Uhingen, Baden-Württemberg, Deutschland
2335 Follower:innen 500+ Kontakte

Anmelden, um das Profil zu sehen

Info

With nearly 20 years of experience in cutting-edge technologies, I have established…

Artikel von Thilo Ewald

Aktivitäten

Anmelden, um alle Aktivitäten zu sehen

Berufserfahrung und Ausbildung

  • Capgemini

Gesamte Berufserfahrung von Thilo Ewald anzeigen

Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.

Bescheinigungen und Zertifikate

Veröffentlichungen

  • Experiences with large-scale operational trials of ALTO-enhanced P2P filesharing in an intra-ISP scenario

    Peer-to-Peer Networking and Applications

    Application Layer Traffic Optimization (ALTO) has recently gained attention in the research and standardisation community as a way for a network operator to guide the peer selection process of distributed applications by providing network layer topology information. In particular P2P applications are expected to gain from ALTO, due to the many connections peers form among each other, often without taking network layer topology information into account. In this paper, we present results of an…

    Application Layer Traffic Optimization (ALTO) has recently gained attention in the research and standardisation community as a way for a network operator to guide the peer selection process of distributed applications by providing network layer topology information. In particular P2P applications are expected to gain from ALTO, due to the many connections peers form among each other, often without taking network layer topology information into account. In this paper, we present results of an extensive intra-ISP trial with an ALTO-enhanced P2P filesharing software. In summary, our results show that—depending on the concrete setting and on the distribution of upload capacity in the network—ALTO enables an ISP to save operational costs significantly while not degrading application layer performance noticeably. In addition, based on our experience we are able to give advice to operators on how to save costs with ALTO while not sacrificing application layer performance at all.

    Andere Autor:innen
    Veröffentlichung anzeigen

  • Capturing Cloud Computing Knowledge and Experience in Patterns

    IEEE CLOUD 2012

    The industry-driven evolution of cloud computing tends to obfuscate the common underlying architectural concepts of cloud offerings and their implications on hosted applications. Patterns are one way to document such architectural principles and to make good solutions to reoccurring (architectural) cloud challenges reusable. To capture cloud computing best practice from existing cloud applications and provider-specific documentation, we propose to use an elaborated pattern format enabling…

    The industry-driven evolution of cloud computing tends to obfuscate the common underlying architectural concepts of cloud offerings and their implications on hosted applications. Patterns are one way to document such architectural principles and to make good solutions to reoccurring (architectural) cloud challenges reusable. To capture cloud computing best practice from existing cloud applications and provider-specific documentation, we propose to use an elaborated pattern format enabling abstraction of concepts and reusability of knowledge in various use cases. We present a detailed step-by-step pattern identification process supported by a pattern authoring toolkit. We continuously apply this process to identify a large set of cloud patterns. In this paper, we introduce two new cloud patterns we identified in industrial scenarios recently. The approach aims at cloud architects, developers, and researchers alike to also apply this pattern identification process to create traceable and wellstructured
    pieces of knowledge in their individual field of expertise. As entry point, we recap challenges introduced by cloud computing in various domains

    Andere Autor:innen
    Veröffentlichung anzeigen

  • Protecting SIP-Based Networks and Services from Unwanted Communications

    GLOBECOM 2008

    In recent times, SIP-based communication systems have become more and more popular (e.g., in open networks, NGN, IMS, etc.). With continuously dropping cost for the usage of such systems (e.g., VoIP, IM, IPTV), many researchers anticipate the amount of unsolicited communication within the network to reach an alarming high level in the near future. Thus, protection of such systems is needed to counter this threat. We present a holistic protection framework for SIP based infrastructures and…

    In recent times, SIP-based communication systems have become more and more popular (e.g., in open networks, NGN, IMS, etc.). With continuously dropping cost for the usage of such systems (e.g., VoIP, IM, IPTV), many researchers anticipate the amount of unsolicited communication within the network to reach an alarming high level in the near future. Thus, protection of such systems is needed to counter this threat. We present a holistic protection framework for SIP based infrastructures and describe the most recent enhancements of the system.

    Andere Autor:innen
    Veröffentlichung anzeigen

  • Enabling high-speed and extensible real-time communications monitoring

    Integrated Network Management 2009:

    The use of the Internet as a medium for real-time communications has grown significantly over the past few years. However, the best-effort model of this network is not particularly well-suited to the demands of users who are familiar with the reliability, quality and security of the Public Switched Telephone Network. If the growth is to continue, monitoring and real time analysis of communication data will be needed in order to ensure good call quality, and should degradation occur, to take…

    The use of the Internet as a medium for real-time communications has grown significantly over the past few years. However, the best-effort model of this network is not particularly well-suited to the demands of users who are familiar with the reliability, quality and security of the Public Switched Telephone Network. If the growth is to continue, monitoring and real time analysis of communication data will be needed in order to ensure good call quality, and should degradation occur, to take corrective action. Writing this type of monitoring application is difficult and time consuming: VoIP traffic not only tends to use dynamic ports, but its real-time nature, along with the fact that its packets tend to be small, impose non-trivial performance requirements. In this paper we present RTC-Mon, the Real-Time Communications Monitoring framework, which provides an extensible platform for the quick development of high-speed, real-time monitoring applications. While the focus is on VoIP traffic, the framework is general and is capable of monitoring any type of real-time communications traffic. We present testbed performance results for the various components of RTC-Mon, showing that it can monitor a large number of concurrent flows without losing packets. In addition, we implemented a proof-of-concept application that can not only track statistics about a large number of calls and their users, but that consists of only 800 lines of code, showing that the framework is efficient and that it also significantly reduces development time.

    Andere Autor:innen
    Veröffentlichung anzeigen

  • VoIP SEAL: A Research Prototype for Protecting Voice-over-IP Networks and Users

    Sicherheit 2008:

    Andere Autor:innen

  • Detecting SPIT Calls by Checking Human Communication Patterns

    ICC 2007

    SPam over Internet Telephony (SPIT) is expected to become a very serious issue in the next years. The threat is going to spin out from the well known email spam problem by bot nets being re-programmed to initiate not just spam emails but also Voice over IP (VoIP) calls. Preventing SPIT is a new problem, because many well-established methods for blocking email spam cannot be applied. Currently, several SPIT prevention methods are being proposed but SPIT prevention research is still at a very…

    SPam over Internet Telephony (SPIT) is expected to become a very serious issue in the next years. The threat is going to spin out from the well known email spam problem by bot nets being re-programmed to initiate not just spam emails but also Voice over IP (VoIP) calls. Preventing SPIT is a new problem, because many well-established methods for blocking email spam cannot be applied. Currently, several SPIT prevention methods are being proposed but SPIT prevention research is still at a very early stage. In this paper, we propose an innovative way to detect SPIT calls by comparing applying hidden Turing tests that compare them with typical human communication patterns. For passing these tests, significant resource consumptions at the SPIT generating bot nets would be required which contradicts the spammer's objective of placing as many SPIT calls as possible, The proposed method has several advantages compared to other methods that also interact with the caller. We validated its feasibility with a prototype implementation that we integrated into our modular VoIP security system called VoIP SEAL

    Andere Autor:innen

  • Holistic VoIP intrusion detection and prevention system

    IPTComm 2007

    VoIP security is crucial for current and future networks and services. The rapid shift from a closed and confined telephony towards an all IP network supporting end to end VoIP services provides major challenges to the security plane. Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.

    This paper describes a multilayer intrusion detection and prevention system architecture for VoIP infrastructures. The…

    VoIP security is crucial for current and future networks and services. The rapid shift from a closed and confined telephony towards an all IP network supporting end to end VoIP services provides major challenges to the security plane. Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.

    This paper describes a multilayer intrusion detection and prevention system architecture for VoIP infrastructures. The key components of the approach are based on a VoIP-specific honeypot and on an application layer event correlation engine. While each component alone can detect only a subset of VoIP-specific attacks, the two of them together can provide an effective defense for the many class of attacks. We show in this paper, how different and complementary conceptual approaches can jointly provide an in depth defense for VoIP architectures.

    Andere Autor:innen

Patente

  • Protection against unsolicited communication for internet protocol multimedia subsystem

    Ausgestellt am DE 9407668

    A protection against an unsolicited communication for an IMS (PUCI) system includes a call session control function (CSCF), and a plurality of PUCE application servers. The PUCI application servers make an evaluation as to whether a communication received from the user equipment is an unsolicited communication; the CSCF makes a decision on routing toward the PUCI application servers based on the evaluation; then, the PUCI application servers execute the routing based on the decision.

    Patent anzeigen

  • Protection against unsolicited communication for internet protocol multimedia subsystem

    Ausgestellt am US 9225751

    A PUCI system is designed to process an incoming call originated by the user equipment toward the counterpart user equipment via an EMS node having a PUCI-light functionality, which includes an IBCF/I-CSCF, a S-CSCF, and a database storing the PUCI-light information. Through a query to the database indicating a suspicious session in relation to the incoming call, the IMS node immediately blocks the suspicious session or simply marks the suspicious session for the further processing at a…

    A PUCI system is designed to process an incoming call originated by the user equipment toward the counterpart user equipment via an EMS node having a PUCI-light functionality, which includes an IBCF/I-CSCF, a S-CSCF, and a database storing the PUCI-light information. Through a query to the database indicating a suspicious session in relation to the incoming call, the IMS node immediately blocks the suspicious session or simply marks the suspicious session for the further processing at a subsequent node. The reason for rejection is included in a SIP BYE/ERROR message of an original session setup message, which is interpreted by a previous IMS node so as to obtain the relevant information from a SIP header. The relevant information is stored in either a global operator policy database or a local database, thus enabling a PUCI-negating IMS node to reject an unsolicited call related to the blocked session.

    Patent anzeigen

  • Communication system and processing method

    Ausgestellt am US 8406396

    A communication system shares terminal identification information (TII) used for identifying a terminal that sends a spam phone call, with another communication system belonging to another network provider, and includes: a storage section that stores the TII of a terminal that sends a spam phone call; a transmission section that transmits the TII stored in the storage section to the other communication system; a reception section that receives the TII used for identifying the terminal that…

    A communication system shares terminal identification information (TII) used for identifying a terminal that sends a spam phone call, with another communication system belonging to another network provider, and includes: a storage section that stores the TII of a terminal that sends a spam phone call; a transmission section that transmits the TII stored in the storage section to the other communication system; a reception section that receives the TII used for identifying the terminal that sends the spam phone call; a registration section that registers the TII received by the reception section in the storage section; and a spam phone call determination section that determines whether there is a match between terminal information indicating information of an outgoing call terminal that sends a connection request, and the TII stored in the storage section, thereby determining whether the outgoing call terminal sends a spam phone call.

    Patent anzeigen

  • Method for detecting attacks to multimedia systems and multimedia system with attack detection functionality

    Ausgestellt am US 9032515

    A method for detecting attacks to multimedia systems, wherein a communication path (1) is established within the multimedia system by a multimedia communication flow between a communication source and a communication destination, is characterized in that at least two devices (3, 4, 8) are provided along the communication path (1), each the device (3, 4, 8) acting as inspection device (2) that is enabled to inspect the multimedia communication flow that transits the inspection device (2), and…

    A method for detecting attacks to multimedia systems, wherein a communication path (1) is established within the multimedia system by a multimedia communication flow between a communication source and a communication destination, is characterized in that at least two devices (3, 4, 8) are provided along the communication path (1), each the device (3, 4, 8) acting as inspection device (2) that is enabled to inspect the multimedia communication flow that transits the inspection device (2), and that the results of the single inspections are accumulated along the communication path (1). Furthermore, a multimedia system with attack detection functionality is described.

    Patent anzeigen

  • Malicious call detection apparatus, malicious call detecting method and computer program for detecting malicious calls

    Ausgestellt am US 9338196

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing…

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing portion. A SPIT determination portion evaluates the bind identification information in reference to the gray list and determines whether or not the session start request from the IP phone terminal is allowed.

    Patent anzeigen

  • Malicious call detection apparatus, malicious call detecting method and computer program for detecting malicious calls

    Ausgestellt am US 9338196

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing…

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing portion. A SPIT determination portion evaluates the bind identification information in reference to the gray list and determines whether or not the session start request from the IP phone terminal is allowed.

    Patent anzeigen

  • Malicious call detection apparatus, malicious call detecting method and computer program for detecting malicious calls

    Ausgestellt am US 9338196

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing…

    To improve detection accuracy of SPIT, first, an identification information gathering apparatus receives various identification information from an IP phone terminal which has transmitted an INVITE message. A PUCI server generates bind identification information by binding or associating various identification information received from an identification information gathering apparatus via an SIP server and registers the bind identification information to a gray list stored in a list storing portion. A SPIT determination portion evaluates the bind identification information in reference to the gray list and determines whether or not the session start request from the IP phone terminal is allowed.

    Patent anzeigen

  • Protection against unsolicited communication for internet protocol multimedia subsystem

    Ausgestellt am US 9225751

    A PUCI system is designed to process an incoming call originated by the user equipment toward the counterpart user equipment via an EMS node having a PUCI-light functionality, which includes an IBCF/I-CSCF, a S-CSCF, and a database storing the PUCI-light information. Through a query to the database indicating a suspicious session in relation to the incoming call, the IMS node immediately blocks the suspicious session or simply marks the suspicious session for the further processing at a…

    A PUCI system is designed to process an incoming call originated by the user equipment toward the counterpart user equipment via an EMS node having a PUCI-light functionality, which includes an IBCF/I-CSCF, a S-CSCF, and a database storing the PUCI-light information. Through a query to the database indicating a suspicious session in relation to the incoming call, the IMS node immediately blocks the suspicious session or simply marks the suspicious session for the further processing at a subsequent node. The reason for rejection is included in a SIP BYE/ERROR message of an original session setup message, which is interpreted by a previous IMS node so as to obtain the relevant information from a SIP header. The relevant information is stored in either a global operator policy database or a local database, thus enabling a PUCI-negating IMS node to reject an unsolicited call related to the blocked session.

    Patent anzeigen

  • PROTECTION AGAINST UNSOLICITED COMMUNICATION FOR INTERNET PROTOCOL MULTIMEDIA SUBSYSTEM

    Ausgestellt am US 20110265145A1

    A PUCI system includes a user equipment (UE) and a PUCI application server holding user policies in connection to a home subscriber server (HSS) holding operator policies. A policy manager establishes the correlation between the user policies and the operator policies, thus determining whether to reject or forward an incoming call originated from a trusted/distrusted source network in accordance with prescribed rules/logics.

    Patent anzeigen

  • Method for detecting attacks to multimedia systems and multimedia system with attack detection functionality

    Ausgestellt am US 9032515

    A method for detecting attacks to multimedia systems, wherein a communication path (1) is established within the multimedia system by a multimedia communication flow between a communication source and a communication destination, is characterized in that at least two devices (3, 4, 8) are provided along the communication path (1), each the device (3, 4, 8) acting as inspection device (2) that is enabled to inspect the multimedia communication flow that transits the inspection device (2), and…

    A method for detecting attacks to multimedia systems, wherein a communication path (1) is established within the multimedia system by a multimedia communication flow between a communication source and a communication destination, is characterized in that at least two devices (3, 4, 8) are provided along the communication path (1), each the device (3, 4, 8) acting as inspection device (2) that is enabled to inspect the multimedia communication flow that transits the inspection device (2), and that the results of the single inspections are accumulated along the communication path (1). Furthermore, a multimedia system with attack detection functionality is described.

    Patent anzeigen

Projekte

  • Project Development VoIP SEAL

    Create a demonstrator to analyze & filter in real-time unsolicited communication. Develop a proto-type and productize it + drive their tech in the standards

    Andere Mitarbeiter:innen

  • Consultant Car Communication

    Consult the DLR for building a simulation environment to measure in real time system critical car communication

  • VoIP for the Uni

    MARKET TEAM organisiert mit Siemens mobile, dem Zentrum für Datenverarbeitung (ZDV) sowie dem Lehrstuhl für Rechnernetze und Internet ein Studentenprojekt zur Nutzung von Voice over IP im Universitätsnetz.

    Anhand einer Beispielimplementierung soll gezeigt werden, wie das vorhandene WLAN-Kommunikationsnetz umgebaut oder erweitert werden kann, um Internettelefonie uniweit anbieten zu können.

    Andere Mitarbeiter:innen

  • Telepresence Admin

    Planning, Integration and management of Telepresence solution for teaching and commercial organizations

  • Web Developer

    Development of websites (HTLM, CSS, PHP, etc.) for smal organizations

Auszeichnungen/Preise

  • Technology Solution EXCELLENCE Award 2021

    Microsoft Germany

    Co-founder of of one of the biggest projects we ever had in Germany, adressing culture, people and technology! Result was a strategic alliance agreement dealing with transformation projects from sales, product developemt, IT as well as HR and finance. Thilo was here driving the vision and defined the mission of it within our team.

  • Great People, Great Performance award for extraordinary delivery

    Microsoft

    Achieving th eteam Award for tranfsorming an chemcial Company with >100.000 employees to adapt new cloud workloads. My personal contribution was the Orchestration of the organisational Change within this project

  • Freshman of the year

    NEC Corporation Japan

    Reward for extraordinary results in the area of standardization

  • Vice-Chair of ETSI TISPAN Security WorkingGroup

    ETSI TISPAN

    Youngest Vice-chair and Rapporteur in the history of ETSI

Sprachen

  • German

    Muttersprache oder zweisprachig

  • English

    Verhandlungssicher

  • French

    Gute Kenntnisse

Erhaltene Empfehlungen

1 Person hat Thilo Ewald empfohlen

Jetzt anmelden und ansehen

Weitere Aktivitäten von Thilo Ewald

Thilo Ewalds vollständiges Profil ansehen

  • Herausfinden, welche gemeinsamen Kontakte Sie haben
  • Sich vorstellen lassen
  • Thilo Ewald direkt kontaktieren
Mitglied werden. um das vollständige Profil zu sehen

Weitere ähnliche Profile

Entwickeln Sie mit diesen Kursen neue Kenntnisse und Fähigkeiten

Alle Kurse anzeigen