Michael Eckel

Michael Eckel

Cyber Security Researcher

Fraunhofer SIT

Biography

I am a cyber security researcher for Fraunhofer SIT. Previously, I was a security engineer at Huawei Technologies, mobile software developer at Boostix/GAL, and a web and software developer for a number of other companies. I hold a master’s degree in Computer Science. Currently, I am co-chairing the Trusted Computing Group’s Network Equipment work group, working to secure vulnerable network equipment.

My research interests include cyber security, Trusted Computing, virtualization technologies, and distributed systems.

Interests

  • Cyber Security
  • Trusted Computing
  • Virtualization Technologies
  • Distributed Systems

Education

  • M.Sc. in Computer Science, 2014

    Mittelhessen University of Applied Sciences

  • B.Sc. in Computer Science, 2009

    Mittelhessen University of Applied Sciences

  • Pre-Diploma in Media Informatics, 2006

    Mittelhessen University of Applied Sciences

Skills

C Coding

90 %

TPM

100 %

RC Flying

60 %

Experience

 
 
 
 
 

Cyber Security Researcher

Fraunhofer SIT

Sep 2018 – Present Darmstadt

Developing security solutions based on Trusted Computing for network and embedded systems.

Responsibilities include:

  • Modeling security concepts
  • Implementation
  • Project Management
 
 
 
 
 

Security Engineer

Huawei Technologies

Jan 2015 – Aug 2018 Darmstadt
Developed security solutions based on Trusted Computing for network and cloud systems.

Accomplish­ments

Certificate: Cryptography I

Coursera online course “Cryptography I” by Prof. Dan Boneh from the University of Stanford. The course consists of a theoretical part and a practical part (programming).
See certificate

Trainer Certification according to the German “Ausbilder-Eignungsverordnung (AEVO)”

Vocational and occupational pedagogical aptitude includes the competence to independently plan, implement and control vocational training in the fields of action:

  1. Checking training prerequisites and planning training,
  2. Preparing training and assisting in the recruitment of trainees,
  3. Carrying out training and
  4. Completing training.

Bundesministerium für Bildung und Forschung (BMBF)

See certificate

Cisco Certified Network Associate (CCNA)

Achieving CCNA certification is the first step in preparing for a career in IT technologies. To earn CCNA certification, you pass one exam that covers a broad range of fundamentals for IT careers, based on the latest networking technologies, software development skills, and job roles.

CCNA gives you the foundation you need to take your career in any direction.

Cisco Systems

See certificate

Recent Posts

Projects

HASELNUSS

Hardware-based Safety Platform for Railroad Control and Safety Technology
HASELNUSS

CHARRA

Challenge-Response based Remote Attestation with TPM 2.0
CHARRA

Recent Publications

Quickly discover relevant content by filtering publications.

Secure Attestation of Virtualized Environments

In this paper we analyze existing work on TPM-based remote attestation for virtualized environments and discuss benefits as well as shortcomings. We identify an approach that provides adequate security and is easy to implement but is prone to relay attacks. We improve that approach by developing countermeasures, while maintaining existing security guarantees. We implement and evaluate on production-grade hardware. With performance measurements and further evaluations we show that our solution is viable.

Softwaredesign für Dynamische Integritätsmessungen bei Linux

Die meisten Sicherheitstools versuchen schädliche Programme anhand ihrer Signatur oder anhand ihres Verhaltens zu erkennen. Dies hat den Nachteil, dass das Schadprogramm oder dessen Verhalten bereits bekannt sein muss. Ein anderer Ansatz ist es, ausführbare Programme direkt auf Änderungen im Programmcode zu überwachen, bevor diese ausgeführt werden. Mit diesem Ansatz ist es allerdings nicht möglich zur Laufzeit auftretenden Programmcode-Änderungen zu erkennen. Der in dieser Publiaktion vorgestellte Ansatz der TPM-basierten Dynamic Runtime Attestation (DRA) basiert auf dem Vergleich zwischen geladenem Programmcode und bekannten Referenzwerten. Um die nötige Flexibilität und Erweiterbarkeit zu erreichen, wird in den beteiligten Komponenten die Attestierungsstrategie (Guideline) zentral umgesetzt, welche die nötigen Schritte für alle Attestierungsoperationen, wie z.B. Messungen, Referenzwert-Generierung und Verifikation definieren.

Contact

  • +49 6151 869-221
  • Rheinstraße 75
    64295 Darmstadt
  • Monday 10:00 to 13:00
    Wednesday 09:00 to 10:00