IT Security + Data Science + Big Data

Contact

grimmer [at] informatik.uni-leipzig.de
Leipzig University, ScaDS.AI, Humboldstraße 25, 04105 Leipzig, Germany

About Me

Since 09/2020: ZIM-Project „Angriffsbasierte Automatisierung von Security Testing für IoT-Anwendungen“
(Attack-based automation of security testing for IoT applications)
Since 08/2016: PhD student / research assistant, Leipzig University, database group in the EXPLOIDS project
03/2014 - 07/2016: IT-Specialist, mgm technology partners GmbH
- BigData projects in the automotive and e-commerce sector
08/2012 - 02/2014: Algorithm Engineer at Unister GmbH, R&D
- BigData algorithmics for a semantic search engine
M.Sc. Computer Science, MLU Halle-Wittenberg, 03/2013

Current Topics

Host and Anomaly based Intrusion Detection Systems
Leipzig Intrusion Detection Data Set (LID-DS)
- LID-DS Description and Download
- LID-DS auf GitHub
Security & Big Data
- Intrusion Detection Systems, Anomaly Detection, Machine Learning
- Distributed Computation Frameworks (Flink, Spark, etc.) and Storage Systems (Accumulo, HBase, etc.)

Talks, blog posts and more

[19.09.2019] Demo/Postersession: At Bidib2019 we presented our host intrusion detection system. Our setup: a live webapp, monitored by our POC IDS. Visitors could try to "hack" the webapp using SQL Injection and we detected them using system call based anomaly detection. [Tweet with images]
[03.07.2019] Blog: Feature Engineering by Example
[22.05.2019] Talk: A Modern and Sophisticated Host Based Intrusion Detection Data Set at 16. Deutscher IT-Sicherheitskongress of the Federal Office for Information Security (BSI)
[11.12.2018] Talk: IT Sicherheit: alternative Wege zur Angriffserkennung at Big Data and AI Saxony Meetup [pdf]
[in 08.2018] Summer School: The International Cyber Security Summer School 2018, Den Haag
[28.02.2018] Talk: Intrusion Detection on System Call Graphs at 25. DFN-Konferenz "Sicherheit in vernetzten Systemen" [pdf]
[in 01.2018] Magazine Article: Linux Magazin: Exploids - Host-basierte Angriffserkennung auf Linux-VMs
[30.01.2017] Blog Post: ScaDS Blog: OSTMap at ScaDS Blog
[13.09.2016] Talk: Flink Forward: Building a real time Tweet map with Flink in six weeks at Flink Forward 2016 [pdf]
[10.03.2016] Blog Post: Geomesa vs. GeoWave: A Benchmark for Geotemporal Point Data at mgm-tp Techblog

Paper

Martin Max Röhling; Martin Grimmer; Dennis Kreußel; Jörn Hoffmann; Bogdan Franczyk, Standardized container virtualization approach for collecting host intrusion detection data, FedCSIS, 2019 [link]
Martin Grimmer; Martin Max Röhling; Dennis Kreusel; Simon Ganz, A Modern and Sophisticated Host Based Intrusion Detection Data Set, 16. Deutscher IT-Sicherheitskongress, 2019 [pdf]
Martin Grimmer; Martin Max Röhling; Matthias Kricke; Bogdan Franczyk; Erhard Rahm, Intrusion Detection on System Call Graphs, 25. DFN-Konferenz “Sicherheit in vernetzten Systemen”, 2018 [pdf]
Matthias Kricke; Martin Grimmer; Michael Schmeißer, Preserving Recomputability of Results from Big Data Transformation Workflows Depending on External Systems and Human Interaction, Datenbank-Spektrum, 2017-09 [link]
Pascal Hirmer; Tim Waizenegger; Ghareeb Falazi; Majd Abdo; Yuliya Volga; Alexander Askinadze; Matthias Liebeck; Stefan Conrad; Tobias Hildebrandt; Conrad Indiono; Stefanie Rinderle-Ma; Martin Grimmer; Matthias Kricke; Eric Peukert, The First Data Science Challenge at BTW 2017, Datenbank-Spektrum, 2017-09 [link]
Matthias Kricke; Martin Grimmer; Michael Schmeißer, Preserving Recomputability of Results from Big Data Transformation Workflows, Workshop Proceedings BTW, Lecture Notes in Informatics(LNI), GI 2017, 2017-03 [pdf]
Annabell Berger; Martin Grimmer; Mathias Müller-Hannemann, Fully dynamic speed-up techniques for multi-criteria shortest path searches in time-dependent networks, International Symposium on Experimental Algorithms, Springer, Berlin, Heidelberg, 2010 [pdf]

Supervision of theses

MA Tim Kaelble: LSTMs for HIDS (2021)
MA Felix Nirsberger: HIDS using a self-organizing map applied to LID-DS (2021)
BA Daniel Helmrich: Prototype a Practical Anomaly-Based NIDS Using Deep Learning Techniques. (2021)
BA Toni Rucks: Erweiterung und Verbesserung des LID-DS. (2021)
BA Greta Staskewitsch: Anomaly Detection basierend auf Sequenz- und Parameteranalysen von Systemcalls. (2020)
MA Dennis Kreußel: Stealth Attacks (working title) (2020)
MA Caroline Mösler: Deep Learning Konzepte eines Hosted-Based Intrusion Detection Systems auf dem LID-DS. (2020)
BA Dennis Kreußel: Simulation and analysis of system call traces for adversial anomaly detection. (2019)
MA Simon Ganz: Ein moderner Host Intrusion Detection Datensatz. (2019)
MA Lukas Werner: Verteilte exakte Berechnung von Perzentilen für Fließkommazahlen. (2018)
MA Marcel Jacob: Effiziente Haltung und Abfrage geotemporaler Daten im Apache Hadoop Ökosystem. (2015)