I am head of the smart building security team at Fraunhofer FKIE, Bonn where I also focus on network steganography/covert channels. I started writing computer related books and articles when I was 17 and received my PhD in computer science from the University of Hagen in 2013. I am now also a member of Stegano.net.Selected Work:
book projects with Wiley-IEEE, Springer-Vieweg, and Galileo Press;
scientific papers at Springer Annals of Telecommunications (ANTE), 37th IEEE LCN, 12th and 13th IFIP CMS;
Talks at the hacking/professional events: TROOPERS, Datenspuren, DFN Workshop, Chaos Singularity (CoSin), MetaRheinMain ChaosDays (MRMCD), VDI Fachkonferenz Industrial IT Security, Chemnitzer Linuxtage (2013 and 2014), Secure Linux Administration Conference (SLAC).
Contact: steffen (at) wendzel (dot) de
Education
- 2009-2013: Ph.D. (Dr. rer. nat.) in CS from University of Hagen (chair of parallel comp. and VLSI)
- 2009-2011: M.Sc. in CS from Augsburg University of Applied Sciences
- 2005-2009: Dipl.-Inf.(FH), Kempten University of Applied Sciences
Working Experience
- since 2013: Team leader (IT Security for Building Automation Systems) at the Cyber Defense Group of Fraunhofer FKIE, Bonn, Germany
- since 2003: Author of CS books and articles
- 2012-2013: Research assistant at the HSASec group, Augsburg University of Applied Sciences, Germany
- 2010-2013: Research assistant for the IT4SE (IT for Smart renewable Energy generation and use) project, Augsburg University of Applied Sciences and visiting researcher at the University of Waikato
Research Interests
- network covert channels and network steganography,
- building automation / smart city security
- IT security and security engineering,
- administration and programming of Linux/Unix/BSD systems,
- open source project management
- In addition to computer science I am interested in psychology, university history and campus novels.
Academic Activities (Reviews, Research Abroad/Int'l. Cooperations; Awards, ...)
- 2014:
- Steering Committee Member of the EU NIS Public-Private Platform Working Group 3 on Secure ICT research and innovation; Leading the AoI (Area of Interest) on Trustworthy (Hyperconnected) Infrastructures
- Member of Stegano.net (a project focused on network steganography and anomaly detection initiated by the network steganography group at the Warsaw University of Technology)
- Steering Committee Member of the Arbeitskreis kritische Informations- und Kommunikationsinfrastrukturen (AK KRITIS) of the German Informatics Society (GI) SIG Management für Informationssicherheit, SECMGT
- Industry/Research Chair as well as Technical Program Committee Member at 9th International Conference on Internet Monitoring and Protection (ICIMP'14), Paris, 2014.
- Program Committee Member at International Workshop on Cyber Crime (IWCC 2014) at IEEE S&P, San Jose, 2014.
- Program Committee Member at GI Sicherheit 2014, Vienna.
- Invited Reviewer for IEEE International Conference on Communications (ICC), Sydney, 2014.
- Technical Program Committee Member at 3rd Techniques and Applications for Mobile Commerce (TAMoCo'14), Warsaw, September, 2014.
- Reviewer for Informatica Journal (Slovenian Society Informatika)
- Taking part at plenary panel discussion NIS: Towards defining priorities for cybersecurity research in Horzon 2020's work programme 2016-2017 at Trust in the Digital World (TDW), Vienna, April 2014.
- Taking part at various security-related events in Brussels ...
- 2013:
- Coordinating the AoI (Area of Interest) group on Trustworthy (Hyperconnected) Infrastructures (former Trustworthy and Resilient Infrastructure and Services) of the NIS Public-Private Platform Working Group 3 on Secure ICT research and innovation announced in the Cybersecurity Strategy of the European Union (since September).
- Participating and contributing to the Arbeitskreis kritische Informations- und Kommunikationsinfrastrukturen (AK KRITIS) of the German Informatics Society (GI) SIG Management für Informationssicherheit, SECMGT (from October)
- Visiting colleagues at the Warsaw University of Technology to discuss current and future joint-work (Oct 2013)
- Reviewer for WILEY-IEEE: Scientific book proposal review
- Reviewer for IEEE Spectrum magazine (Spectrum)
- Reviewer for IEEE Transactions on Information Forensics and Security (TIFS)
- Reviewer for Springer Annals of Telecommunications - Annales des Télécommunications (ANTE)
- Technical Program Committee Member at 3rd International Workshop on Information Security, Theory and Practice (ISTP 2013), London, UK, 2013.
- Technical Program Committee Member at 8th Int. Conference on Internet Monitoring and Protection (ICIMP 2013), Rome, Italy, 2013.
- Co-Organizer of SPRING 8 of the GI SIG SIDAR at the Munich University of Applied Sciences
- 2012:
- 12/2011-01/2012: guest researcher at the University of Waikato, NZ for the 2nd time for six weeks via project IT4SE
- Reviewer for IEEE Transactions in Information Forensics and Communication Security (TIFS)
- Best Paper Award at the The Seventh International Conference on Internet Monitoring and Protection (ICIMP 2012), Stuttgart, 2012.
- Co-Organizer of the 5th and 6th IT4SE workshop at the Augsburg University of Applied Sciences
- 2011:
- Reviewer for Journal of Universal Computer Science (JUCS)
- 12/2010-01/2011: guest researcher at the University of Waikato, NZ for six weeks via project IT4SE
- Co-Organizer of the 3rd IT4SE workshop at the Augsburg University of Applied Sciences
- Galileo Press book review: Arnold Willemer: Linux-Server einrichten und administrieren mit Debian 6 GNU/Linux, Galileo Press, 2011.
- 2010 and older:
- Co-Organizer of the 1st IT4SE workshop at the Augsburg University of Applied Sciences, 2010.
- Galileo Press book review: Dirk Becker: OpenVPN. Das Praxisbuch, Galileo Press, 2008.
- Galileo Press book review: Thomas Theis: Einstieg in PHP5, Galileo Press, 2006.
- Galileo Press book review: Sascha Kersken: Handbuch für Fachinformatiker, Galileo Press GmbH, 2005 (checked the IT security chapter).
Memberships:
- German Informatics Society (Gesellschaft für Informatik)
- Gesellschaft der Freunde der FernUniversität e.V.
Trainings/Courses
- Communications Seminar,
Fraunhofer Gesellschaft, Leipzig, November 2013. - Acquisition Techniques,
Fraunhofer Gesellschaft, Cologne, September 2013. - BACnet Training Certificate,
MBS GmbH, Augsburg, January 2013. - Basics of BACnet Certificate,
MBS GmbH, Augsburg, July 2012. - Leadership Coaching,
Augsburg University of Applied Sciences, Bavarian Forest, 2011. - Workshop Moderation,
Augsburg University of Applied Sciences, Augsburg, 2011. - Rhetoric Course,
Kempten University of Applied Sciences, Kempten, 2008. - Communication and Personality Psychology,
Kempten University of Applied Sciences, Kempten, 2008.
My projects in the News
My own Projects in the News:
- Hochschule Augsburg/Facebook Meldung zum Best Paper Award ICIMP'12
- Golem: Umfassendes Nachschlagewerk als Openbook erhältlich
- Same news at ProLinux and Linux Magazin
- ProLinux: OpenBook »Linux - Das umfassende Handbuch« in vierter Auflage
- OnlinePC.ch, ADMIN-Magazin and some others also repoted
- ProLinux: "Linux - Das umfassende Handbuch" als OpenBook
- Golem.de also reported
- ts/sci security: An update on Protocol hopping covert channels
- Heise.de: Dickes Linux-Handbuch als Download und für die Online-Lektüre
- Same news on golem.de and ProLinux.de
- ProLinux: Hardened Linux 1.6.1 mit gehärtetem 2.6er Kernel
- ProLinux: Minimalistisches Linux in harter Rüstung
- Slashdot.org: OpenBSD gains "fuzzy" user profile IDS
- (Un)Deadly.org: Fuzzy user profile intrusion detection system
- IT-Sicherheit Fachmagazin: Sicherheit in der Gebäudeautomation, 6/13 (German), Q4 2013.
- Hakin9 1/12 (German), January 2012.
- Hakin9 1/07 (German), January 2007.
- Youtube-Video zur Buchvorstellung Informationstechnologie & Sicherheitspolitk, enthalten ist ein Kapitel von uns.
- Linux-Magazin: Linux Users Welcome: Plakate für den Händler-TÜV
- Same news on Heise-Open and Prolinux.de
- Linux-Magazin: Linux Users Welcome
