Funded Projects

ATTRIBUT (Phase 2 and Phase 3) (2023-2027)

  • funded by Agentur für Innovation in der Cybersicherheit (Cyberagentur); role: leading partner HSW and its sub-project; proposal co-author; ~1.560.000 EUR (both phases combined)
  • project website



EMPOWER, Sub-project on Cyber Security (2023-2027)

  • funded by BMBF; role: leading partner HSW; proposal co-author; ~2.404.000 EUR



KIASH (2022-2025)

  • funded by BMBF; role: leading partner HSW; proposal co-author; ~174,000 EUR



AI-driven Secure Aging for Pandemy-resilient Digital Infrastructures (German: KI-gestütztes sicheres Altern für eine pandemieresiliente digitale Infrastruktur, KISAT, 2020-2022)

  • funded by MWWK/RLP; role: main proposal author; principal investigator; 185,000 EUR



Secure and Intelligent Visualization and Real-time Reconstruction Techniques for Proton Computed Tomograph (SIVERT; 2020-2023)

  • funded by MWWK/RLP; role: one of the proposal authors; co-principal investigator; ~717,000 EUR



Machine Learning-based Attack Detection for Industrial Control Systems (MADISA, 2019-2021)

  • funded by EU (EFRE)/RLP; role: principal investigator / main proposal author; ~211,000 EUR



Anti Cyber-crime Actions on the European Level (ACCAEL, 2020),

  • funded by BMBF; role: principal investigator / main proposal author; ~21,750 EUR



Energy-efficient and Secure Smart Environments (E2S2E, 2016-2018),

  • funded by German Ministry of Education and Research (BMBF); role: principal investigator / main proposal author; eight project partners; ~68,000 EUR



Building Automation Reliable Network Infrastructure (BARNI, 2014-2016),

  • funded by German Ministry of Education and Research (BMBF); role: main proposal author / project manager; ~453,000 EUR



Other Projects

Steganography Patterns Project (since 2021)

  • coordinator; currently not funded



Software Projects (Mostly Historic)

  • WendzelNNTPd - an NNTP daemon (2004-today)
  • Hardened Linux Security Distribution (project initiator/leader and developer; 2006-2008)
  • AstroCam stepengine control software (2001-2011)
  • Security hacks:
    • KSPIDS - Linux Kernel User Profile IDS Patch (2008)
    • openportd - ICMP port knocking service for OpenBSD (2006)
    • FUPIDS - “Fuzzy” User Profile IDS for the OpenBSD Kernel (2003)
  • Covert channel/tunneling software:
    • NEL tool - a research tool for network environment learning/active warden testing (2017-2018)
    • CCEAP - a tool for teaching network covert channels (2016-2020)
    • PCT - protocol channel tool (PoC, 2008)
    • PHCCT - protocol hopping covert channel tool (PoC, 2007)
    • VSTT - ICMP, POP3 and plaintext tunnel via fifo/socket in/out (2006)
    • PCAW (protocol channel-aware active warden) - a countermeasure for protocol switching covert channels (2012)
    • WoDiCoF (Worms Distributed Covert Channel Detection Framework) - a covert channel detection framework (2017-2018)
  • Other tiny hacks:
    • sfnetmapper - visualizes connections of sf.net users and their projects (2011)
    • creategallery - fast creator for ugly HTML galleries (2009) – here are some of my own galleries.
    • Fluxbat - displays laptop battery status in the fluxbox menu (2007)

Very old stuff (2000-2009), mostly not accessible anymore:

  • OBPkg: a Synaptic-like tool for OpenBSD
  • cwa: a web programming system for C (like PHP, but you can run C code instead)
  • cchttpd: a highly speed-optimized HTTP server, capable of loading C modules to perform server-side website generation and request handling
  • xyriaDNSd: a performance-optimized DNS server with load-balancing capabilities (old version from 2008 available on sourceforge)
  • sysmon: shell- and web-based system monitoring tool for Solaris 8
  • MSS: Multiple server scanner (a port scanner supporting various scan types; written ca. 2001 with friends)
  • cpfos: An extended Slackware-based packet system for Hardened Linux
  • fupids2: a user-space version of FUPIDS (see above)
  • various other security tools, mostly to learn how to handle sockets under Linux and BSD, incl. a RIP routing update spoofer, some PoC backdoors using covert channels, and a TCP connection hijacker.

Maintainance of OpenBSD Ports

I contributed the `pscan’ port (a C code vulnerability scanner) to OpenBSD.

Patches for Other Projects

I contributed several patches to the Open Source Software (OSS) community, including mostly bugfixes but also few feature improvements:

  • Operating Systems (packaging/build scripts, tools, …):
    • Slackware Linux (several patches for package build scripts)
    • My OpenBSD patches
  • Patches for several network-related tools: gftp, icmpinfo, Ping Tunnel
  • A number of manpage fixes (mostly Ubuntu/Debian)