Current Projects (incl. Granted Funding Applications)

AI-driven Secure Aging for Pandemy-resilient Digital Infrastructures (German: KI-gestütztes sicheres Altern für eine pandemieresiliente digitale Infrastruktur, KISAT, 2020-2022)

  • funded by MWWK/RLP; role: main proposal author; principal investigator; 185,000 EUR

Secure and Intelligent Visualization and Real-time Reconstruction Techniques for Proton Computed Tomograph

  • funded by MWWK/RLP; role: one of the proposal authors; co-principal investigator; ~717,000 EUR

Network Forensics and Anomaly Detection System (NeFiAS, since 2020)

  • non-funded; role: main developer

Machine Learning-based Attack Detection for Industrial Control Systems (MADISA, 2019-2021)

  • funded by EU (EFRE)/RLP; role: principal investigator / main proposal author; ~211,000 EUR

Anti Cyber-crime Actions on the European Level (ACCAEL, 2020),

  • funded by BMBF; role: principal investigator / main proposal author; ~21,750 EUR

Energy-efficient and Secure Smart Environments (E2S2E, 2016-2018),

  • funded by German Ministry of Education and Research (BMBF); role: principal investigator / main proposal author; eight project partners; ~68,000 EUR

Building Automation Reliable Network Infrastructure (BARNI, 2014-2016),

  • funded by German Ministry of Education and Research (BMBF); role: main proposal author / project manager; ~453.000 EUR

Information Hiding Pattern Collection (since 2015)

Historic Projects

  • Hardened Linux Security Distribution (project initiator/leader and developer; 2006-2008)
  • WendzelNNTPd - a NNTP daemon (2004-2014, critical updates still provided for users)
  • AstroCam stepengine control software (2001-2011)
  • Security hacks:
    • KSPIDS - Linux Kernel User Profile IDS Patch (2008)
    • openportd - ICMP port knocking service for OpenBSD (2006)
    • FUPIDS - “Fuzzy” User Profile IDS for the OpenBSD Kernel (2003)
  • Covert channel/tunneling software:
    • NeFiAS - a detector for network covert channels (2020-now)
    • NEL tool - a research tool for network environment learning/active warden testing (2017-2018)
    • CCEAP - a tool for teaching network covert channels (2016-now)
    • PCT - protocol channel tool (PoC, 2008)
    • PHCCT - protocol hopping covert channel tool (PoC, 2007)
    • VSTT - ICMP, POP3 and plaintext tunnel via fifo/socket in/out (2006) 
    • PCAW (protocol channel-aware active warden): a countermeasure for protocol switching covert channels (2012)
    • WoDiCoF (Worms Distributed Covert Channel Detection Framework): a covert channel detection framework (2017-2018)
  • Other tiny hacks:
    • sfnetmapper - visualizes connections of users and their projects (2011)
    • creategallery - fast creator for ugly HTML galleries (2009) – here are some of my own galleries.
    • Fluxbat - displays laptop battery status in the fluxbox menu (2007)

Very old stuff (2000-2009), mostly not accessible anymore:

  • OBPkg: a Synaptic-like tool for OpenBSD
  • cwa: a web programming system for C (like PHP, but you can run C code instead)
  • cchttpd: a highly speed-optimized HTTP server, capable of loading C modules to perform server-side website generation and request handling
  • xyriaDNSd: a highly speed-optimized DNS server with load-balancing capabilities (old version from 2008 available on sourceforge)
  • sysmon: web-based system monitoring tool for Solaris 8
  • MSS: Multiple server scanner (a port scanner supporting various scan types; written ca. 2001 with friends)
  • cpfos: An extended Slackware-based packet system for Hardened Linux
  • fupids2: a user-space version of FUPIDS (see above)
  • various hacking tools, mostly to learn how to handle sockets under Linux and BSD, incl. a RIP routing update spoofer, some PoC backdoors using covert channels, and a a simple TCP connection hijacker.

Maintainance of OpenBSD Ports

I contributed the `pscan’ port (a C code vulnerability scanner) to OpenBSD .

Patches for Other Projects

I contributed several patches to the Open Source Software (OSS) community, including mostly bugfixes but also few feature improvements:

  • Operating Systems (packaging/build scripts, tools, …):
  • Tools: gftp, icmpinfo, Ping Tunnel
  • A number of manpage fixes (mostly Ubuntu/Debian)