About me

I lead the smart building security group at Fraunhofer FKIE, Bonn where I also focus on network steganography/covert channels. I started writing computer related books and articles when I was 17 and received my PhD in computer science from the University of Hagen in 2013.

Selected Work:
book projects with Wiley-IEEE, Springer-Vieweg, and Galileo Press;
scientific papers at Springer Annals of Telecommunications (ANTE), 37th IEEE LCN, 12th and 13th IFIP CMS;
Talks at the hacking/professional events: TROOPERS, Datenspuren, DFN Workshop, Chaos Singularity (CoSin), MetaRheinMain ChaosDays (MRMCD), VDI Fachkonferenz Industrial IT Security, Chemnitzer Linuxtage (2013 and 2014), Secure Linux Administration Conference (SLAC).

Contact: steffen (at) wendzel (dot) de

Education

• 2009-2013: Ph.D. (Dr. rer. nat.) in CS from University of Hagen (chair of parallel comp. and VLSI)
• 2009-2011: M.Sc. in CS from Augsburg University of Applied Sciences
• 2005-2009: Dipl.-Inf.(FH), Kempten University of Applied Sciences

Working Experience

• since 2013: Team leader (IT Security for Building Automation Systems) at the Cyber Defense Group of Fraunhofer FKIE, Bonn, Germany
• since 2003: Author of CS books and articles
• 2012-2013: Research assistant at the HSASec group, Augsburg University of Applied Sciences, Germany
• 2010-2013: Research assistant for the IT4SE (IT for Smart renewable Energy generation and use) project, Augsburg University of Applied Sciences and visiting researcher at the University of Waikato

Research Interests

• network covert channels and network steganography,
• building automation / smart city security
• IT security and security engineering,
• administration and programming of Linux/Unix/BSD systems,
• open source project management
• In addition to computer science I am interested in psychology, university history and campus novels.

Academic Activities (Reviews, Research Abroad/Int'l. Cooperations; Awards, ...)

•  2014:
• Steering Committee Member of the EU NIS Public-Private Platform Working Group 3 on Secure ICT research and innovation; Coordinating the AoI (Area of Interest) group on Trustworthy (Hyperconnected) Infrastructures
• Steering Committee Member of the Arbeitskreis kritische Informations- und Kommunikationsinfrastrukturen (AK KRITIS) of the German Informatics Society (GI) SIG Management für Informationssicherheit, SECMGT
• Industry/Research Chair as well as Technical Program Committee Member at 9th International Conference on Internet Monitoring and Protection (ICIMP'14), Paris, 2014. 
• Program Committee Member at International Workshop on Cyber Crime (IWCC 2014) at IEEE S&P, San Jose, 2014.
• Program Committee Member at GI Sicherheit 2014, Vienna.
• Invited Reviewer for IEEE International Conference on Communications (ICC), Sydney, 2014.
• Technical Program Committee Member at 3rd Techniques and Applications for Mobile Commerce (TAMoCo'14), Warsaw, September, 2014.
• Reviewer for Informatica Journal (Slovenian Society Informatika)


• 2013:


• Coordinating the AoI (Area of Interest) group on Trustworthy (Hyperconnected) Infrastructures (former Trustworthy and Resilient Infrastructure and Services) of the NIS Public-Private Platform Working Group 3 on Secure ICT research and innovation announced in the Cybersecurity Strategy of the European Union (since September).
• Participating and contributing to the Arbeitskreis kritische Informations- und Kommunikationsinfrastrukturen (AK KRITIS) of the German Informatics Society (GI) SIG Management für Informationssicherheit, SECMGT (from October)
• Visiting colleagues at the Warsaw University of Technology to discuss current and future joint-work (Oct 2013)
  
• Reviewer for WILEY-IEEE: Scientific book proposal review 
• Reviewer for IEEE Spectrum magazine (Spectrum)
• Reviewer for IEEE Transactions on Information Forensics and Security (TIFS)
• Reviewer for Springer Annals of Telecommunications - Annales des Télécommunications (ANTE)
• Technical Program Committee Member at 3rd International Workshop on Information Security, Theory and Practice (ISTP 2013), London, UK, 2013.
• Technical Program Committee Member at 8th Int. Conference on Internet Monitoring and Protection (ICIMP 2013), Rome, Italy, 2013.
• Co-Organizer of SPRING 8 of the GI SIG SIDAR at the Munich University of Applied Sciences



• 2012:


• 12/2011-01/2012: guest researcher at the University of Waikato, NZ for the 2nd time for six weeks via project IT4SE
• Reviewer for IEEE Transactions in Information Forensics and Communication Security (TIFS) 
• Best Paper Award at the The Seventh International Conference on Internet Monitoring and Protection (ICIMP 2012), Stuttgart, 2012.
• Co-Organizer of the 5th and 6th IT4SE workshop at the Augsburg University of Applied Sciences



• 2011:


• Reviewer for Journal of Universal Computer Science (JUCS)
• 12/2010-01/2011: guest researcher at the University of Waikato, NZ for six weeks via project IT4SE  
• Co-Organizer of the 3rd IT4SE workshop at the Augsburg University of Applied Sciences
• Galileo Press book review: Arnold Willemer: Linux-Server einrichten und administrieren mit Debian 6 GNU/Linux, Galileo Press, 2011.



• 2010 and older:


• Co-Organizer of the 1st IT4SE workshop at the Augsburg University of Applied Sciences, 2010.
• Galileo Press book review: Dirk Becker: OpenVPN. Das Praxisbuch, Galileo Press, 2008.
• Galileo Press book review: Thomas Theis: Einstieg in PHP5, Galileo Press, 2006.
• Galileo Press book review: Sascha Kersken: Handbuch für Fachinformatiker, Galileo Press GmbH, 2005 (checked the IT security chapter).

Memberships:

• German Informatics Society (Gesellschaft für Informatik)
• Gesellschaft der Freunde der FernUniversität e.V.

Trainings/Courses

• Communications Seminar,
  Fraunhofer Gesellschaft, Leipzig, November 2013.
• Acquisition Techniques,
  Fraunhofer Gesellschaft, Cologne, September 2013.
• BACnet Training Certificate,
  MBS GmbH, Augsburg, January 2013.
• Basics of BACnet Certificate,
  MBS GmbH, Augsburg, July 2012.
• Leadership Coaching,
  Augsburg University of Applied Sciences, Bavarian Forest, 2011.
• Workshop Moderation,
  Augsburg University of Applied Sciences, Augsburg, 2011.
• Rhetoric Course,
  Kempten University of Applied Sciences, Kempten, 2008.
• Communication and Personality Psychology,
  Kempten University of Applied Sciences, Kempten, 2008.

My projects in the News

My own Projects in the News:

• Hochschule Augsburg/Facebook Meldung zum Best Paper Award ICIMP'12
• Golem: Umfassendes Nachschlagewerk als Openbook erhältlich 
• Same news at ProLinux and Linux Magazin
• ProLinux: OpenBook »Linux - Das umfassende Handbuch« in vierter Auflage
• OnlinePC.ch, ADMIN-Magazin and some others also repoted
• ProLinux: "Linux - Das umfassende Handbuch" als OpenBook 
• Golem.de also reported
• ts/sci security: An update on Protocol hopping covert channels
• Heise.de: Dickes Linux-Handbuch als Download und für die Online-Lektüre 
• Same news on golem.de and ProLinux.de
• ProLinux: Hardened Linux 1.6.1 mit gehärtetem 2.6er Kernel
• ProLinux: Minimalistisches Linux in harter Rüstung
• Slashdot.org: OpenBSD gains "fuzzy" user profile IDS
• (Un)Deadly.org: Fuzzy user profile intrusion detection system

Interviews:

• IT-Sicherheit Fachmagazin: Sicherheit in der Gebäudeautomation, 6/13 (German), Q4 2013.
• Hakin9 1/12 (German), January 2012.
• Hakin9 1/07 (German), January 2007.

News about projects I contributed to (Selection):

• Youtube-Video zur Buchvorstellung Informationstechnologie & Sicherheitspolitk, enthalten ist ein Kapitel von uns.
• Linux-Magazin: Linux Users Welcome: Plakate für den Händler-TÜV 
• Same news on Heise-Open and Prolinux.de
• Linux-Magazin: Linux Users Welcome