Fax:
Email: ralph.holz_ÄT_sydney.edu.au

Gebäude / Raum

Building J12
Room 414
 

Current position

I am a Lecturer (Asst. Prof.) at the University of Sydney and a Conjoint Lecturer at the University of New South Wales. I also collaborate closely with Data61 (CSIRO), Australia's premier ICT innovation group.

As an adjunct member of this Chair, I continue to advise some topics. From time to time, I can offer Bachelor's/Master's theses in Australia in collaboration with TUM, aimed at outstanding students with an interest to broaden their horizon.  Please contact me directly if you are interested - and also allow ample time for an application (at least 6 months).

There are also opportunities to do a PhD with me in Sydney - applications are competitive. PhDs come with a scholarship and can be carried out in collaboration with Data61 (these are closer to industry and come with a top-up). If you wish to pursue research in Australia, please write me an email and allow enough time for an application (7+ months).

CV and further material

You can find my CV here. Please note: In order to protect their privacy, I do not give my references in public-facing documents. Please contact me directly if you need these and I'll be happy to send you the PDF with the references included.

My dissertation can be downloaded here.

GnuPG Fingerprint

A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF

Research Topics:

My research interests revolve around the general topic of network measurement and security. I generally take an empirical approach: most recently, I have given particular emphasis on empirical analysis of global authentication infrastructures and on ways to improve them. My dissertation analysed PKI deployments (X.509, SSH, OpenPGP) and investigated methods to improve X.509. As part of my dissertation, I devised Crossbear, a tool to detect and locate Man-in-the-middle attackers on TLS. Together with a team of students, Crossbear has been implemented as an add-on for Firefox, as a stand-alone Java tool, and as a module for the Open Observatory of Network Interference, a Tor sub-project.

The following is a list of topics I spend most of my time on:

  • Global-scale analysis of Internet service deployments and their security
  • Network security - especially authentication mechanisms
  • Large-scale analysis of network measurements/network-related data
  • Design and analysis of cryptographic protocols (less so in recent times)

Notes:
I follow developments in cryptography but am not a cryptographer myself. I believe that practical experimentation cannot be replaced by theoretic evaluation alone. And I use British spelling whenever I can get away with it.

 

Publications:

[1] Ralph Holz, Johanna Amann, Olivier Mehani, Matthias Wachs, and Mohamed Ali Kafaar. TLS in the wild-An Internet-wide analysis of TLS-based protocols for electronic communication. In Proc. Network and Distributed System Symposium (NDSS 2016), San Diego, CA, USA, February 2016.
[2] Olivier Mehani, Ralph Holz, Simone Ferlin, and Roksana Boreli. An early look at Multipath TCP deployment in the wild. In Proc. 6th Int. Workshop on Hot Topics in Planet-Scale Measurement, Paris, France, September 2015. [ .pdf ]
[3] Len Bass, Ralph Holz, Paul Rimba, An Binh Tran, and Liming Zhu. Securing a deployment pipeline. In Proc. 3rd Int. Workshop on Release Engineering, Florence, Italy, May 2015.
[4] Yaron Sheffer, Ralph Holz, and Peter Saint-Andre. RFC 7525: Recommendations for secure use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). Best Current Practice (BCP 195). https://tools.ietf.org/html/rfc7525, May 2015.
[5] Johann Schlamp, Ralph Holz, Oliver Gasser, Andreas Korsten, Quentin Jacquemart, Georg Carle, and Ernst W. Biersack. Investigating the nature of routing anomalies: Closing in on subprefix hijacking attacks. In Proc. 7th Int. Workshop on Traffic Monitoring and Analysis, Barcelona, Spain, April 2015. [ PDF | Springer ]
[6] Yaron Sheffer, Ralph Holz, and Peter Saint-Andre. RFC 7457: Summarizing known attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS). Informational. https://tools.ietf.org/html/rfc7457, February 2015.
[7] Oliver Gasser, Ralph Holz, and Georg Carle. A deeper understanding of SSH: results from Internet-wide scans. In Proc. 14th Network Operations and Management Symposium (NOMS), Krakow, Poland, May 2014. [ PDF | Project page ]
[8] Ralph Holz. Empirical analysis of Public Key Infrastructures and investigation of improvements. PhD thesis, Technische Universität München, May 2014. [ .pdf ]
[9] Ralph Holz, Thomas Riedmaier, Nils Kammenhuber, and Georg Carle. X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-middle. In Proc. 17th European Symposium on Research in Computer Security (ESORICS 2012), volume 7459/2012 of LNCS, pages 217-234, Pisa, Italy, September 2012. Springer Verlag. [ PDF | Springer | Project page ]
[10] Ralph Holz, Lothar Braun, Nils Kammenhuber, and Georg Carle. The SSL Landscape - A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements. In Proc. ACM/USENIX 11th Annual Internet Measurement Conference (IMC '11), Berlin, Germany, November 2011. [ PDF | ACM | USENIX | Errata/Addenda | Project page ]
[11] Alexander Ulrich, Ralph Holz, Peter Hauck, and Georg Carle. Investigating the OpenPGP Web of Trust. In Proc. 16th European Symposium on Research in Computer Security (ESORICS 2011), volume 6879/2011 of LNCS, pages 489-507. Springer Verlag, September 2011. [ PDF | Springer | Project page ]
[12] Holger Kinkelin, Ralph Holz, Heiko Niedermayer, Simon Mittelberger, and Georg Carle. On using TPM for secure identities in future home networks. Future Internet, 3(1):1-13, 2011. [ DOI | PDF | Official link ]
[13] Holger Kinkelin, Ralph Holz, Heiko Niedermayer, and Georg Carle. On using TPM for secure identities in future networks (ext. abstract). In Proceedings of Security in NGNs and the Future Internet Workshop, September 2010.
[14] Ali Fessi, Nathan Evans, Heiko Niedermayer, and Ralph Holz. Pr2-P2PSIP: Privacy Preserving P2P Signaling for VoIP and IM. In Principles, Systems and Applications of IP Telecommunications (IPTComm), Munich, August 2010. [ PDF | ACM ]
[15] Holger Kinkelin, Heiko Niedermayer, Ralph Holz, and Georg Carle. TPM-based access control for the future internet (ext. abstract). In 5th GI/ITG KuVS Workshop on Future Internet, Stuttgart, Germany, June 2010.
[16] Dirk Haage and Ralph Holz. Towards measurement consolidation for overlay optimization and service placement. Praxis der Informationsverarbeitung und Kommunikation (PIK), 10:12-15, March 2010.
[17] Ralph Holz, Christoph P. Mayer, Sebastian Mies, Heiko Niedermayer, and Muhammad Adnan Tariq. SpoVNet Security Task Force Report. Technical Report TM-2009-3, Universität Karlsruhe, Karlsruhe, Germany, December 2009. [ PDF | Project page ]
[18] Dirk Haage and Ralph Holz. Optimization of distributed services with UNISONO (ext. abstract). In GI/ITG KuVS Fachgespräch NGN Service Delivery Platforms & Service Overlay Networks, Berlin, Germany, November 2009.
[19] Ralph Holz and Dirk Haage. CLIO/UNISONO: practical distributed and overlay-wide network measurement (ext. abstract). In 4th GI/ITG KuVS Workshop on The Future Internet and 2nd Workshop on Economic Traffic Management (ETM), Zürich, Switzerland, November 2009.
[20] Heiko Niedermayer, Ralph Holz, Marc-Oliver Pahl, and Georg Carle. On Using Home Networks and Cloud Computing for a Future Internet of Things. In Proc. Future Internet Symposium 2009 (FIS 2009), Berlin, Germany, September 2009.
[21] Dirk Haage, Ralph Holz, Heiko Niedermayer, and Pavel Laskov. CLIO - a cross-layer information service for overlay network optimization. In Kommunikation in Verteilten Systemen (KiVS) 2009, Kassel, Germany, March 2009. [ PDF | Project page ]
[22] Oliver Waldhorst, Christian Blankenhorn, Dirk Haage, Ralph Holz, Gerald Koch, Boris Koldehofe, Fleming Lampi, Christoph Mayer, and Sebastian Mies. Spontaneous virtual networks: On the road towards the internet's next generation. it - Information Technology Special Issue on Next Generation Internet, 50(6):367-375, December 2008. [ PDF | Project page ]
[23] Ralph Holz and Heiko Niedermayer. A Protocol for Inter-Domain Authentication with a Trust-Rating Mechanism. In 8. Kryptotag der GI-Fachgruppe KRYPTO (Workshop). Technical Report WSI-2008-02. University of Tübingen, April 2008.
[24] Ralph Holz, Heiko Niedermayer, Peter Hauck, and Georg Carle. Trust-rated authentication for domain-structured distributed systems. In Proc. 5th European PKI Workshop: Theory and Practice (EuroPKI 2008), Trondheim, Norway, 2008. [ PDF | Springer ]

Talks / Invited talks:

[1] Ralph Holz. Managing security-relevant data from measurements on internet scale. Invited talk at Workshop on Human-Centred Technologies, University of Sydney, Australia, June 2015. [ Slides ]
[2] Ralph Holz. The sorry state of our PKIs-using Internet-wide scans to determine and improve the state of TLS and SSH. Invited talk at University of Auckland, New Zealand, June 2014.
[3] Ralph Holz. The sorry state of our PKIs-using Internet-wide scans to determine and improve the state of TLS and SSH. Invited talk at NICTA, Sydney, Australia, June 2014.
[4] Ralph Holz. One year of Crossbear (now with SSH, too!). FOSDEM style Lightning Talk at 29C3, Dec 2012. [ Slides | Video ]
[5] Ralph Holz. CrossbearSSH - notary and attack reporting for SSH. Lightning Talk at 29C3. Introduces CrossbearSSH., Dec 2012. [ Slides | Video ]
[6] Ralph Holz. The sorry state of X.509 - from certification weaknesses to Man-in-the-middle-detection. Invited talk at University of Luxembourg. Introduces new Crossbear features, Nov 2012. [ Slides ]
[7] Ralph Holz. The sorry state of X.509 - from certification weaknesses to Man-in-the-middle-detection. Invited talk at University of Trento, Italy. Adds more focus on X.509 alternatives and Crossbear, Sep 2012. [ Slides ]
[8] Ralph Holz. The SSL Landscape. Invited talk at FH Hagenberg, Austria. Our SSL talk from IMC 2011. Also discusses X.509 alternatives and introduces Crossbear, Mar 2012. [ Slides ]
[9] Ralph Holz. The SSL Landscape. Invited talk at Hortz-Goertz-Institut, Ruhr-Universitaet Bochum, Germany. Our SSL talk from IMC 2011, extended with an overview of Convergence, Sovereign Keys and Certificate Transparency, Dec 2011. [ Slides ]
[10] Ralph Holz and Thomas Riedmaier. Turning the TabLeS - and how we got there. Talk at Berlinsides, Berlin, Germany, Dec 2011. [ Slides ]
[11] Ralph Holz. Introducing Crossbear: Hunting the Men-in-the-middle. Lightning Talk at 28C3, Berlin, Germany. Introduces Crossbear, Dec 2011. [ Slides | Video ]
[12] Ralph Holz. Investigating PKI: the OpenPGP Web of Trust, with a side order of X.509. Invited talk at RWTH Aachen, Germany. Our talk at ESORICS 2011, with a teaser of our X.509 investigation, Sep 2011. [ Slides ]

Ongoing Theses:

Bearbeiter/Student

Thema/Topic

Art/Type

Betreuer/Supervisor

Links


Finished theses:

Bearbeiter/Student

Thema/Topic

Art/Type

Betreuer/Supervisor

Links

Nils Mäurer

Efficient scans of large research networks

Bachelor Thesis, 2014

Ralph Holz, Oliver Gasser

Matthias Jaros

Deployment and orchestration of network measurements using the PlanetLab testbed

Bachelor Thesis, 2014

Ralph Holz, Oliver Gasser

Stefan König

Scanning and analysing the DNS for local and temporal influences

Master Thesis, 2014

Johannes Naab, Ralph Holz

Max Liebkies

Extension of a DNS scanner and conduction of large-scale DNS scans

Master Thesis, 2014

Johannes Naab, Ralph Holz

Jan Seeger

A scientific workbench with unified access to measurement data

Master Thesis, 2014

Ralph Holz, Johann Schlamp

Johannes Naab

Scannning and Evaluating DNS Deployments in the Internet

Master Thesis, 2013

Oliver Gasser, Ralph Holz, Johann Schlamp

Franz Saller

Understanding certificate revocation: Ocsp, crls, and data sets

Master Thesis, 2013

Ralph Holz

  

Omar Tarabei

A pen-testing framework for the Munich Research Network

IDP, 2013

Ralph Holz

  

Irfan Basha

Privacy Crawler

Master Thesis, 2012

Ralph Holz

Oliver Gasser

Conducting large-scale active and passive measurements of ssh deployments

Master Thesis, 2012

Ralph Holz

Robert Kulzer

Host profiling based on remote measurements

Master thesis, 2012

Ralph Holz

Maximilian Szengel

Spontaneous Private Networking - Governed by Security Policies

Master thesis, 2012

Ralph Holz, Christian Grothoff, Bart Polot, Heiko Niedermayer

  

Andrey Uzunov

A library and proxy for SPDY

IDP, 2012

Ralph Holz

Leon Winter

A scanner for privacy-violating techniques on the WWW

IDP, 2012

Ralph Holz

Simon Dieterle

Rapping their knuckles - monitoring X.509 certificate revocation

Bachelor thesis, 2011

Ralph Holz, Nils Kammenhuber, Lothar Braun

  

David Ellermann

Protecting against JavaScript-based attacks with signatures

Bachelor thesis, 2011

Ralph Holz, Heiko Niedermayer, Phillip Fehre

Thomas Riedmaier

Turning the Tables - Hunting the SSL/TLS Men-in-the-Middle

Master thesis, 2011

Ralph Holz, Heiko Niedermayer

  

Arne Wirtz

Looking for SSH phishers, compromised hosts and weak keys

Master thesis, 2011

Ralph Holz, Marc Fouquet, Lothar Braun

  

Simon Zimmermann

PercoPastry: routing around failures

Bachelor thesis, 2011

Ralph Holz, Nils Kammenhuber

Jan Seeger

Conducting and Analysing Eclipse Attacks on the Kad P2P Network (aMule/eMule)

Bachelor thesis, 2010

Ralph Holz

  

Rainer Boie

Empirische Untersuchung von Angriffen auf strukturierte P2P-Netze

Diplomarbeit, 2009

Ralph Holz

Alexander Ulrich

Analyse und Visualisierung der Vertrauensbeziehungen in Web of Trust-Netzwerken

Studienarbeit, 2009

Ralph Holz

  

Sven Wiebusch

Entwicklung und Bewertung richtlinienbasierter Sicherheitskonzepte in spontanen virtuellen Netzen

Diplomarbeit, 2009

Ralph Holz, Heiko Niedermayer

Rainer Boie

Secure Node-ID Assignment in P2PSIP Networks

Studienarbeit, 2008

Ali Fessi, Ralph Holz

Christian Korscheck

Optimierung von virtuellen privaten Netzen mit Peer-2-Peer-Technologien

Studienarbeit

Dirk Haage, Ralph Holz


© copyright 2009 TUM Informatik VIII: Lehrstuhl für Netzarchitekturen und Netzdienste Impressum & Datenschutz