TL;DR
-
Security Researcher from Germany with a passion for CTFs, HTB and everything related to security.
Current Work
-
I am currently working as a Research Associate at the University of Passau (Passau, Bavaria, Germany) (Chair of IT Security: Prof. Dr. Joachim Posegga).
Education
- 2018 - 2021: Master of Science (Computer Science with focus on IT Security & Reliability, grade: 1.0 with honor) & Faculty Award for the best academic achievements in the Master of Computer Science
- 2015 - 2018: Bachelor of Science (Internet Computing & Computer Science, grade: 1.9)
Research Projects
- ForDaySec [ 4 years, funding: ~3.3 million €]
The unique selling point of the "ForDaySec" cluster is its targeted, interdisciplinary research into new types of technical procedures providing cybersecurity to private households, small- and medium-sized enterprises (SMEs) and the public administration. Researchers from computer science, sociology and law have come together to develop technologies that provide security in day-to-day digital life. The sustainable integration of these technologies into existing systems which cannot be altered arbitrarily because no new software can be installed, for instance, is another research thrust. To achieve this goal, "ForDaySec" is not only looking into solutions to enhance security for hardware and software but also exploring security concepts that can be implemented without any in-depth knowledge but take into account the requirements of technical data protection.
- SEMIoTICS: [ 3 years, funding: ∼5 million € under the H2020-IoT-03-2017 work programme]
Research Associate - Research and development of Smart End-to-end Massive IoT Interoperability, Connectivity and Security. In particular, I have developed a mechanism in the field of e-Health that uses Attribute Based Encryption (ABE) to provide the monitored patients with the ability to determine who has access to their data, when, and under what circumstances and for how long.
Publications
-
[Best Paper Award] Spielvogel, Korbinian & Pöhls, Henrich & Posegga, Joachim. (2021). TLS Beyond the Broker: Enforcing Fine-Grained Security and Trust in Publish/Subscribe Environments for IoT. In: Roman, R., Zhou, J. (eds) Security and Trust Management. STM 2021. Lecture Notes in Computer Science(), vol 13075. Springer, Cham. https://doi.org/10.1007/978-3-030-91859-0_8
-
Klement, Felix & Pöhls, Henrich & Spielvogel, Korbinian. (2020). Towards Privacy-Preserving Local Monitoring and Evaluation of Network Traffic from IoT Devices and Corresponding Mobile Phone Applications. 1-6. 10.1109/GIOTS49054.2020.9119507.
-
Alshawish, Ali & Spielvogel, Korbinian & de Meer, Hermann. (2019). A Model-based Time-to-Compromise Estimator to Assess the Security Posture of Vulnerable Networks. 1-3. 10.1109/NetSys.2019.8854511.
CTFs and Penetration Testing
- Since the end of 2020, I have personally become more interested in Pentetration Testing, Capture-The-Flag events, HackTheBox and TryHackMe.
- Played CTFs with Team Project Sekai until March 2022.
- Offensive Security Certified Professional (OSCP)
Teaching
- Summer Term 2022:
5829AG IT-Security (Arbeitsgemeinschaft)
(Regular meetings to solve HTB and THM machines)
- Winter Term 2021/2022:
5823UE Security Insider Lab I - Infrastructure and Network Security
(VPNs, Firewalls, PKI, DNS, Wifi, Bluetooth, MQTT, Routing, Network-monitoring & -analysis, Active Directory)
5829AG IT-Security (Arbeitsgemeinschaft)
(Regular meetings to solve HTB and THM machines)
- Summer Term 2021:
5822UE Security Insider Lab II - System and Application Security (Software-Sicherheit)
(XSS, CSRF, Session Hijacking, SQL-Injection, Cache-Sidechannel Attacks, Local File Inclusion, Remote Code Injection, Remote Code Execution, Buffer Overflows, Shellcoding, Malware Analysis, Static & Dynamic Software Analysis)
5829AG IT-Security (Arbeitsgemeinschaft)
(Intro to CTFs - Web Security, Reverse Engineering, Binary Exploitation)