See also my publications.
Gehalten im Rahmen eines Besuchs einer Delegation des BMWi in der Firma.
Gehalten im Rahmen der Ringvorlesung "Druchblicken statt durchklicken" an der Uni Wuppertal.
Gehalten am 2009-06-08 auf der Fortbildungstag Informatik Kryptographie "Geheime Botschaften" der Universität Wuppertal. Invited Talk.
Held 2008-09-10 before an delegation of the Indian Ministery of Information Technology
Erfahrungen mit Unternehmenssoftware und wie man sie selbst macht. Am 2008-06-12 in Remscheid vor einer Gruppe Interessierter aus der Umgebung gehalten.
Der (inhouse) Vortrag widmet sich den Implikationen von "VDI 2700 -Ladungssicherung auf Straßenfahrzeugen" und "VDI 3968 - Sicherung von Ladeeinheiten" für die Fast Moving Consumer Goods (FMCG) Branche.
Gehalten auf der AutoID live! Konferenz vvon GS1, 2007-11-22, Neuss.
Im HWS 2007/08 halte ich an der Universität Mannheim Angewandte IT-Sicherheit. Siehe auch das Diskussionsforum zum Thema.
At the "HUDORA Quality Managment Meeting", 2007-08-21 to 23 in Duangong I gave a Presentation on the important of logistically suitable units and good data. The main aim was was to give our chinese partners some insight into how packaging influences logistic costs in Germany.
The e-BSN workshop on "Sectoral policy initiatives in support of e-business for SMEs" is co-organised by IDATE and the European Commission. 2007-07-05, Paris, invited talk
At the GS1 Mobile Commerce Group, 2007-06-19, Paris a presented on 2D Barcode usage at HUDROA. Invited Talk.
Auf dem Workshop Handys lesen Strichcodes – Revolution in B2C und B2B? am 2007-04-24 werde ich in Düsseldorf einen Vortrag über Experimente mit Datamatrix Codes (bzw. QRcode) und Lesesoftware auf Mobiltelefonen bei HUDORA halten. Invited Talk.
Die Veranstaltung ist ausgefallen.
Unter dem Titel "Mehr Kundenzufriedenheit durch effiziente Logistik" werde ich auf dem 13. Logistik-Jahreskongress in Köln das Thema vom ECR-Tag aufnehmen und über unsere Entwicklungen im Versandprozess berichten. Invited Talk.
Im März 2007 habe ich drei ähnlich ausgerichtete Vorträge vor dem IHK Außenhandelsausschuss, dem IHK Großhandelsausschuß und einer Gruppe Interessierter gehalten. Thema war jeweils der Umgang mit Software in seinen verschiedenen Facetten. "Wenn Software unser Werkzeug ist, was sind dann unsere Werkzeugmaschinen und wer sind unsere Werkzeugbauer?". Invited Talk.
Für Leser des Weblogs disLEXia.de gab es im Januar 2007 einen Abend mit Einführung in Managment, Logistik & Unternehmens-IT.
Der Vortrag mit dem sperrigen Untertitel "Kundenzufriedenheit steigern durch effiziente Logistik" wurde auf dem ECR-Tag / 2. Prozeus-Technologieforum am 2006-09-27 in München gehalten und gibt eine Einführung in die Nutzung von Scannertechnologie, NVEs und EAN128 Transportetiketten bei HUDORA.
Zusammen mit Dr. Kay Schumann habe ich einen einwöchigen Kurs zum Thema Computerforensik bei der Bundespolizeiakademie in Lübeck gehalten.
Together with Professor Felix Freiling I provided as Lecture "Case-Studies on Dependable Systems and Computer Misuse Apollo Spaceshuttle, Melissa und Google: Fallstudien in Verlässlichkeit und Computermissbrauch" at the University of Mannheim in the Summer Semester 2006.
Was held at Interdisziplinäres Symposium: Phishing und Online-Banking, Bochum 2006-04-27.
Was held at SPC 2006, York, 2006-04-19. See also paper on that topic.
Was held at Sicherheit 2006, Magdeburg, 2006-02-20. See also short paper on that topic.
Was held together with Thorsten Holz at EuSecWest06 London, 2006-02-17.
Was held at the Workshop "Internet-Devianz" des DFK, 2006-02-15, Bonn.
This presentation introduces some little known old and some new approaches on learning about crime on the Internet.
Together with Professor Felix Freiling and Thorsten Holz provided the Lecture on Operating Systems at the University of Mannheim in the Winter Semester 2005/2006.
Was
held at IT-Underground, 2005-10-12, Warshaw.
Often you are in a position where you have to determine as much as possible about a remote device. Be it that you are a network administrator surveying your own network, be it in a penetration testing or infowar setting. In this talk participants will learn how well known remote identication techniques like the ones in nmap work and they will also learn lesser kown tools and techniques. After the course participants should be able to gather huge amounts of information on remote systems by having a wide set oe methods at their disposal.
Several lectures will be
held at the Summerschool
applied IT-Security, 2005-09-19 to 2005-09-30, Aachen.
Wurde am 2005-08-18 in Darmstadt im Rahmen des CAST
Workshop "Forensik" gehalten.
Podiumsdiskussion mit Prof. Dr. Andreas Pfitzmann (TU Dresden),
Maximillian Dornseif (RWTH Aachen), Rolf vom Stein (TÜV
Secure iT GmbH), Prof. Dr. Hartmut Pohl (FH Bonn-Rhein-Sieg) im
Rahmen des Workshop zur Ausbildung im Bereich IT-Sicherheit am 2005-08-11 in Köln
was held with Thorsten Holz at Black Hat Training Las Vegas 2005, 25.-26. Jule 2005.
This course taught how to setup different types of honeypots and
how to learn more about the tools, tactics, and motives of
blackhats but also to swiftly detect and react to malware
outbreaks in an organization. It was shown how
honeypot technology can be used to estimate risks in a way
management understands. On the other hand, the course taught
offensive ways to attack honeypots to get an understanding
on how to use honeypots and their limitations for vulnerability
assessment.
For the slides on Gen II/III, Nepenthes, Botnets, Misc and hand-outs mail Thorsten Holz.
Class was held in the Summer Semester 2005 at RWTH Aachen university.
This was designed to teach how
to break insecure Web applications. It takes place at 13:30h CEST
in room AH V at Aachen University. Videos of the lecture will ba
made available at this page after each lecture. The lecture is
also available as an Quicktime/MPEG4 live steam here.
Was held at the "Hacker Practical" at RWTH Aachen
University.
Was held together with Thorsten Holz, at the 19. DFN Tagung über
Kommunikationsnetze in Düsseldorf, 2005-05-19.
Was held at CanSecWest/core05,
4.-6. May, Vancouver
Firewire/i.Link is well known as a way for connecting video devices or external hard-disks to computers. One little known fact is that the Firewire protocol also allows to read and write physical memory on connected machines without further software support. This can be leveraged to escalate privileges or to spy on connected machines. We will present some fun software using FireWire to do things to computers which shouldn't happen.
Was held together with Knut Eckstein
at the NATO C3a Workshop on Network enabled Warefare,
Den Hague, The Netherlands, April 2005.
This presentation intends to more precisely define the term "physical access" in the context of computer security. It classifies various methods of locally accessing a computing device in order to bypass its built-in security mechanisms and provides case studies.
Was held
at IT-Underground, 17-18.2.2005 in Prague.
Honeypots / Honeynets are one of the more recent toys in the white-hat arsenal. These tools are usually assumed to be hard to detect and attempts to detect or disable them can be unconditionally monitored. The talk sheds some light on how attackers usually behave when they want to defeat honeypots. We will encompass the process of identifying and circumventing current honeypot technology and demonstrate several ways to achieve this. The focus will be on Sebek-based honeypots, but we will also show some ways how to accomplish similar results on different honeypot-architectures.
Crash Course in the basics of penetration testing. Was held
7.1.2005 at RWTH-Aachen University
Download: Presentation
Was held together with Steven
J. Murdoch
at the chaos communication congress
Berlin, Germany, in December 2004
Many files are being published on the Internet which hold unexpected (and potentially embarrassing) data. We examine different cases of hidden data in file formats (including Word, PDF and JPEG) and show examples of these from a crawl of the Internet
See also Demo: Differences between JPEG Images and their EXIF Thumbnails, presentation from the Summerschool which contains more information on MS Office Documents.
Download: Presentation, exif_thumb (snapshot), patched crawl (snapshot)
Was held together with Michael Becher
at the chaos communication congress
Berlin, Germany, in December 2004
Firewire/i.Link ist dafür bekannt, Videoausrüstung oder externe Festplatten mit Rechnern zu verbinden. Weniger bekannt ist die Tatsache, dass über das Firewire-Protokoll der physikalische Speicher der miteinander verbundenen Geräte gelesen und geschrieben werden kann, ohne dass es durch Software unterstützt werden muss.
Der Vortrag wird auf die relevanten Bereiche der Spezifikation eingehen, die den Speicherzugriff ermöglichen. Nach der theoretischen Einleitung werden Ideen gezeigt, wie das praktisch ausgenutzt werden kann: Den Bildschirmspeicher oder beliebige Daten lesen und verwerten, den Rechner oder bestimmte Prozesse zum Absturz bringen, den Bildschirminhalt oder die Rechte von einem Prozess verändern. Einige dieser Ideen werden auch ausführlich praktisch vorgeführt.
Download: Presentation, Demo code (other versions).
Was held
together with Ilja
van Sprundel and psyco dog from da
neo war
at the chaos communication congress
Berlin, Germany, in December 2004
Download: Presentation, vmap-0.6-macosx.patch, honeyd-Xmap, xc0rr.
Was held at the PacSec/core04
conference, Tokyo, Japan, in 11.-12. November 2004
Firewire/i.Link is well known as a way for connecting video devices or external hard-disks to computers. One little known fact is that the Firewire protocol also allows to read and write physical memory on connected machines without further software support. This can be leveraged to escalate privileges or to spy on connected machines. Any kind of device connected via Firewire, be it hard-disk, camcorder or iPod could be perverted to steal data or insert backdoors into computers being attached to the device. But while memory-access over Firewire has some considerable dangers it also is a superior tool for monitoring and forensics on live systems.
Download: Presentation, Demo code (other versions), Video of the Demonstration.
Was held in the winter semester 2004 at RWTH Aachen
University. See the lecture page or weblog
for details.
The Summerschool took place 20.9.-8.10.2004.
The "summer school applied IT security" teaches penetration
techniques for computers and network devices. Participants will
gain an in depth understanding in the ways security systems fail
and get the opportunity to explore penetration techniques
themselves.
Topics include programming errors like buffer overflows and format
string attacks, network based attacks like sniffing, spoofing,
attacks on web applications, network reconnaissance, wireless
security, malware and forensics. Short break-out sessions will
cover management of security, ethics and social, legal and
economic issues. The summer school will finish with a 2-day war
game where participants practice attack and defence with each other.
For further Information see summerschool homepage and our report on it.
Besides organizing the event I gave several lectures:
Further information on the event can be found at the summerschool wiki and at the summmerschool weblog.
Was held
26.8.2004 at OpenChaos, Chaos Computer Club Cologne
Komplexe - aber auch nicht so komplexe Datenformate - beinhalten oft mehr Informationen, als dem Autor bewusst ist. Dieser Vortrag gibt einen Ueberblick darueber was man wo finden kann, berichtet von einigen bemerkenswerten Vorfaellen und fuehrt den einen oder anderen Taschenspieler-Trick vor.
Was held at Defcon 12 July 2004.
Complex data formarts usually contain much more informmation than we are aware it. This presentation gives an overview about some of the types of information which can be found, notable incidents and the situation with hidden data in documents on the internet.
Download: Quicktime Presentation (hi-res version), PDF Presentation, the demos (1, 2, 3).
Was held together with Thorsten Holz at Black Hat USA 2004 Briefings, July 2004 and Defcon 12.
See also the academic paper and the presentation at the Westpoint IAW workshop on this topic.
Download: Quicktime Presentation (hi-res version), PDF Presentation, the kebes toolkit, the demos.
Was held together with Thorsten Holz at Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2004), july 2004
Was held 10. June 2004 at the Information
Assurance Workshop, Westpoint.
See the paper on this topic.
Download: Quicktime Presentation, PDF.
Beitrag zum "Vortragsabend zum Thema Computersicherheit" der
Stipendiaten des Stifterverbandes der deutschen Wirtschaft,
7.6.2004, 19:00h Raum VZN 405 (Bauteil Nord) im Institut für
Industrieofenbau und Wärmetechnik, Kopernikusstr. 16,
Aachen.
Was held 14.5.2004 at The Third Annual Workshop on Economics and Information Security (WEIS04)
See the paper on this topic.
Download: Quicktime Presentation, PDF.
Was held at the
Hacker-Seminar.
Download: not available
Was held at DFG
Graduiertenkolleg "Software für mobile
Kommunikationssysteme", RWTH-Aachen University, 17.3.2004,
10:00h.
Surprisingly little research exists on how security fails. This often results in threat models not being based on sound empirical data or even security systems being designed without explicit threat models at all. This presentation will illustrate the current qualitative and quantitative data available on security failures, discuss problems with this data and show opportunities to collect further information on security failures. A better understanding of how security systems fail is the basis for better threat models with hopefully result in more secure systems.
Call it computer crime, incident, security breach or insurance case - it's all used to describe failures of computer security. To defend against this happenings be it by punishing wrongdoers, changing policy, redesigning systems or insuring risk - a common understanding of what forms of misuse threaten a system and how prevalent they are is needed.
Building on research at the Institute of criminal justice, University of Bonn, the available quantitative and qualitative research on computer misuse will be presented. Surprising trends in the available qualitative will be shown and examples of misuse collected by quantitative research. Sources for data on misuse and the problems faced when collecting such data will be discussed and novel approaches to tackle this problems with techniques like Honeynets or Network Telescopes will be presented.
Download: Quicktime Presentation, PDF
Was held at Regina e.V. Open Source Software - Workshop
, 12.3.2003.
Download: Quicktime Presentation, PDF
Was held at he
laboratory of Dependable Distributed Systems, RWTH-Aachen,
together with Prof. Dr. Felix
Gärtner and Dipl.-Inform. Martin Mink in the summer term.
Seminar
homepage.
Wurde gehalten im Rahmen
der Vorlesung Wirtschaftsstrafrecht von PD Dr. Friedrich Toepel
im SS 2003 im Institut für Strafrecht der Universität Bonn,
Andenaueralle 24-42 am 11.7.2003.
Download: PDF
Wurde gehalten am 26.6.2003, 19:00 c.t. im
Rahmen des OpenChaos
in Köln. (See also my paper on the topic of
blocking Websites.)
Download: PDF
Wurde gehalten auf der 17. DFN-Arbeitstagung
über Kommunikationsnetze, 10.6.2003 - 13.6.2003 in
Düsseldorf. (See also my paper on the topic of
blocking Websites.)
Download: PDF
Gehalten im Rahmen
der Vorlesung Wirtschaftsstrafrecht von PD Dr. Friedrich Toepel
an der Universität Bonn
im WS 2002/2003.
Download: not available
Held
at the H2K2 conference which took
place July 12-14, 2002 in New York City.
Being able to carry
political opinions to the public by showing them on the street
is a basic part of democratic rights. Nowadays, a steadily
increasing part of our life takes place in cyberspace. Things
which aren't happening in cyberspace will therefore get less and
less public attention. How can protest be taken into the virtual
realm? What strategies for "online demonstrations" have we seen
so far? How about the ethical and legal dimensions? Who gets
hurt? Host Maximillian Dornseif will present a new approach for
conducting online demonstrations without adversely affecting
other users on the net.
View: HTML
T-Systems Sicherheitstagung,
Aachen, 30 Januar 2002.
View: HTML
Held at the OECD
Workshop on Information
Security in a Networked World, Nikko Hotel Tokyo, Japan,
12-13 September 2001, by invitation of the Government of Japan.
View: HTML