Research

Traffic Measurements

Network monitoring, packet dissection and DPI tools, data analysis and visualization using complete data-science stacks.

Internet Infrastructure

Data and control-plane analysis at regional and worlds-largest Internet Exchange Points as well as transnational Internet Service Providers.

Network Security

Deployment of honepyots, DDoS attack detection and mitigation, overall network health assessment and long-term trends.

News

Selected Publications

On the Interplay between TLS Certificates and QUIC Performance

ACM CoNEXT 2022 (Acc: 19%) Dec 2022
Our paper on QUIC handshakes and TLS has been accepted without revision at CoNEXT 2022. We provide a public [QUIC handshake classification API]. Preliminary work shown at [RIPE 84].
Read Paper

Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope

USENIX Security 2022 (Acc: 17%) Aug 2022
I had the pleasure to support [Raphael] with IXP & ISP measurements to create a large-scale characterization of malicious two-phase scanners. Accepted at USENIX Sec ‘22 conference.
Read Paper

Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure

ACM CoNEXT 2021 (Acc: 23%) Dec 2021
Our paper on hidden but [open] DNS infrastructures has been accepted without revision at CoNEXT 2021, where I received the best [presentation] award. We have also presented at [APRICOT 2022].
Read Paper

QUICsand: Quantifying QUIC Reconnaissance Scans and DoS Flooding Events

ACM IMC 2021 (Acc: 28%) Nov 2021
Our paper on quantifying QUIC DoS attacks has been accepted at the IMC 2021 conference. We have also presented our work at [DUST2021] and an update at [IETF maprg 113].
Read Paper

The Far Side of DNS Amplification: Tracing the DDoS Attack Ecosystem from the Internet Core

ACM IMC 2021 (Acc: 28%) Nov 2021
Our paper about the DNS amplification ecosystem and the limitations of honeypot platforms has been accepted at the IMC conference 2021. We have been featured by [APNIC].
Read Paper

Uncovering Vulnerable Industrial Control Systems from the Internet Core

IEEE/IFIP NOMS 2020 (Acc: 30%) Apr 2020
Our paper on vulnerable industrial control systems has been accepted at NOMS 2020. As 1 of the best 15 papers, we fast-tracked a [journal extension] and were featured by [MIT Technology Review].
Read Paper

Down the Black Hole: Dismantling Operational Practices of BGP Blackholing at IXPs

ACM IMC 2019 (Acc: 20%) Oct 2019
Our paper on BGP Blackholing at IXPs was accepted at IMC 2019. I have presented our findings at [RIPE79] as well as [MIX Salottino] and have been featured by [Rule11], [RIPE] and [APNIC].
Read Paper

On the Potential of BGP Flowspec for DDoS Mitigation at Two Sources: ISP and IXP

ACM SIGCOMM 2018 (Acc: 43%) Aug 2018
Our poster on fine-grained DDoS mitigation was accepted at the ACM SIGCOMM 2018 conference. I was awarded a silver medal at the SIGCOMM Student Research Competition [SRC].
Read Paper

Contact