Research
Annually
since 1999, Open Systems supports an ETH Diploma Thesis from the
Computer Engineering and Network Laboratory (TIK) of the ETH Zurich. The successful
cooperation of Open Systems and Professor Plattner allows students to work
on their theses in a professional environment and to collect real world experience.
On the other side, Open Systems benefits from the innovative and interesting
concepts of ETH students.
| Title | Rating Autonomous Systems |
| Author | Laurent Zimmerli |
| Description | The quality of end-to-end connections over the Internet depends on the quality of the traversed Autonomous Systems. In this thesis, we developed an approach to rate Autonomous Systems by their quality. The approach is based on traceroute measurement data. Rating Autonomous Systems supports real-time Internet debugging and helps determining high quality ISPs. |
| Date | August 2008 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2008 Open Systems AG, All rights reserved. |
  |
|
| Title | Signature-based Extrusion Detection |
| Author | Cecile Luessi |
| Description | An “Intrusion Detection System (IDS)” is an important component for the comprehensive protection of a company network. Unfortunately, a great number of false alarms make the application of an IDS difficult. This thesis investigates whether the outbound traffic of an infected host can be used to detect intrusion and, if so, how this can be done. Its focus lies on the distinction between attempted and successful attacks.. |
| Date | August 2008 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2008 Open Systems AG, All rights reserved. |
| |
|
| Title | Einhaltung der Security Policy an VPN Standorten |
| Author | Patrik Bless |
| Description | Computing environments continue to grow more insecure by the day. A myriad of threats of all kinds menace corporate, governmental, and even private information system infrastructures. In order to support security officers and engineers, a policy toolbox was developed for the Mission Control Security Gateway Service. |
| Date | Oktober 2006 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | Creative Commons Attribution-Share Alike 2.5 License |
| |
|
| Title | Automatic Monitoring of Internet Service Provider (ISP) Topologies |
| Author | Janneth Malibago |
| Description | Manual, real-time debugging is the standard solution for solving Internet connectivity problems. In this thesis, a long-term monitoring strategy is pursued that continuously monitors Internet routing paths with traceroute. By correlating route changes and latency variations, the reason for connectivity outages, e.g., re-routing via another ISP, can be quickly determined. |
| Date | August 2006 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2006 Open Systems AG, All rights reserved. |
| |
|
| Title | Passive Measurement of Network Quality |
| Author | Dominique Giger |
| Description | Traditionally, network latency and packet loss statistics are gathered by doing active ping probes. The passive technique proposed in this thesis calculates these statistics by analyzing the actual VPN traffic in real-time. Tests show that this is a viable method for very accurate, non-intrusive statistics measurement. |
| Date | Mai 2006 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2006 Open Systems AG, All rights reserved. |
| |
|
| Title | Scan Detection Based Identification of Worm Infected Hosts |
| Author | Christoph Göldi, Roman Hiestand |
| Description | The number of new worms on the Internet increases rapidly. Worm infections cause traffic overloads in office networks and congestions of Internet links which cost the industry yearly several billion dollars. An implementation of a generic worm detection algorithm has been done based on the analysis of worm scan traffic. Tests have shown that worms are detected in short time and with a very low false positive rate. The developed detection method enables affected companies to quickly react to worm infections and thus helps preventing major financial losses. |
| Date | April 2005 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2005 Open Systems AG, All rights reserved. |
| |
|
| Title | Smart Intrusion Detection |
| Author | Thomas Singer, Rolf Sigg |
| Description | Intrusion detection is the art of detecting inappropriate, incorrect, or anomalous activity on computers and computer networks. Today, the majority of intrusion detection systems try to accomplish this task by acting somehow like a virus scanner. They look at captured network packets or system logs in order to find occurrences of patterns... |
| Date | March 2001 |
| Documents | Thesis |
| Contact | papers@open.ch |
| Copyright | ©2003 Open Systems AG, All rights reserved. |
| |
|
| Title | Wireless LAN (WLAN) und Security |
| Author | Stephan Gautschi |
| Description | Die WLAN-Technologie erobert die Netzwerk-Welt im Sturm. Neue, erschwingliche und leistungsfähige Produkte erlauben einem breiten Publikum den Einsatz von drahtlosen Datennetzen zuhause, unterwegs oder in der Firma. Der folgende Bericht diskutiert Möglichkeiten und Grenzen der WLAN-Nutzung, insbesondere im Zusammenhang mit VPN-Technologien, welche über Optionen zur Chiffrierung und Benutzer-Authentisierung verfügen. Die identifizierten Zielgruppen sind "Home"- und "Mobile"-Benutzer, "Small offices" sowie interne Anwender ohne fest zugeteilte Arbeitsplätze wie Verkäufer oder externe Mitarbeiter. |
| Date | Dezember 2002 |
| Documents | White Paper |
| Contact | papers@open.ch |
| Copyright | ©2002 Open Systems AG, All rights reserved. |
| |
|
| Title | Honeypots |
| Project | Diploma thesis in cooperation with the Computer Engineering and Networks Laboratory (TIK) at the Swiss Federal Institute of Technology Zurich (ETH Zürich). |
| Authors | Reto Baumann and Christian Plattner |
| Description | A honeypot is used in the area of computer and Internet security. It is a resource which is intended to be attacked and compromised to gain more information about the attacker and the used tools. It can also be deployed to attract and divert an attacker from their real targets. The goal of this paper is to show the possibilities of honeypots and their use in a research as well as productive environment. |
| Date | March 2002 |
| Documents | White Paper |
| Contact | papers@open.ch |
| Copyright | ©2002 Open Systems AG, All rights reserved. |
| |
|
| Title | Large Scale Certificate Revocation Architecture |
| Project | Diploma thesis in cooperation with the Computer Engineering and Networks Laboratory (TIK at the Swiss Federal Institute of Technology Zurich (ETH Zürich). |
| Author | Oliver Kessler |
| Description | Although technologies for Public Key Infrastructures (PKI) are well developed nowadays and almost ready to be used, some issues are unsolved so far. The lack of a mechanism that provides scalable certificate revocation is a fundamental problem inhibiting the wide acceptance of a PKI in the Internet. This paper will compare some existing solutions and propose a novel mechanism called Certificate Revocation Framework (CRF). |
| Date | March 2000 |
| Documents | White Paper | Abstract |
| Contact | papers@open.ch |
| Copyright | ©2000 Open Systems AG, All rights reserved. |
| |
|
| Title | Advanced Concepts for Intrusion Detection in Enterprise Networks |
| Author | Lionel Gresse |
| Description | The 90's have been the witness of the explosion of Internet use and Intranet deployment. If they rely on the same technology, their radically different topology and features change the game of security. |
| Date | 1999 |
| Documents | White Paper | Abstract |
| Contact | papers@open.ch |
| Copyright | ©1999 Open Systems AG, All rights reserved. |