Dipl.-Inform. Rafael Uetz

Wissenschaftlicher Mitarbeiter bei Fraunhofer FKIE

Telefon: +49 228 50212-593
Fax: +49 228 50212-688
E-Mail: rafael.uetz@REMOVETHISPART.fkie.fraunhofer.de
  Fraunhofer FKIE
Zanderstraße 5
D-53177 Bonn
Raum: 2.18 - Zanderstr. 5

Research Interests

  • Intrusion Detection
  • Threat Hunting
  • Alert Prioritization and Correlation
  • Security Information and Event Management
  • Machine Learning


Please see undefinedmy Google Scholar profile.


Feel free to contact me if you are looking for supervision in my research field or details on the courses and works listed below.

Lectures and Exercises

  • Lecture and exercise on logging and log management as part of the course "Digitale Forensik", Hochschule Bonn-Rhein-Sieg (H-BRS), WT 2020/2021, 2021/2022, and 2022/2023.
  • Exercises for the course "Network Security", Uni Bonn, ST 2013, 2014, and 2015.

Supervised Theses

  • "A systematic analysis of cybersecurity datasets in the context of automatic alert triage", Master's Thesis, WT 2023/2024.
  • "Evaluation of Risk-Based Alerting Approaches", Master's Thesis, WT 2022/2023.
  • "A Comparison of Alarm Prioritisation Methods in SOCs", Master's Thesis, WT 2021/2022.
  • "Evaluation der Reproduzierbarkeit simulierter Cyberangriffe in SOCBED", Bachelor Thesis, ST 2021.
  • "Clustering Text-Based Logs With an Empirical Offline Approach", Master's Thesis, WT 2020/2021.
  • "Bewertung der MITRE ATT&CK Evaluations als Benchmark zur Angriffsdetektion", Bachelor Thesis, ST 2020.
  • "Evaluation von Windows Event Logging Best Practices zur Erkennung von Post-Exploitation-Schritten", Bachelor Thesis, ST 2019.
  • "Generating a Dataset for Evaluating Attack Detection Methods", Master's Thesis, ST 2019.
  • "Security Event Correlation on Log Event Streams", Master's Thesis, ST 2018.
  • "Design, Implementierung und Evaluation von Clustering-Verfahren zur Typisierung von Logdaten", Bachelor Thesis, WT 2017/2018.
  • "Spam Detection with Machine Learning", Master's Thesis, WT 2016/2017.
  • "Streaming Algorithms for Flow-based Data Exfiltration Detection", Master's Thesis, WT 2016/2017.
  • "Design, Implementation and Evaluation of a Statistical Approach for Network Anomaly Detection", Master's Thesis, WT 2015/2016.
  • "Conception, Implementation and Evaluation of a Secure Deletion Mechanism for Sensitive User Data in Main Memory", Master's Thesis, ST 2014.
  • "Simulation of an Enterprise Network with Realistic User Behavior", Master's Thesis, ST 2014.
  • "Forensische Untersuchung der Firefox-History durch Analyse gelöschter SQLite-WAL-Dateien", Bachelor Thesis, ST 2013.
  • "Parallel File Carving for Fragmented JPEG Files", Master's Thesis, ST 2012.

Supervised Labs, Seminars, and Project Groups

  • "Tactical Alert Quality Optimization", Lab, ST 2023.
  • "Intrusion Detection Systems", Project Group, ST 2020.
  • "An Evaluation of Elasticsearch, HDFS and Spark for Security Data Analytics", Lab, WT 2018/2019
  • "APT-Simulatoren", Project Group, WT 2018/2019
  • "Detection of IoCs using Sysmon and the Elastic Stack", Lab, ST 2018.
  • "Elasticore: Elasticsearch Correlation Engine", Lab, WT 2017/2018.
  • "Log Clustering with Adaptable Patterns", Lab, WT 2016/2017.
  • "Log Event Correlation", Seminar, WT 2016/2017.
  • "A Framework for the Simulation of Targeted Attacks", Lab, WT 2015/2016.
  • "A taxonomy and evaluation of selected targeted attacks focussed on the current APT landscape and the Intrusion Kill Chain", Seminar, WT 2015/2016.
  • "Detection of Targeted Attacks", Lab, ST 2015.
  • "SIEM Analysis Against Targeted Attacks", Lab, WT 2014/2015.
  • "IT-Sicherheitsvorfälle in der Praxis", Project Group, WT 2014/2015.
  • "Browsing Privacy", Seminar, ST 2014.
  • "SSD Forensics", Seminar, WT 2013/2014.
  • "A Forensic Analysis of Firefox Private Browsing Artifacts in Main Memory", Lab, ST 2013.
  • "A Forensic Analysis of Private Browsing Artifacts", Seminar, ST 2013.
  • "Host-based Intrusion Detection/Prevention Systems", Seminar, WT 2012/2013.
  • "Implementierung eines Programms zur Wiederherstellung gelöschter Dateien aus einer FAT32-Partition", Project Group, WT 2012/2013.
  • "Implementation of a File Carver for Fragmented JPEGs", Lab, WT 2011/2012.

Supervised Internships

  • "Security Awareness Game", WT 2013/2014.
  • "Malicious Mouse", WT 2011/2012.