About me

I am a professor of information security and computer networks at Worms University of Applied Sciences (founder of the network security research group and deputy scientific head of the centre of technology and transfer) and also affiliated with Fraunhofer FKIE (where I was head of a security research team for three years). I received my Ph.D. from the University of Hagen in 2013.

Aged 17, I started writing books (sold 65,000 printed+electronic copies so far and counted 110,000+ downloads of my (older) editions). A list of my 140+ publications can be found here. My publications appeared in high-quality journals/conference such as
  • ACM Computing Surveys (CSUR),
  • Communications of the ACM (CACM),
  • Elsevier Future Generation Computer Systems (FGCS),
  • IEEE Transactions on Industrial Informatics (TII),
  • IEEE Security & Privacy,
  • IEEE Local Computer Networks (LCN),
  • IFIP Information Security and Privacy Protection Conf. (SEC), 
  • Springer Scientometrics,
  • Wiley Security and Communication Networks (SCN),
  • Springer Annals of Telecommunications and 
  • Journal of Universal Computer Science (J.UCS).
However, I also wrote books about the Linux operating system and contributed open source code/patches to the free software community. There is also a list of selected talks that I gave.

My research focuses on network information hiding (network covert channels and network steganography), science of security (SoC), IoT/smart buildings/homes, security of embedded communication protocols, and information security terminology/taxonomy.

Some of my key publications are on the fundamentals (SoC) of network information hiding: taxonomy/patterns/fundamentals [1,2], creativity evaluation of research paper submissions [3] and scientific methodology of information hiding [4]. Some of my other key contributions are focusing on traffic normalization and active wardens [5, 6] and covert channel optimization [7,8].

I am a member of several steering committees, initiatives, program and organizing committees (cf. details). I am (or was) lecturing and supervising at Augsburg University of Applied Sciences, Bonn University and Hagen University. A list of my projects, both funded and spare-time software projects, is also available.

In addition to information security, I am interested in university history, campus novels, and retro computing – in particular: operating system history and historic network protocols. I own a small collection of rather historic books on these retro computing topics. Since about five years, I am also a mid-distance runner (5km to half-marathon).

Find (information about) me here: Twitter, Google Scholar and ResearchGate.

Contact: steffen (at) wendzel (dot) de (PGP pub key: FD701BD1).

Recent News (Selection):


  • My tool NeFiAS (Network Forensic & Anomaly Detection System) is an accessible hands-on tool for network covert channel detection. I just made the code of NeFiAS public. I also attached a documentation. Have fun with it!


  • Great news! Our research project SIVERT (English: Secure and Intelligent Visualization and Real-time Reconstruction Techniques for Proton computed tomography, German: Sichere und Intelligente Visualisierungs- und Echtzeit-Rekonstruktions-Techniken für die Protonen-Computertomografie) was started today. Minister president Malu Dreyer came to initiate the project on October 1st. We receive quite some funding from the Rhineland-Palatinate/MWWK (717.000 EUR) for six PhD students, student assistants and travel budget for the next couple of years and will conduct AI-aided research to improve cancer treatment (also in terms of safety) jointly with TU Kaiserslautern and University of Bergen. Looking forward to post more information on this in the coming months.


  • Recently gave a lecture (in German) on process management in operating systems at University of Hagen. Slides are here.


  • Two new posters have been accepted at EICC'20: 
    • Jörg Keller, Steffen Wendzel: Covert Channels in One-Time Passwords Based on Hash Chains, in Proc. European Interdisciplinary Cybersecurity Conference (EICC 2020), ACM, in press.
    • Laura Hartmann, Steffen Wendzel: Anomaly Detection in ICS based on Data-history Analysis, in Proc. European Interdisciplinary Cybersecurity Conference (EICC 2020), ACM, in press.
  • Our new special issue on Information Security Methodology, Replication Studies and Education at the Journal of Universal Computer Science has been published; featuring selected extended articles of last year's ARES IWSMR workshop.



  • I wrote a review of the book Future automation: changes to lives and to businesses by Timothy Carone. The review was published by ACM Computing Reviews, cf. here (requires access; e-mail me for a pre-print).
  • My project proposal ACCAEL (Anti Cyber-crime Actions on the European Level) was granted (21.750 EUR).

The early-access version (open access) of our paper on MQTT covert channels is now available:
I am proud to say that for the second time, I got a paper accepted in a non-computer science journal, namely Scientometrics (website of the publisher). Yes, our paper has to do with cyber security, somehow, but it is an analysis of citations.