Publications
Articles
S. Haas, R. Sommer, M. Fischer
zeek-osquery: Host-Network Correlation for Advanced Monitoring and Intrusion Detection
Proc. ICT Systems Security and Privacy Protection, 2020
J. Amann, R. Sommer
Viable Protection of High-Performance Networks through Hardware/Software Co-Design
Proc. ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, May 2017
R. Sommer, J. Amann, S. Hall
Spicy: A Unified Deep Packet Inspection Framework for Safely Dissecting All Your Data
Proc. Annual Computer Security Applications Conference, December 2016
M. Caselli, E. Zambon, J. Amann, R. Sommer, F. Kargl
Specification Mining for Intrusion Detection in Networked Control Systems
Proc. USENIX Security Symposium, August 2016
J. Amann, R. Sommer
Exploring Tor’s Activity Through Long-term Passive TLS Traffic Measurement
Proc. Passive and Active Measurement Conference, March 2016
M. Vallentin, V. Paxson, R. Sommer
VAST: A Unified Platform for Interactive Network Forensics
Proc. USENIX Conference on Networked Systems Design and Implementation (NSDI), March 2016
J. Amann, R. Sommer
Providing Dynamic Control to Passive Network Security Monitoring
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2015
O. Goga, P. Loiseau, R. Sommer, R. Teixeira, K. Gummadi
On the Reliability of Profile Matching Across Large Online Social Networks
Proc. ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2015
D. Hadžiosmanović, R. Sommer, E. Zambon, P. Hartel
Through the Eye of the PLC: Semantic Security Monitoring for Industrial Processes
Proc. Annual Computer Security Applications Conference, 2014
R. Sommer, M. Vallentin, L. De Carli, V. Paxson
HILTI: An Abstract Execution Environment for Deep, Stateful Network Traffic Analysis
Proc. ACM SIGCOMM Internet Measurement Conference, 2014
L. De Carli, R. Sommer, S. Jha
Beyond Pattern Matching: A Concurrency Model for Stateful Deep Packet Inspection
Proc. ACM Conference on Computer and Communications Security, 2014
J. Amann, S. Hall, R. Sommer
Count Me In: Viable Distributed Summary Statistics for Securing High-Speed Networks
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2014
J. Amann, R. Sommer, M. Vallentin, S. Hall
No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships
Proc. Annual Computer Security Applications Conference, 2013
O. Goga, H. Lei, S. Parthasarathi, G. Friedland, R. Sommer, R. Teixeira
Exploiting Innocuous Activity for Correlating Users Across Sites
Proc. World Wide Web Conference (WWW), May 2013
D. Akhawe, J. Amann, M. Vallentin, R. Sommer
Here’s My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web
Proc. World Wide Web Conference (WWW), May 2013
J. Amann, R. Sommer, A. Sharma, S. Hall
A Lone Wolf No More: Supporting Network Intrusion Detection with Real-Time Intelligence
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2012
N. Sarrar, G. Maier, B. Ager, R. Sommer, S. Uhlig
Investigating IPv6 Traffic - What Happened at the World IPv6 Day?
Proc. Passive and Active Measurement Conference, March 2012
G. Friedland, G. Maier, R. Sommer, N. Weaver
Sherlock Holmes’s Evil Twin: On The Impact of Global Inference for Online Privacy
Proc. New Security Paradigms Workshop, September 2011
G. Maier, A. Feldmann, V. Paxson, R. Sommer, M. Vallentin
An Assessment of Overt Malicious Activity Manifest in Residential Networks
Proc. Conference on Detection of Intrusions and Malware and Vulnerability Assessment, July 2011
G. Friedland, R. Sommer
Cybercasing the Joint: On the Privacy Implications of Geo-Tagging
Proc. USENIX Workshop on Hot Topics in Security, 2010
This work was also covered by
the New York Times
,
ABC News
,
Toronto Star
,
New Scientist
.
R. Sommer, V. Paxson
Outside the Closed World: On Using Machine Learning For Network Intrusion Detection
Proc. IEEE Symposium on Security and Privacy, 2010
P. Mittal, V. Paxson, R. Sommer, M. Winterrowd
Securing Mediated Trace Access Using Black-box Permutation Analysis
Proc. ACM Workshop on Hot Topics in Networks, 2009
R. Sommer, V. Paxson, N. Weaver
An Architecture for Exploiting Multi-Core Processors to Parallelize Network Intrusion Prevention
Concurrency and Computation: Practice and Experience, Wiley, 21(10), ISSN 1532-0626, 2009
N. Weaver, R. Sommer, V. Paxson
Detecting Forged TCP Reset Packets
Proc. Network & Distributed System Security Symposium, 2009
H. Dreger, A. Feldmann, V. Paxson, R. Sommer
Predicting the Resource Consumption of Network Intrusion Detection Systems
Proc. Symposium on Recent Advances in Intrusion Detection, 2008
G. Maier, R. Sommer, H. Dreger, A. Feldmann, V. Paxson, F. Schneider
Enriching Network Security Analysis with Time Travel
Proc. ACM SIGCOMM, 2008
M. Allman, C. Kreibich, V. Paxson, R. Sommer, N. Weaver
Principles for Developing Comprehensive Network Visibility
Proc. USENIX Workshop on Hot Topics in Security, 2008
M. Allman, C. Kreibich, V. Paxson, R. Sommer, N. Weaver
The Strengths of Weaker Identities: Opportunistic Personas
Proc. USENIX Workshop on Hot Topics in Security, 2007
N. Weaver, R. Sommer
Stress Testing Cluster Bro
Proc. DETER Community Workshop on Cyber Security Experimentation and Test, 2007
M. Vallentin, R. Sommer, J. Lee, C. Leres, V. Paxson, B. Tierney
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
Proc. Symposium on Recent Advances in Intrusion Detection, 2007
V. Paxson, R. Sommer, N. Weaver
An Architecture for Exploiting Multi-Core Processors to Parallelize Network Intrusion Prevention
(Invited paper)
Proc. IEEE Sarnoff Symposium, 2007
R. Pang, V. Paxson, R. Sommer, L. Peterson
binpac: A yacc for Writing Application Protocol Parsers
Proc. ACM SIGCOMM Internet Measurement Conference, 2006
V. Paxson, K. Asanovic, S. Dharmapurikar, J. Lockwood, R. Pang, R. Sommer, N. Weaver
Rethinking Hardware Support for Network Analysis and Intrusion Prevention
Proc. USENIX Workshop on Hot Topics in Security, 2006
H. Dreger, A. Feldmann, M. Mai, V. Paxson, R. Sommer
Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection
Proc. USENIX Security Symposium, 2006
R. Sommer, V. Paxson
Exploiting Independent State For Network Intrusion Detection
Proc. Annual Computer Security Applications Conference, 2005
S. Kornexl, V. Paxson, H. Dreger, A. Feldmann, R. Sommer
Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic
Proc. ACM SIGCOMM Internet Measurement Conference, 2005
H. Dreger, C. Kreibich, V. Paxson, R. Sommer
Enhancing the Accuracy of Network-based Intrusion Detection with Host-based Context
Proc. GI Conference on Detection of Intrusions and Malware & Vulnerability Assessment , 2005
C. Kreibich, R. Sommer
Policy-controlled Event Management for Distributed Intrusion Detection
Proc. International Workshop on Distributed Event-Based Systems, 2005
H. Dreger, A. Feldmann, V. Paxson, R. Sommer
Operational Experiences with High-Volume Network Intrusion Detection
Proc. ACM Conference on Computer and Communications Security, 2004
A. Rupp, H. Dreger, A. Feldmann, R. Sommer
Packet Trace Manipulation Framework for Test Labs
Proc. ACM SIGCOMM Internet Measurement Conference, 2004
R. Sommer
Bro: An Open Source Network Intrusion Detection System
Proc. DFN-Arbeitstagung über Kommunikationsnetze, 2003
R. Sommer, V. Paxson
Enhancing Byte-Level Network Intrusion Detection Signatures with Context
Proc. ACM Conference on Computer and Communications Security, 2003
R. Sommer, A. Feldmann
NetFlow: Information Loss or Win?
Proc. ACM SIGCOMM Internet Measurement Workshop, 2002
Books
R. Sommer, D. Balzarotti, G. (Eds.)
Recent Advances in Intrusion Detection (RAID)
Springer, Lecture Notes in Computer Science, ISBN 978-3-642-23643-3(6961), 2011
S. Jha, R. Sommer, C. (Eds.)
Recent Advances in Intrusion Detection (RAID)
Springer, Lecture Notes in Computer Science, ISBN 978-3-642-15511-6(6307), 2010
B. Hämmerli, R. (Eds.)
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
Springer, Lecture Notes in Computer Science, ISBN 978-3-540-73613-4(4579), 2007
Invited Book Chapter
G. Friedland, A. Janin, H. Lei, J. Choi, R. Sommer
Content-Based Privacy for Consumer-Produced Multimedia
In: Multimedia Data Mining and Analytics Springer, ISBN 978-3-319-14997-4, 2015
Theses
R. Sommer
Viable Network Intrusion Detection in High-Performance Environments
Ph.D. Thesis, TU München, 2005
R. Sommer
Verfahren zum Clustering von Dokumenten
University of Paderborn, Germany, 2001
Technical Reports
R. Sommer, V. Paxson
Exploiting Independent State For Network Intrusion Detection
TU München, 2004
R. Sommer, A. Feldmann
NetFlow: Information Loss or Win?
Saarland University, Germany, 2002