Matthias Vallentin

Short Bio

I am Co-Founder and CEO of Tenzir. Prior to that, I was a post-doctoral researcher at UC Berkeley supported by the Signatures Innovation Fellows Program. Before that, I was a research scientist with the networking and security group at the International Computer Science Institute (ICSI).

I received a Ph.D. in computer science at UC Berkeley, where I had the good fortune of being advised by Vern Paxson. Before moving to California, I received a B.S. and M.S. from the Technische Universität München. During my B.S., I co-founded globalways, a German company providing soup-to-nuts Internet services.


My research focuses on designing high-level abstractions for large-scale distributed systems with an applied focus on network forensics and high-performance network monitoring. More generally, I am interested in empirically understanding the inherent space-time trade-off when analyzing massive amounts of network data.


Matthias Vallentin, Vern Paxson, and Robin Sommer. VAST: A Unified Platform for Interactive Network Forensics. USENIX Conference on Networked Systems Design and Implementation (NSDI). March 2016. (slides)

Robin Sommer, Matthias Vallentin, Lorenzo De Carli, and Vern Paxson. HILTI: An Abstract Execution Environment for Deep, Stateful Network Traffic Analysis. Internet Measurement Conference (IMC). November 2014.

Johanna Amann, Robin Sommer, Matthias Vallentin, and Seth Hall. No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships. Annual Computer Security Applications Confernce (ACSAC). December 2013.

Devdatta Akhawe, Johanna Amann, Matthias Vallentin, and Robin Sommer. Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web. International Word Wide Web Conference (WWW). May 2013.

Gregor Maier, Anja Feldmann, Vern Paxson, Robin Sommer, and Matthias Vallentin. An Assessment Of Overt Malicious Activity Manifest In Residential Networks. Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA). July 2011.

Yahel Ben-David, Shaddi Hasan, Joyojeet Pal, Matthias Vallentin, Saurabh Panjwani, Philipp Gutheim, Jay Chen, and Eric Brewer. Computing Security in the Developing World: A Case for Multidisciplinary Research. ACM Workshop on Networked Systems for Developing Regions (NSDR). June 2011.

Yahel Ben-David, Matthias Vallentin, Seth Fowler, and Eric Brewer. JaldiMAC - Taking the Distance Further. ACM Workshop on Networked Systems for Developing Regions (NSDR). June 2010.

Matthias Vallentin, Robin Sommer, Jason Lee, Craig Leres, Vern Paxson, Brian Tierney. The NIDS Cluster: Scalably Stateful Network Intrusion Detection on Commodity Hardware. Recent Advances in Intrusion Detection (RAID). 2007.

Technical Reports

Johanna Amann, Matthias Vallentin, Seth Hall, and Robin Sommer. Revisiting SSL: A Large-Scale Study of the Internet's Most Trusted Protocol. ICSI TR-12-015. Berkeley, December 2012.

Johanna Amann, Matthias Vallentin, Robin Sommer, and Seth Hall. Extracting Certificates from Live Traffic: A Near Real-Time SSL Notary Service. ICSI TR-12-014. Berkeley, November 2012.


Matthias Vallentin. Scalable Network Forensics. Ph.D. Thesis. University of California, Berkeley, USA, May 2016.

Matthias Vallentin. VAST: Network Visibility Across Space and Time. Master's Thesis. Technische Universität München, Germany, January 2009.

Matthias Vallentin. Transparent Load-Balancing for Network Intrusion Detection Systems. Bachelor's Thesis. Technische Universität München, Germany, November 2006.


CAF: C++ Actor Framework. Berkeley C++ Summit. Berkeley, October 2016.

Broker. BroCon. Austin, Texas, September 2016.

Network Intrusion Detection & Forensics with Bro. BERKE1337 workshop. UC Berkeley, March 2016.

Matthias Vallentin, Dominik Charousset, Thomas C. Schmidt, Vern Paxson, and Matthias Wählisch. Native Actors: How to Scale Network Forensics. ACM Special Interest Group on Data Communication (SIGCOMM). August 2014. (abstract)

VAST: Visibility Across Space and Time - Architecture and Usage. BroCon. NCSA, Urbana, August 2014.

Why Actors Rock: Designing a Distributed Database with libcppa. C++Now. Aspen, Colorado, May 2014.

libcppa Now: High-Level Distributed Programming Without Sacrificing Performance. C++Now. Aspen, Colorado, May 2013.

Towards Large-Scale Incident Response and Interactive Network Forensics. Dissertation proposal. UC Berkeley, December 2011.

Network Forensics with Bro. Talk at the Bro workshop. NCSA, Champaign-Urbana, November 2011.

Tools of the Trade. Talk at the Bro workshop. NCSA, Champaign-Urbana, November 2011.

Intrusion Detection and the Bro NIDS. Presentation in the lecture [Security Engineering][sec-eng s08]. Munich, July 2008.

Beyond Stack Smashing. Presentation in the Operating Systems Laboratory. Munich, February 2007.

WiFi Basics & Security. Invited talk in the lecture Internet Protocols held by Prof. Anja Feldman. Munich, July 2006. (German)

Course Work

Matthias Vallentin and Gene Pang. Bloom Filter Redux. CS 270: Combinatorical Algorithms and Data Structures. UC Berkeley, Spring 2011.

Matthias Vallentin. Cacheable Web Objects: Understanding Their Modification Times. STAT 248: Time Series Analysis. UC Berkeley, Fall 2010.

Adam Roberts, Harold Pimentel, and Matthias Vallentin. Model Selection for Bias Correction in RNA-Seq. STAT 241: Statistical Learning Theory - Graphical Models. UC Berkeley, Fall 2010.

Matthias Vallentin and Yahel Ben-David. Quantifying Persistent Browser Cache Poisoning. CS 294-50: Advanced Topics in Computer Security. UC Berkeley, Spring 2010.

Yahel Ben-David, Matthias Vallentin, Seth Fowler, and Samuel Zats. JaldiMAC - Taking the Distance Further. CS 268: Computer Networks and CS 262A: Advanced Topics in Computer Systems. UC Berkeley, Fall 2009.

Matthias Vallentin and Seth Fowler. A Concurrency Model for Event-Based Network Intrusion Detection. In CS 294-33: Towards Highly-Productive Parallel Programming Languages. UC Berkeley, Spring 2009.

Matthias Vallentin, Jon Whiteaker, and Yahel Ben-David. The Gh0st in the Shell: Network Security in the Himalayas. In CS 294-28: Network Security. UC Berkeley, Spring 2009.

Matthias Vallentin. On the Evolution of Buffer Overflows. In the advanced seminar course Approaches for Operating Systems in the Future. Munich, May 2007.



At UC Berkeley, I served as teaching assistant for the undergraduate computer security course (CS 161) in Spring 2011 and Spring 2013.