Dr.-Ing. Gerhard Münz
Guest Scientists (Munich)
net.in.tum.devisiting address
In November 2010, I joined the Cyber Emergency Readiness Team (CERT) at Siemens.
Research Interests:
- Traffic measurement and analysis
- Attack and anomaly detection
Research Projects:
Supervised Theses:
Open:
Bearbeiter/Student | Thema/Topic | Art/Type | Betreuer/Supervisor | Links |
Running:
Bearbeiter/Student | Thema/Topic | Art/Type | Betreuer/Supervisor | Links |
Finished:
Bearbeiter/Student | Thema/Topic | Art/Type | Betreuer/Supervisor | Links |
Stefan Laner | Erkennung und Identifizierung gängiger Angriffstypen anhand von Flow-Daten | BA, November 2010 | Lothar Braun, Gerhard Münz |
|
Andreas Scheibleger | Classification of Traffic Flows using DPI | BA, October 2010 | Lothar Braun, Gerhard Münz |
|
Alexander Didebulidze | Leistungsbewertung und Verbesserung des Packet-Capturings mit PC-Hardware | Diplomarbeit, April 2010 | Lothar Braun, Gerhard Münz |
|
Kameliya Terzieva | Export von Netzstatusinformationen aus WLAN-Routern mit IPFIX | Bachelorarbeit, February 2010 | Gerhard Münz, Andreas Müller |
|
Yukun Huang | Verkehrsklassifizierung mit Methoden des maschinellen Lernens | Diplomarbeit, January 2010 | Gerhard Münz, Lothar Braun |
|
Daniel Mentz | Sichere und effiziente Übertragung von Verkehrsmessdaten | Diplomarbeit, January 2010 | Lothar Braun, Gerhard Münz |
|
Benjamin Wiesmüller | Untersuchung von TCP-Eigenschaften zur Rekonstruktion von Nachrichtenlängen | Bachelorarbeit, September 2009 | Lothar Braun, Gerhard Münz |
|
Hui Dai | Verkehrscharakterisierung anhand von Flow-Eigenschaften | Diplomarbeit, May 2009 | Lothar Braun, Gerhard Münz |
|
Publications:
| [1] | Gerhard Münz, Benoit Claise, and Paul Aitken. Configuration Data Model for the IP Flow Information Export (IPFIX) and Packet Sampling (PSAMP) Protocols. RFC 6728, October 2012. [ http ] |
| [2] | Thomas Dietz, Atsushi Kobayashi, Benoit Claise, and Gerhard Münz. Definitions of managed objects for IP flow information export. RFC 6615 (Obsoletes RFC 5815), June 2012. [ http ] |
| [3] | Benoit Claise, Paul Aitken, Andrew Johnson, and Gerhard Münz. IP Flow Information Export (IPFIX) Per Stream Control Transmission Protocol (SCTP) Stream. RFC 6526, March 2012. [ http ] |
| [4] | Andreas Müller, Gerhard Münz, and Georg Carle. Collecting Router Information for Error Diagnosis and Troubleshooting in Home Networks. In International Workshop on Wireless and Internet Services (WISe) in conjunction with the IEEE Conference on Local Computer Networks 2011 (LCN), Bonn, Germany, October 2011. [ .pdf ] |
| [5] | Atsushi Kobayashi, Benoit Claise, Gerhard Münz, and Keisuke Ishibashi. IP Flow Information (IPFIX) Mediation: Framework. RFC 6183, April 2011. [ .html ] |
| [6] | Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle. Improving Markov-based TCP Traffic Classification. In Proceedings of Communication in Distributed Systems (KiVS) 2011, Kiel, Germany, March 2011. [ .pdf ] |
| [7] | Daniel Mentz, Gerhard Münz, and Lothar Braun. Recommendations for Implementing IPFIX over DTLS. Internet-Draft (work in progress), draft-mentz-ipfix-dtls-recommendations-02, March 2011. [ http ] |
| [8] | Stephan Heckmüller, Gerhard Münz, Lothar Braun, Aaron Kunde, Bernd E. Wolfinger, and Georg Carle. Lasttransformation durch Rekonstruktion von Auftragslängen anhand von Paketdaten. Praxis der Informationsverarbeitung und Kommunikation (PIK), 33(2), June 2010. [ http ] |
| [9] | Gerhard Münz, Lothar Braun, Hui Dai, and Georg Carle. TCP-Verkehrsklassifizierung mit Markov-Modellen. Praxis der Informationsverarbeitung und Kommunikation (PIK), 33(2), June 2010. [ http ] |
| [10] | Gerhard Münz. Traffic Anomaly Detection and Cause Identification Using Flow-Level Measurements. PhD thesis, Technische Universität München, June 2010. [ .pdf ] |
| [11] | Lothar Braun, Gerhard Münz, and Georg Carle. Packet Sampling for Worm and Botnet Detection in TCP Connections. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS) 2010, Osaka, Japan, April 2010. [ .pdf ] |
| [12] | Thomas Dietz, Atsushi Kobayashi, Benoit Claise, and Gerhard Münz. Definitions of managed objects for IP flow information export. RFC 5815, April 2010. [ http ] |
| [13] | Gerhard Münz, Hui Dai, Lothar Braun, and Georg Carle. TCP traffic classification using Markov models. In Proceedings of Traffic Monitoring and Analysis Workshop (TMA) 2010, Zurich, Switzerland, April 2010. [ .pdf ] |
| [14] | Hui Dai, Gerhard Münz, Lothar Braun, and Georg Carle. TCP-Verkehrsklassifizierung mit Markov-Modellen. In Proceedings of Leistungs-, Zuverlässigkeits- und Verlässlichkeitsbewertung von Kommunikationsnetzen und Verteilten Systemen, 5. GI/ITG-Workshop MMBnet 2009, Hamburg, Germany, September 2009. [ .pdf ] |
| [15] | Stephan Heckmüller, Gerhard Münz, Lothar Braun, Aaron Kunde, Bernd E. Wolfinger, and Georg Carle. Lasttransformation durch Rekonstruktion von Auftragslängen anhand von Paketdaten. In Proceedings of Leistungs-, Zuverlässigkeits- und Verlässlichkeitsbewertung von Kommunikationsnetzen und Verteilten Systemen, 5. GI/ITG-Workshop MMBnet 2009, Hamburg, Germany, September 2009. [ .pdf ] |
| [16] | Gerhard Münz and Georg Carle. Application of forecasting techniques and control charts for traffic anomaly detection. In Proceedings of the 19th ITC Specialist Seminar on Network Usage and Traffic, Berlin, Germany, October 2008. [ .pdf ] |
| [17] | Falko Dressler, Christoph Sommer, Gerhard Münz, and Atsushi Kobayashi. IPFIX flow aggregation. Internet-Draft (work in progress), draft-dressler-ipfix-aggregation-05, July 2008. [ http ] |
| [18] | Gerhard Münz and Lothar Braun. Lossless Compression for IP Flow Information Export (IPFIX). Internet-Draft (work in progress), draft-muenz-ipfix-compression-00, July 2008. [ http ] |
| [19] | Christoph Sommer, Falko Dressler, and Gerhard Münz. Rich template set extension to the IPFIX protocol. Internet-Draft (work in progress), draft-sommer-ipfix-richtemplate-00, July 2008. [ http ] |
| [20] | Christoph Sommer, Falko Dressler, and Gerhard Münz. Mediator-specific extensions to IPFIX protocol and information model. Internet-Draft (work in progress), draft-sommer-ipfix-mediator-ext-01, July 2008. [ http ] |
| [21] | Gerhard Münz and Georg Carle. Distributed network analysis using TOPAS and Wireshark. In Proceedings of IEEE Workshop on End-to-End Monitoring Techniques and Services (E2EMon 2008), Salvador-Bahia, Brazil, April 2008. [ .pdf ] |
| [22] | Gerhard Münz, Nico Weber, and Georg Carle. Signature detection in sampled packets. In Proceedings of Workshop on Monitoring, Attack Detection and Mitigation (MonAM) 2007, Toulouse, France, November 2007. [ .pdf ] |
| [23] | Gerhard Münz, Sa Li, and Georg Carle. Traffic anomaly detection using k-means clustering. In Proceedings of Leistungs-, Zuverlässigkeits- und Verlässlichkeitsbewertung von Kommunikationsnetzen und Verteilten Systemen, 4. GI/ITG-Workshop MMBnet 2007, Hamburg, Germany, September 2007. [ .pdf ] |
| [24] | Gerhard Münz and Georg Carle. Real-time analysis of flow data for network attack detection. In Proceedings of IFIP/IEEE Symposium on Integrated Management (IM) 2007, Munich, Germany, May 2007. [ .pdf ] |
| [25] | Falko Dressler and Gerhard Münz. Flexible flow aggregation for adaptive network monitoring. In Proceedings of IEEE LCN Workshop on Network Measurements 2006, Tampa, Florida, USA, November 2006. [ .pdf ] |
| [26] | Ronny T. Lampert, Christoph Sommer, Gerhard Münz, and Falko Dressler. Vermont - A Versatile Monitoring Toolkit for IPFIX and PSAMP. In Proceedings of Workshop on Monitoring, Attack Detection and Mitigation (MonAM) 2006, Tuebingen, Germany, September 2006. [ .pdf ] |
| [27] | Lothar Braun and Gerhard Münz. Netzbasierte Angriffs- und Anomalieerkennung mit TOPAS. In GI FG SIDAR Graduierten-Workshop über Reaktive Sicherheit (SPRING), SIDAR-Report SR-2006-01, Editor: Ulrich Flegel, Berlin, Germany, July 2006. [ .pdf ] |
| [28] | Gerhard Münz, Albert Antony, Falko Dressler, and Georg Carle. Using Netconf for configuring monitoring probes. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS) 2006, Poster Session, Vancouver, Canada, April 2006. [ .pdf | .pdf ] |
| [29] | Gerhard Münz, Ali Fessi, Georg Carle, Olivier Paul, Dusan Gabrijelcic, Yannick Carlinet, Sherif Yusuf, Morris Sloman, Vrizlynn Thing, Jan van Lunteren, Patricia Sagmeister, and Gero Dittmann. DIADEM firewall: Web server overload attack detection and response. In Proceedings of Broadband Europe (BBEurope) 2005, Bordeaux, France, December 2005. [ .pdf ] |
| [30] | Falko Dressler, Gerhard Münz, and Georg Carle. CATS - Cooperating Autonomous Detection Systems. In Proceedings of 1st IFIP International Workshop on Autonomic Communication (WAC) 2004, Poster Session, Berlin, Germany, October 2004. [ .pdf | .pdf ] |
| [31] | Gerhard Münz, Stefan Pfletschinger, and Joachim Speidel. An efficient waterfilling algorithm for multiple access OFDM. In Proceedings of IEEE International Conference on Global Communications (GLOBECOM) 2002, Taipei, Taiwan, November 2002. [ .pdf ] |
| [32] | Stefan Pfletschinger, Gerhard Münz, and Joachim Speidel. Efficient subcarrier allocation for multiple access in OFDM systems. In Proceedings of 7th International OFDM-Workshop (InOWo) 2002, Hamburg, Germany, pages 21-25, 10-11, September 2002. [ .pdf ] |
More Things That Might Be of Interest:
- Dissertation on "Traffic Anomaly Detection and Cause Identification Using Flow-Level Measurements", 2010.
- Diploma thesis on "Design and Implementation of a Demonstration Platform for QoS Provisioning", 2003.
- Modified version of Trpr (TRace Plot Real-time) 1.9b9 that traces DiffServ flows.
- Student's project on "OSPF Link-State Database in GNU Zebra", 2002. Patch download.