up

Presentations & Teaching / Vorträge & Lehre

See also my publications.

2008

Sneaking Python into the Enterprise

Erfahrungen mit Unternehmenssoftware und wie man sie selbst macht. Am 2008-06-12 in Remscheid vor einer Gruppe Interessierter aus der Umgebung gehalten.

Download: PDF MOV

Ladungssicherung in der Praxis

Der (inhouse) Vortrag widmet sich den Implikationen von "VDI 2700 -Ladungssicherung auf Straßenfahrzeugen" und "VDI 3968 - Sicherung von Ladeeinheiten" für die Fast Moving Consumer Goods (FMCG) Branche.

Download: PDF

2007

B2B und B2C - Das Mobiltelefon als mobiler Scanner

Gehalten auf der AutoID live! Konferenz vvon GS1, 2007-11-22, Neuss.

Download: PDF

Angewandte It-Sicherheit

Im HWS 2007/08 halte ich an der Universität Mannheim Angewandte IT-Sicherheit. Siehe auch das Diskussionsforum zum Thema.

Download: 2007-09-11 - Terminologie, 2007-09-18 - Kryptologie 1, 2007-10-02 - Kryptologie 2 / Side Channels, 2007-10-09 - Backups, Hardware Sicherheit, 2007-10-16 - RAID usw., 2007-10-23 - Case Studies, 2007-10-30 - Authentifizierung, 2007-11-06 - Metriken, 2007-11-20 - Scalable Applications, 2007-11-27 - Zusammenfassung.

The Logistics Challange

At the "HUDORA Quality Managment Meeting", 2007-08-21 to 23 in Duangong I gave a Presentation on the important of logistically suitable units and good data. The main aim was was to give our chinese partners some insight into how packaging influences logistic costs in Germany.

Download: chinese, bilingual.

Project experience of an SME

The e-BSN workshop on "Sectoral policy initiatives in support of e-business for SMEs" is co-organised by IDATE and the European Commission. 2007-07-05, Paris, invited talk

Download: PDF.

Mobile Sales, Track & Trace at HUDORA

At the GS1 Mobile Commerce Group, 2007-06-19, Paris a presented on 2D Barcode usage at HUDROA. Invited Talk.

Download: PDF.

dataMATRIX bei HUDORA - welcome to the real world

Auf dem Workshop Handys lesen StrichcodesRevolution in B2C und B2B? am 2007-04-24 werde ich in Düsseldorf einen Vortrag über Experimente mit Datamatrix Codes (bzw. QRcode) und Lesesoftware auf Mobiltelefonen bei HUDORA halten. Invited Talk.

Die Veranstaltung ist ausgefallen.

Download: Entwurf.

"Wo ist meine Ware?"

Unter dem Titel "Mehr Kundenzufriedenheit durch effiziente Logistik" werde ich auf dem 13. Logistik-Jahreskongress in Köln das Thema vom ECR-Tag aufnehmen und über unsere Entwicklungen im Versandprozess berichten. Invited Talk.

Download: PDF.

Das huLOG Projekt

Im März 2007 habe ich drei ähnlich ausgerichtete Vorträge vor dem IHK Außenhandelsausschuss, dem IHK Großhandelsausschuß und einer Gruppe Interessierter gehalten. Thema war jeweils der Umgang mit Software in seinen verschiedenen Facetten. "Wenn Software unser Werkzeug ist, was sind dann unsere Werkzeugmaschinen und wer sind unsere Werkzeugbauer?". Invited Talk.

Download: IHK Aussenhandelsausschuß, IHK Großhandelsausschuß, diverse.

disLEXia

Für Leser des Weblogs disLEXia.de gab es im Januar 2007 einen Abend mit Einführung in Managment, Logistik & Unternehmens-IT.

Download: PDF.

2006

NVE@HUDORA

Der Vortrag mit dem sperrigen Untertitel "Kundenzufriedenheit steigern durch effiziente Logistik" wurde auf dem ECR-Tag / 2. Prozeus-Technologieforum am 2006-09-27 in München gehalten und gibt eine Einführung in die Nutzung von Scannertechnologie, NVEs und EAN128 Transportetiketten bei HUDORA.

Download: PDF, MOV (Quicktime), SWF (Flash download).

Computerforensik

Zusammen mit Dr. Kay Schumann habe ich einen einwöchigen Kurs zum Thema Computerforensik bei der Bundespolizeiakademie in Lübeck gehalten.

2006-08-14: Einführung (HTML), Internet (HTML), der forensiche Prozess (HTML).
2006-08-15: Internet (HTML).
2006-08-16: Honeypots (HTML), digitale Spuren (HTML), Beschlagnahme. (HTML).
2006-08-17: Festplatten (HTML), Übungen (HTML).
2006-08-18: Hashing (HTML), PDAs & Freunde (HTML), Forensiksoftware (HTML).

Lecture: Case-Studies on Dependable Systems and Computer Misuse

Together with Professor Felix Freiling I provided as Lecture "Case-Studies on Dependable Systems and Computer Misuse Apollo Spaceshuttle, Melissa und Google: Fallstudien in Verlässlichkeit und Computermissbrauch" at the University of Mannheim in the Summer Semester 2006.

2006-05-04: Intro (2006-05-04), 2006-05-31: 2006-05-31. 2006-06-22: download

Phishing: Host-Basierte Attacken (invited talk)

Was held at Interdisziplinäres Symposium: Phishing und Online-Banking, Bochum 2006-04-27.

Download: PDF.

Tampering with Motes: Real-World Attacks on Wireless Sensor Networks

Was held at SPC 2006, York, 2006-04-19. See also paper on that topic.

Download: PDF.

Tampering with Motes: Real-World Attacks on Wireless Sensor Networks

Was held at Sicherheit 2006, Magdeburg, 2006-02-20. See also short paper on that topic.

Download: PDF.

Advanced Honeypot Tactics

Was held together with Thorsten Holz at EuSecWest06 London, 2006-02-17.

Download: PDF.

Neue Wege in der kriminologischen Dunkelfeldforschung und Prävention? (invited talk)

Was held at the Workshop "Internet-Devianz" des DFK, 2006-02-15, Bonn.

This presentation introduces some little known old and some new approaches on learning about crime on the Internet.

Download: PDF.

2005

Lecture on Operating Systems

Together with Professor Felix Freiling and Thorsten Holz provided the Lecture on Operating Systems at the University of Mannheim in the Winter Semester 2005/2006.

The Art of Fingerprinting (invited talk)

Was held at IT-Underground, 2005-10-12, Warshaw.

Often you are in a position where you have to determine as much as possible about a remote device. Be it that you are a network administrator surveying your own network, be it in a penetration testing or infowar setting. In this talk participants will learn how well known remote identication techniques like the ones in nmap work and they will also learn lesser kown tools and techniques. After the course participants should be able to gather huge amounts of information on remote systems by having a wide set oe methods at their disposal.

Download: Slides, headerlentest.py, headernumtest.py, urilentest.py.

Summerschool applied IT-Security

Several lectures will be held at the Summerschool applied IT-Security, 2005-09-19 to 2005-09-30, Aachen.

Download: Intro, Hardware Hacking and Attacking, fingerprinting, SQL Injection (example.py), Web-Hacking (Lab), Forensice / data leakage, Diploma Thesis about XSS.

Computerforensik in der akademischen Forschung und Ausbildung (invited talk)

Wurde am 2005-08-18 in Darmstadt im Rahmen des CAST Workshop "Forensik" gehalten.

Download: Presentation, Handouts: 2, 3, 4 Slides pro Seite.

Brauchen wir eine standardisierte IT-Sicherheitsausbildung an Hochschulen?

Podiumsdiskussion mit Prof. Dr. Andreas Pfitzmann (TU Dresden), Maximillian Dornseif (RWTH Aachen), Rolf vom Stein (TÜV Secure iT GmbH), Prof. Dr. Hartmut Pohl (FH Bonn-Rhein-Sieg) im Rahmen des Workshop zur Ausbildung im Bereich IT-Sicherheit am 2005-08-11 in Köln

Hands-On Honeypots

was held with Thorsten Holz at Black Hat Training Las Vegas 2005, 25.-26. Jule 2005.

This course taught how to setup different types of honeypots and how to learn more about the tools, tactics, and motives of blackhats but also to swiftly detect and react to malware outbreaks in an organization. It was shown how honeypot technology can be used to estimate risks in a way management understands. On the other hand, the course taught offensive ways to attack honeypots to get an understanding on how to use honeypots and their limitations for vulnerability assessment.

Download: Slides Intro, Honeyd, Forensics, Attacks.
"Snippets": Other approaches, honeytokens, honed/routing, honeyfarms, review of monday, upcomming techniques.

For the slides on Gen II/III, Nepenthes, Botnets, Misc and hand-outs mail Thorsten Holz.

Common Failures in Internet Applications

Class was held in the Summer Semester 2005 at RWTH Aachen university.

This was designed to teach how to break insecure Web applications. It takes place at 13:30h CEST in room AH V at Aachen University. Videos of the lecture will ba made available at this page after each lecture. The lecture is also available as an Quicktime/MPEG4 live steam here.

Introduction into Honeynets

Was held at the "Hacker Practical" at RWTH Aachen University.

On the limits of deception (invited talk)

Was held together with Thorsten Holz, at the 19. DFN Tagung über Kommunikationsnetze in Düsseldorf, 2005-05-19.

Download: Presentation as Flash or PDF

FireWire - all your memory are belong to us

Was held at CanSecWest/core05, 4.-6. May, Vancouver

Firewire/i.Link is well known as a way for connecting video devices or external hard-disks to computers. One little known fact is that the Firewire protocol also allows to read and write physical memory on connected machines without further software support. This can be leveraged to escalate privileges or to spy on connected machines. We will present some fun software using FireWire to do things to computers which shouldn't happen.

Download: Presentation as Flash or PDF,
Demo code as used in the presentation, code for Linux, other versions,
Video of the iPod Demo,
FireWire hacking Linux for the iPod,
Video of an older Lecture and Demo on the topic,
Videosnippet of the Demonstration in Tokyo at PacSec 2004.

On the Meaning of "Physical Access" to a Computing Device

Was held together with Knut Eckstein at the NATO C3a Workshop on Network enabled Warefare, Den Hague, The Netherlands, April 2005.

This presentation intends to more precisely define the term "physical access" in the context of computer security. It classifies various methods of locally accessing a computing device in order to bypass its built-in security mechanisms and provides case studies.

Download: Flash, PDF

Anti-honeypot technology (invited talk)

Was held at IT-Underground, 17-18.2.2005 in Prague.

Honeypots / Honeynets are one of the more recent toys in the white-hat arsenal. These tools are usually assumed to be hard to detect and attempts to detect or disable them can be unconditionally monitored. The talk sheds some light on how attackers usually behave when they want to defeat honeypots. We will encompass the process of identifying and circumventing current honeypot technology and demonstrate several ways to achieve this. The focus will be on Sebek-based honeypots, but we will also show some ways how to accomplish similar results on different honeypot-architectures.

Download: Flash, PDF

PenTest Crash Kurs

Crash Course in the basics of penetration testing. Was held 7.1.2005 at RWTH-Aachen University

Download: Presentation

2004

Hidden Data in Internet Published Documents

Was held together with Steven J. Murdoch at the chaos communication congress Berlin, Germany, in December 2004

Many files are being published on the Internet which hold unexpected (and potentially embarrassing) data. We examine different cases of hidden data in file formats (including Word, PDF and JPEG) and show examples of these from a crawl of the Internet

See also Demo: Differences between JPEG Images and their EXIF Thumbnails, presentation from the Summerschool which contains more information on MS Office Documents.

Download: Presentation, exif_thumb (snapshot), patched crawl (snapshot)

Hacking with Fire

Was held together with Michael Becher at the chaos communication congress Berlin, Germany, in December 2004

Firewire/i.Link ist dafür bekannt, Videoausrüstung oder externe Festplatten mit Rechnern zu verbinden. Weniger bekannt ist die Tatsache, dass über das Firewire-Protokoll der physikalische Speicher der miteinander verbundenen Geräte gelesen und geschrieben werden kann, ohne dass es durch Software unterstützt werden muss.

Der Vortrag wird auf die relevanten Bereiche der Spezifikation eingehen, die den Speicherzugriff ermöglichen. Nach der theoretischen Einleitung werden Ideen gezeigt, wie das praktisch ausgenutzt werden kann: Den Bildschirmspeicher oder beliebige Daten lesen und verwerten, den Rechner oder bestimmte Prozesse zum Absturz bringen, den Bildschirminhalt oder die Rechte von einem Prozess verändern. Einige dieser Ideen werden auch ausführlich praktisch vorgeführt.

Download: Presentation, Demo code (other versions).

The Art of Fingerprinting

Was held together with Ilja van Sprundel and psyco dog from da neo war at the chaos communication congress Berlin, Germany, in December 2004

Download: Presentation, vmap-0.6-macosx.patch, honeyd-Xmap, xc0rr.

0wned by an iPod - hacking by Firewire.

Was held at the PacSec/core04 conference, Tokyo, Japan, in 11.-12. November 2004

Firewire/i.Link is well known as a way for connecting video devices or external hard-disks to computers. One little known fact is that the Firewire protocol also allows to read and write physical memory on connected machines without further software support. This can be leveraged to escalate privileges or to spy on connected machines. Any kind of device connected via Firewire, be it hard-disk, camcorder or iPod could be perverted to steal data or insert backdoors into computers being attached to the device. But while memory-access over Firewire has some considerable dangers it also is a superior tool for monitoring and forensics on live systems.

Download: Presentation, Demo code (other versions), Video of the Demonstration.

Lecture on Computer and Network Forensics

Was held in the winter semester 2004 at RWTH Aachen University. See the lecture page or weblog for details.

Aachen Summerschool Applied IT Security 2004

The Summerschool took place 20.9.-8.10.2004.

The "summer school applied IT security" teaches penetration techniques for computers and network devices. Participants will gain an in depth understanding in the ways security systems fail and get the opportunity to explore penetration techniques themselves. Topics include programming errors like buffer overflows and format string attacks, network based attacks like sniffing, spoofing, attacks on web applications, network reconnaissance, wireless security, malware and forensics. Short break-out sessions will cover management of security, ethics and social, legal and economic issues. The summer school will finish with a 2-day war game where participants practice attack and defence with each other.

For further Information see summerschool homepage and our report on it.

Besides organizing the event I gave several lectures:

Further information on the event can be found at the summerschool wiki and at the summmerschool weblog.

Versteckte Daten in Dokumentformaten

Was held 26.8.2004 at OpenChaos, Chaos Computer Club Cologne

Komplexe - aber auch nicht so komplexe Datenformate - beinhalten oft mehr Informationen, als dem Autor bewusst ist. Dieser Vortrag gibt einen Ueberblick darueber was man wo finden kann, berichtet von einigen bemerkenswerten Vorfaellen und fuehrt den einen oder anderen Taschenspieler-Trick vor.

Far more you ever wanted to tell - hidden data in document formats

Was held at Defcon 12 July 2004.

Complex data formarts usually contain much more informmation than we are aware it. This presentation gives an overview about some of the types of information which can be found, notable incidents and the situation with hidden data in documents on the internet.

Download: Quicktime Presentation (hi-res version), PDF Presentation, the demos (1, 2, 3).

NoSEBrEaK - Defeating Honeynets

Was held together with Thorsten Holz at Black Hat USA 2004 Briefings, July 2004 and Defcon 12.

See also the academic paper and the presentation at the Westpoint IAW workshop on this topic.

Download: Quicktime Presentation (hi-res version), PDF Presentation, the kebes toolkit, the demos.

Ermittlung von Verwundbarkeiten mit Elektronischen Ködern

Was held together with Thorsten Holz at Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2004), july 2004

NoSEBrEaK - Attacking Honeynets

Was held 10. June 2004 at the Information Assurance Workshop, Westpoint.

See the paper on this topic.

Download: Quicktime Presentation, PDF.

Warum wissen wir so wenig über Computersicherheit (invited talk)

Beitrag zum "Vortragsabend zum Thema Computersicherheit" der Stipendiaten des Stifterverbandes der deutschen Wirtschaft, 7.6.2004, 19:00h Raum VZN 405 (Bauteil Nord) im Institut für Industrieofenbau und Wärmetechnik, Kopernikusstr. 16, Aachen.

Costs and Benefits of Honeynets

Was held 14.5.2004 at The Third Annual Workshop on Economics and Information Security (WEIS04)

See the paper on this topic.

Download: Quicktime Presentation, PDF.

Hacking, Law & Ethics

Was held at the Hacker-Seminar.

Download: not available

Real World Security Failures (invited talk)

Was held at DFG Graduiertenkolleg "Software für mobile Kommunikationssysteme", RWTH-Aachen University, 17.3.2004, 10:00h.

Surprisingly little research exists on how security fails. This often results in threat models not being based on sound empirical data or even security systems being designed without explicit threat models at all. This presentation will illustrate the current qualitative and quantitative data available on security failures, discuss problems with this data and show opportunities to collect further information on security failures. A better understanding of how security systems fail is the basis for better threat models with hopefully result in more secure systems.

Call it computer crime, incident, security breach or insurance case - it's all used to describe failures of computer security. To defend against this happenings be it by punishing wrongdoers, changing policy, redesigning systems or insuring risk - a common understanding of what forms of misuse threaten a system and how prevalent they are is needed.

Building on research at the Institute of criminal justice, University of Bonn, the available quantitative and qualitative research on computer misuse will be presented. Surprising trends in the available qualitative will be shown and examples of misuse collected by quantitative research. Sources for data on misuse and the problems faced when collecting such data will be discussed and novel approaches to tackle this problems with techniques like Honeynets or Network Telescopes will be presented.

Download: Quicktime Presentation, PDF

Open Source: Sicherheit und Vertrauenswürdigkeit

Was held at Regina e.V. Open Source Software - Workshop , 12.3.2003.

Download: Quicktime Presentation, PDF

Hacker Seminar

Was held at he laboratory of Dependable Distributed Systems, RWTH-Aachen, together with Prof. Dr. Felix Gärtner and Dipl.-Inform. Martin Mink in the summer term. Seminar homepage.

2003

Vorlesung Computerkriminalität

Wurde gehalten im Rahmen der Vorlesung Wirtschaftsstrafrecht von PD Dr. Friedrich Toepel im SS 2003 im Institut für Strafrecht der Universität Bonn, Andenaueralle 24-42 am 11.7.2003.

Download: PDF

Internet Filterung in der Praxis, eine Bestandsaufnahme

Wurde gehalten am 26.6.2003, 19:00 c.t. im Rahmen des OpenChaos in Köln. (See also my paper on the topic of blocking Websites.)

Download: PDF

Sperrung von illegalen Inhalten im Internet

Wurde gehalten auf der 17. DFN-Arbeitstagung über Kommunikationsnetze, 10.6.2003 - 13.6.2003 in Düsseldorf. (See also my paper on the topic of blocking Websites.)

Download: PDF

2002

Vorlesung Computerkriminalität

Gehalten im Rahmen der Vorlesung Wirtschaftsstrafrecht von PD Dr. Friedrich Toepel an der Universität Bonn im WS 2002/2003.

Download: not available

Digital Demonstrations

Held at the H2K2 conference which took place July 12-14, 2002 in New York City.
Being able to carry political opinions to the public by showing them on the street is a basic part of democratic rights. Nowadays, a steadily increasing part of our life takes place in cyberspace. Things which aren't happening in cyberspace will therefore get less and less public attention. How can protest be taken into the virtual realm? What strategies for "online demonstrations" have we seen so far? How about the ethical and legal dimensions? Who gets hurt? Host Maximillian Dornseif will present a new approach for conducting online demonstrations without adversely affecting other users on the net.

View: HTML

WaveLAN Sicherheitsrisiken

T-Systems Sicherheitstagung, Aachen, 30 Januar 2002.

View: HTML

2001

Hackers as an important part of the Information Society (invited talk)

Held at the OECD Workshop on Information Security in a Networked World, Nikko Hotel Tokyo, Japan, 12-13 September 2001, by invitation of the Government of Japan.

View: HTML

Older Presentations

Older Presentations without online material include:

Maximillian Dornseif
Last modified: Fr 13 Jun 2008 06:18:52 CEST