email address: research@...

Tobias Lauinger

PhD student in Information Assurance at Northeastern University, Boston.

Computer Science Research in  Systems Security • Network Security • Underground Economies.

Research Areas

File Sharing/One-Click Hosting

"Illegal file sharing" or "piracy", also known as copyright infringement, is a common activity on the Internet. Copyright infringement can be observed on nearly every online content distribution platform. As web-based file hosting services, One-Click Hosters

Privacy & Security of Content-Centric Networking

Many researchers recognise that the design of the Internet is not optimal when considering that its current use is very different from when the Internet was originally designed. In fact, most communication today is not any more about connecting to a specific

Automated Social Engineering

Social engineering is a way of compromising certain security properties by attacking not a technical system, but its human users. A typical example is to ask users for their password rather than trying to guess it. It is an open question if, and to what extent

Peer-to-Peer Networks/Distributed Hash Tables

A peer-to-peer (P2P) network is a group of communicating participants that is often characterised by the absence of a central authority. A P2P network can run a Distributed Hash Table (DHT) as a service that permits efficient storage and lookup of

Publications & Talks

2013

Tobias Lauinger, Kaan Onarlioglu, Abdelberi Chaabane, Engin Kirda, William Robertson, and Mohamed Ali Kaafar: Holiday Pictures or Blockbuster Movies? Insights into Copyright Infringement in User Uploads to One-Click File Hosters. Presented at the 16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2013) in Rodney Bay, St. Lucia on 25 October 2013. Published in Salvatore Stolfo, Angelos Stavrou, and Charles Wright (eds.): Research in Attacks, Intrusions and Defenses, Lecture Notes in Computer Science (LNCS), vol. 8145, p. 369-389, Springer-Verlag Berlin Heidelberg, Germany, 2013.

Anecdotal evidence (and a glance at file sharing sites) suggest that many files uploaded to One-Click Hosters (OCHs) infringe copyright. OCHs have legitimate

***
Tobias Lauinger, Martin Szydlowski, Kaan Onarlioglu, Gilbert Wondracek, Engin Kirda, and Christopher Kruegel: Clickonomics: Determining the Effect of Anti-Piracy Measures for One-Click Hosting. Presented at the 20th Annual Network and Distributed System Security Symposium (NDSS 2013) in San Diego, CA on 26 February 2013.

Investigates the effectiveness of current and proposed anti-"piracy" measures in the One-Click Hosting (OCH) ecosystem. Shows that despite takedown efforts

torrentfreak news article

LeMonde.fr news article

2012

Tobias Lauinger: Cache-Induced Privacy Risks in Named Data Networking: What is the Cost of Performance? Invited panel talk at the 26th IEEE Annual Computer Communications Workshop (CCW 2012) in Sedona, AZ on 8 November 2012.

Talk outlining the cache privacy attack in Content-Centric Networking and the main arguments for countermeasures from the editorial note.

slides

***
Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack, and Engin Kirda: Privacy Risks in Named Data Networking: What is the Cost of Performance? Editorial note published in Srinivasan Keshav (editor): ACM SIGCOMM Computer Communication Review, 42(5), p. 54-57, ACM New York, NY, USA, October 2012.

Discusses at a high level several solution approaches to defend against the cache privacy attack in Content-Centric Networking (CCN), which is described in the

doi

***
Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack and Engin Kirda: Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures. Technical report TR-iSecLab-0812-001, August 2012.

Provides attack algorithms that exploit ubiquitous network-level caches in the Content-Centric Networking (CCN) architecture to compromise the privacy of

***
Tobias Lauinger, Engin Kirda, and Pietro Michiardi: Paying for Piracy? An Analysis of One-Click Hosters' Controversial Reward Schemes. Presented at the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2012) in Amsterdam, The Netherlands on 13 September 2012. Published in Davide Balzarotti, Salvatore Stolfo, and Marco Cova (eds.): Research in Attacks, Intrusions and Defenses, Lecture Notes in Computer Science (LNCS), vol. 7462, p. 169-189, Springer-Verlag Berlin Heidelberg, Germany, 2012.

Many One-Click Hosters (OCHs) used to operate affiliate programmes that financially rewarded uploaders of popular files. These programmes were

doi

blog post

torrentfreak news article

2010

Tobias Lauinger: Security & Scalability of Content-Centric Networking. Master's thesis, submitted to Technische Universität Darmstadt, Darmstadt, Germany and Eurécom, Sophia-Antipolis, France in September 2010. Advisors: Ernst Biersack (Eurécom), Nikolaos Laoutaris (Telefónica), Pablo Rodriguez (Telefónica), and Thorsten Strufe (TU Darmstadt).

Content-Centric Networking (CCN) is a proposal for a new Internet architecture based on content names instead of location identifiers as it is the case today

urn

***
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, and Engin Kirda: Honeybot: Your Man in the Middle for Automated Social Engineering. Presented at the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010) in San Jose, CA on 27 April 2010.

Experiment carried out in IRC channels to measure how users react to different kinds of chat spam, and how conversations can be influenced in an automated

publisher

slides

dark reading news article

2008

Sebastian Kaune, Tobias Lauinger, Aleksandra Kovacevic, and Konstantin Pussep: Embracing the Peer Next Door: Proximity in Kademlia. Presented at the 8th International Conference on Peer-to-Peer Computing (P2P 2008) in Aachen, Germany on 11 September 2008. Published in Klaus Wehrle, Wolfgang Kellerer, Sandeep K. Singhal, and Ralf Steinmetz (eds.): Proceedings of the International Conference on Peer-to-Peer Computing 2008, p. 343-350, IEEE Computer Society, Los Alamitos, CA, USA, 2008.

Introduces a way of optimising overlay routing in the Kademlia Distributed Hash Table (DHT) according to a distance metric in the underlay network

doi

2007

Tobias Lauinger: HKademlia: Routing in a Virtual Hierarchy. Bachelor's thesis, submitted to Technische Universität Darmstadt, Darmstadt, Germany, in September 2007. Advisor: Ralf Steinmetz, tutor: Sebastian Kaune.

Proposes to optimise overlay routing in the Kademlia Distributed Hash Table (DHT) by organising peers in clusters of a "virtual hierarchy" and by selecting paths

Curriculum Vitae

Since May 2011 PhD student in Information Assurance at Northeastern University, Boston, Massachusetts (USA). Advisor: Engin Kirda
Jun 2013 — Aug 2013 Intern at Square, San Francisco, California (USA)
Nov 2010 — Apr 2011 Scientific visitor and research engineer at Eurécom, Sophia-Antipolis (France). Supervisors: Engin Kirda and Davide Balzarotti
September 2010 Master of Science (Computer Science), Technische Universität Darmstadt, Darmstadt (Germany)
Diplôme d'Ingénieur, Télécom ParisTech, Paris (France)
Attestation de formation (cursus d'ingénieur en Systèmes de Communication), Eurécom, Sophia-Antipolis (France)
Advisors of the Master's thesis/stage d'ingénieur: Ernst Biersack, Thorsten Strufe
Mar 2010 — Sep 2010 Research intern at Telefónica Investigación y Desarrollo, Barcelona (Spain). Supervisors: Nikolaos Laoutaris, Pablo Rodriguez
December 2007 Bachelor of Science (Computer Science), Technische Universität Darmstadt, Darmstadt (Germany). Advisor of the Bachelor's thesis: Ralf Steinmetz, tutor: Sebastian Kaune
June 2003 Abitur, Gymnasium Michelstadt, Odenwald (Germany)

Disclaimer

The copyright of some of the referenced papers may be held by ACM, IEEE, ISOC, Springer, USENIX, and others. The papers hosted on this web site correspond to the authors' version. The right to distribute or repost these files beyond this web site may be restricted by the copyright release agreements that we were required to sign with the publishers. You can obtain the original works directly from the publishers as linked above.

NEU SECLABiSecLab