Johanna @ ICIR

Contact:

johanna @ [domain]
PGP

About me:

I am a senior engineer at Corelight, where I spend most of my time working on the Zeek Network Security Monitor. I am still affiliated with the International Computer Science Institute, an independent non-profit research institute affiliated with the University of California, Berkeley, as well as the cyber security team of the Lawrence Berkeley National Laboratory. My main research interests lie in the areas of network security, Internet measurement and applied cryptography.

Publications:

The Boon and Bane of Cross-Signing: Shedding Light on a Common Practice in Public Key Infrastructures
Jens Hiller, Johanna Amann, Oliver Hohlfeld
Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications (CCS'20), November 2020

Tracking the deployment of TLS 1.3 on the Web: A story of experimentation and centralization
Ralph Holz, Jens Hiller, Johanna Amann, Abbas Razaghpanah, Thomas Jost, Narseo Vallina-Rodriguez, and Oliver Hohlfeld
SIGCOMM Computer Communication Review, Volume 50, Issue 3, July 2020

A Retrospective Analysis of User Exposure to (Illicit) Cryptocurrency Mining on the Web
Ralph Holz, Diego Perino, Matteo Varvello, Johanna Amann, Andrea Continella, Nate Evans, Ilias Leontiadis, Christopher Natoli, Quirin Scheitle
Network Traffic Measurement and Analysis Conference (TMA) 2020, June 2020

Coming of Age: A Longitudinal Study of TLS Deployment (Distinguished Paper Award)
Platon Kotzias, Abbas Razaghpanah, Johanna Amann, Kenny Paterson, Narseo Vallina-Rodriguez, Juan Caballero
18th Internet Measurement Conference (IMC'18), November 2018

The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem
Quirin Scheitle, Oliver Gasser, Theodor Nolte, Johanna Amann, Lexi Brent, Georg. Carle, Ralph Holz, Thomas C. Schmidt, Matthias Wählisch
18th Internet Measurement Conference (IMC'18), November 2018

Studying TLS Usage in Android Apps
Abbas Razaghpanah, Arian Akhavan Niaki, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Johanna Amann, Phillipa Gill
ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT) 2017, December 2017
Also accepted as a talk at ANRW 2018.

Mission Accomplished? HTTPS Security after DigiNotar (IMC Community Contribution Award, 2018 Annual Networking Research Prize for IETF 103)
Johanna Amann, Oliver Gasser, Quirin Scheitle, Lexi Brent, Georg Carle, Ralph Holz
17th Internet Measurement Conference (IMC'17), November 2017

Viable Protection of High-Performance Networks through Hardware/Software Co-Design
Johanna Amann, Robin Sommer
ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, March 2017

Spicy: A Unified Deep Packet Inspection Framework for Safely Dissecting All Your Data
Robin Sommer, Johanna Amann, Seth Hall
2016 Annual Computer Security Applications Conference, December 2016

Towards a Complete View of the Certificate Ecosystem
Benjamin VanderSloot, Johanna Amann, Matthew Bernhard, Zakir Durumeric, Michael Bailey, J. Alex Halderman
16th Internet Measurement Conference (IMC'16), October 2016

Specification Mining for Intrusion Detection in Networked Control Systems
Marco Caselli, Emmanuele Zambon, Johanna Amann, Robin Sommer, Frank Kargl
USENIX Security Symposium, August 2016

Exploring Tor's Activity Through Long-term Passive TLS Traffic Measurement
Johanna Amann, Robin Sommer
Passive and Active Measurement Conference (PAM), March 2016

Measuring the Latency and Pervasiveness of TLS Certificate Revocation
Liang Zhu, Johanna Amann, John Heidemann
Passive and Active Measurement Conference (PAM), March 2016

TLS in the wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication
Ralph Holz, Johanna Amann, Olivier Mehani, Matthias Wachs, Mohamed Ali Kaafar
Network and Distributed System Security Symposium (NDSS), February 2016

Spicy: A Unified Deep Packet Inspection Framework Dissecting All Your Data
Robin Sommer, Johanna Amann, Seth Hall
ICSI Technical Report, November 2015

Providing Dynamic Control to Passive Network Security Monitoring (implementation & scripts)
Johanna Amann, Robin Sommer
18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), November 2015

A Tangled Mass: The Android Root Certificate Stores (Best Short Paper Award)
Narseo Vallina-Rodriguez, Johanna Amann, Christian Kreibich, Nicholas Weaver and Vern Paxson
ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT) 2014, December 2014

The Matter of Heartbleed (Best Paper Award)
Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicholas Weaver, David Adrian, Vern Paxson, Michael Bailey, J. Alex Halderman
14th Internet Measurement Conference (IMC'14), November 2014

Count Me In: Viable Distributed Summary Statistics for Securing High-Speed Networks (implementation & scripts)
Johanna Amann, Seth Hall, Robin Sommer
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2014

No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships
Johanna Amann, Robin Sommer, Matthias Vallentin, Seth Hall
2013 Annual Computer Security Applications Conference, December 2013

Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web (used tools and library)
Devdatta Akhawe, Johanna Amann, Matthias Vallentin, Robin Sommer
Proc. International World Wide Web Conference, May 2013

Revisiting SSL: A Large Scale Study of the Internet's Most Trusted Protocol
Johanna Amann, Matthias Vallentin, Seth Hall, Robin Sommer
ICSI Technical Report, December 2012

Extracting Certificates from Live Traffic: A Near Real Time SSL Notary Service
Johanna Amann, Matthias Vallentin, Seth Hall, Robin Sommer
ICSI Technical Report, November 2012

A Lone Wolf No More: Supporting Network Intrusion Detection with Real-Time Intelligence
Johanna Amann, Robin Sommer, Aashish Sharma, Seth Hall
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2012

Redundancy and Access Permissions in Decentralized File Systems
Johanna Amann
Thesis, Technische Universität München, September 2011

Adding Cryptographically Enforced Permissions to Fully Decentralized File Systems
Johanna Amann and Thomas Fuhrmann
Technical Report, Technische Universität München, April 2011

A Quantitative Analysis of Redundancy Schemes for Peer-to-Peer Storage Systems
Yaser Houri, Johanna Amann, Thomas Fuhrmann
Proc. 12th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2010), 2010

Cryptographically Enforced Permissions for Fully Decentralized File Systems
Johanna Amann and Thomas Fuhrmann
Proceedings of the 10th IEEE International Conference on Peer-to-Peer Computing 2010 (P2P'10), 2010

Unix-like Access Permissions in Fully Decentralized File Systems (poster)
Johanna Amann and Thomas Fuhrmann
Poster Presentation at the 8th USENIX Conference on File and Storage Technologies (FAST '10), 2010

IgorFs: A Distributed P2P File System (poster)
Johanna Amann, Benedikt Elser, Yaser Houri and Thomas Fuhrmann
Proceedings of the Eigth IEEE International Conference on Peer-to-Peer Computing (P2P'08), 2008

Secure Asynchronous Change Notifications for a Distributed File System
Johanna Amann
Diplomarbeit, Chair for Network Architectures, TUM 2007

Books:

Passive and Active Measurement
Mohamed Ali Kaafar, Steve Uhlig, Johanna Amann (Eds.)
Springer, Lecture Notes in Computer Science, ISBN 978-3-319-54327-7, 2017

Projects I am involved in:

The ICSI SSL Notary service
The Zeek Network Security Monitor
Effective and Economical Protection for High-Performance Research and Education Networks (NSF, 2016-2021)
Understanding the State of TLS Using Large-scale Passive Measurements (NSF, 2015-2021)
A Bro Center of Expertise for the NSF Community (NSF, 2013-2019)

Professional Activities:

Steering Committee RAID 2017-today
Program Committee USENIX Woot 2019
Program Committee USENIX Security Symposium 2018, 2019
Program Committee Internet Measurement Conference 2018, 2019
Program Committee NDSS 2017, 2018
Program Committee RAID 2016, 2017, 2018
Publication Chair PAM 2017
Poster Chair NDSS 2017
Program Committee ACSAC 2016, 2017
Program Committee WWW 2016, 2017
Program Committee SDNNFVSEC 2016, 2017
Program Committee NPSec 2014, 2015

Tools and other links:

My github account containing (among other things):
A few scripts that can be useful with Bro as well as a collection of Bro scripts.
Patched version of Crypt::OpenSSL::X509
NSS bindings for Perl

Tree of trust of the SSL intermediate CAs used in the Internet as of Dec. 2012. The visualization was made with data from the ICSI SSL notary using gephi and gexf-js.

Statistics for the #Bro IRC channel on Freenode

My CPAN account.