Dipl.-Inform. Rafael Uetz

Wissenschaftlicher Mitarbeiter bei Fraunhofer FKIE

Research Interests

• Security Information and Event Management
• Security Monitoring / Intrusion Detection / Threat Hunting
• Digital Forensics
• Event Correlation
• Machine Learning and Anomaly Detection

Publications

Please see my Google Scholar profile.

Teaching

Supervised Theses

• "Evaluation of Risk-Based Alerting Approaches", Master's Thesis, WT 2022/2023.
• "A Comparison of Alarm Prioritisation Methods in SOCs", Master's Thesis, WT 2021/2022.
• "Evaluation der Reproduzierbarkeit simulierter Cyberangriffe in SOCBED", Bachelor Thesis, ST 2021.
• "Clustering Text-Based Logs With an Empirical Offline Approach", Master's Thesis, WT 2020/2021.
• "Bewertung der MITRE ATT&CK Evaluations als Benchmark zur Angriffsdetektion", Bachelor Thesis, ST 2020.
• "Evaluation von Windows Event Logging Best Practices zur Erkennung von Post-Exploitation-Schritten", Bachelor Thesis, ST 2019.
• "Generating a Dataset for Evaluating Attack Detection Methods", Master's Thesis, ST 2019.
• "Security Event Correlation on Log Event Streams", Master's Thesis, ST 2018.
• "Design, Implementierung und Evaluation von Clustering-Verfahren zur Typisierung von Logdaten", Bachelor Thesis, WT 2017/2018.
• "Spam Detection with Machine Learning", Master's Thesis, WT 2016/2017.
• "Streaming Algorithms for Flow-based Data Exfiltration Detection", Master's Thesis, WT 2016/2017.
• "Design, Implementation and Evaluation of a Statistical Approach for Network Anomaly Detection", Master's Thesis, WT 2015/2016.
• "Conception, Implementation and Evaluation of a Secure Deletion Mechanism for Sensitive User Data in Main Memory", Master's Thesis, ST 2014.
• "Simulation of an Enterprise Network with Realistic User Behavior", Master's Thesis, ST 2014.
• "Forensische Untersuchung der Firefox-History durch Analyse gelöschter SQLite-WAL-Dateien", Bachelor Thesis, ST 2013.
• "Parallel File Carving for Fragmented JPEG Files", Master's Thesis, ST 2012.

Supervised Labs, Seminars, and Project Groups

• "Intrusion Detection Systems", Project Group, ST 2020.
• "An Evaluation of Elasticsearch, HDFS and Spark for Security Data Analytics", Lab, WT 2018/2019
• "APT-Simulatoren", Project Group, WT 2018/2019
• "Detection of IoCs using Sysmon and the Elastic Stack", Lab, ST 2018.
• "Elasticore: Elasticsearch Correlation Engine", Lab, WT 2017/2018.
• "Log Clustering with Adaptable Patterns", Lab, WT 2016/2017.
• "Log Event Correlation", Seminar, WT 2016/2017.
• "A Framework for the Simulation of Targeted Attacks", Lab, WT 2015/2016.
• "A taxonomy and evaluation of selected targeted attacks focussed on the current APT landscape and the Intrusion Kill Chain", Seminar, WT 2015/2016.
• "Detection of Targeted Attacks", Lab, ST 2015.
• "SIEM Analysis Against Targeted Attacks", Lab, WT 2014/2015.
• "IT-Sicherheitsvorfälle in der Praxis", Project Group, WT 2014/2015.
• "Browsing Privacy", Seminar, ST 2014.
• "SSD Forensics", Seminar, WT 2013/2014.
• "A Forensic Analysis of Firefox Private Browsing Artifacts in Main Memory", Lab, ST 2013.
• "A Forensic Analysis of Private Browsing Artifacts", Seminar, ST 2013.
• "Host-based Intrusion Detection/Prevention Systems", Seminar, WT 2012/2013.
• "Implementierung eines Programms zur Wiederherstellung gelöschter Dateien aus einer FAT32-Partition", Project Group, WT 2012/2013.
• "Implementation of a File Carver for Fragmented JPEGs", Lab, WT 2011/2012.

Lectures

• Lecture and exercise on logging and log management as part of the course "Digitale Forensik", H-BRS, WT 2020/2021, 2021/2022, and 2022/2023.
• Exercises for the course "Network Security", Uni Bonn, ST 2013, 2014, and 2015.

Other

• "Security Awareness Game", Student Internship, WT 2013/2014.
• "Malicious Mouse", Student Internship, WT 2011/2012.