My Research

Anomaly Detection

Anomaly Detection is the process of detecting instances in a dataset which deviate from the norm.

Unsupervised and semi-superviesed anomaly detection have been my core research topic for many years. In this area, I published many papers and also wrote my PhD thesis about it. I am also author and maintainer of the well-known open source anomaly detection plugin for RapidMiner. I applied the concept in many application domains, but most often in telecom fraud detection, payment fraud detection and network intrusion detection.

Do you know my thesis?

Read about all algorithms I have developed and my evaluations.

Machine Learning

In machine learning, computers are trained on specific tasks such that they can make their own decisions.

I have been working on multiple machine learning topics during my research and for teaching. I worked on Meta-learning and I have a comprehensive understanding of the most important classifiers. Also, I am an experienced user of RapidMiner.

Forecasting

Forecasting and Predictive Analytics are techniques predicting the future based on patterns in the past.

I have been working on predictive algorithms for many application scenarios. For example, I predicted the amount of people to be at a certain place or the amount of SMS to be send over a provider's network.

Network Security

In network intrusion detection, rule-based systems are commercially widely applied. However, unknown attacks as well as highly distributed attacks are barely defendable without intelligent algorithms.

In my work I especially addressed the mitigation of highly distributed DDoS attacks. During these attacks, an extremely high amount of legal requests is sent to a victim such that its server is overloaded. Since this is not a typical break-in attempt and the requests seem legal, only machine learning can be used to defend these attacks. In this context, normal behavior is learned and during an attack the most likely illegal requests are filtered out. I released several open source tools, such as a Linux Kernel-based shaping firewall nf-HiShape and a sophisticated botnet simulator BoNeSi. Additionally, I am holding three patents for defnese strategies.

Committee and Board Acitivities

I am an active board member of the following international conferences and journals.

Teaching

This is a list of my university teaching activities.

  • 2017: Lecture "Programming in Java II", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2017: Lecture "Data Warehousing", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2017: Project "Medical Data Science", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2016: Lecture "Programming in Java", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2016/2017: Lecture "Introduction to Computer Science", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2016: Lecture "noSQL Databases", Bachelor's level, Ulm University of Applied Sciences, Germany.
  • 2015: Lecture "Image Analysis and Pattern Recognition" for international Master students (G30), Kyushu University, Japan.
  • 2014: Lecture "Biological Data Processing, Advanced Course" for international Master students (G30), Kyushu University, Japan.
  • 2013: Lab course (Seminar) supervisor: "Artificial Intelligence", Bachelor's level, University of Kaiserslautern.
  • 2013: Master Thesis supervisor: "Enhanced Support Vector Machines for Unsupervised Anomaly Detection", German University in Cairo.
  • 2012: Guest Lecture in Advanced Machine Learning: "Anomaly Detection", University of Kaiserslautern.
  • 2012: Bachelor Thesis supervisor: "Document Authentication using Printing Technique Features", University of Kaiserslautern. PDF download
  • 2012: Master Thesis supervisor: "Anomaly Detection", German University in Cairo.
  • 2012: Seminar Certified Fraud Analyst: "Data Analysis", Frankfurt School of Finance and Management. More information (German)
  • 2011: Bachelor Thesis supervisor: "Comparison of Unsupervised Anomaly Detection Techniques", German University in Cairo. PDF download
  • 2010: Lab course (Seminar) supervisor: "Artificial Intelligence", Bachelor's level, University of Kaiserslautern.
  • 2009: Lab course (Seminar) supervisor: "Pattern Recognition", Master's level, University of Kaiserslautern.
  • 2008: Guest Lecture in Pattern Recognition and Statistical Learning: "Machine Learning Systems", University of Kaiserslautern.
  • 2008: Lecture Tutorials: "Pattern Recognition and Statistical Learning", Master's level, University of Kaiserslautern.
  • 2008: Lab course (Seminar) supervisor: "Introduction to Pattern Recognition", Bachelor's level, University of Kaiserslautern.
  • 2008: Project Thesis supervisor: "Classification of HTTP Requests using Time Series Analysis", University of Kaiserslautern.
    PDF download (German)
  • 2007: Guest Lecture in Human Computer Interaction: "DDoS Mitigation", University of Kaiserslautern.
  • 2007: Lab course (Seminar) supervisor: "Introduction to Pattern Recognition", Bachelor's level, University of Kaiserslautern.
  • 2006: Lab course (Seminar) supervisor: "Pattern Recognition", Master's level, University of Kaiserslautern.

Reviews

In the last years I completed several reviews for international conferernces and journals. Here is a list of my last activities.

  • Journal of Information and Software Technology (Elsevier) 2017
  • ICN 2017
  • PATTERNS 2017
  • Journal of Entropy (MDPI) 2016
  • International Journal On Advances in Networks and Services 2016
  • PATTERNS 2016
  • ICN 2016
  • Journal of Information and Software Technology (Elsevier) 2016
  • ICDAR 2015
  • PATTERNS 2015
  • ICN 2015
  • International Journal On Advances in Networks and Services 2014
  • ICPR 2014
  • IEEE Transactions on Information Forensics & Security 2013
  • ICN 2014
  • ICAART 2014
  • ACPR 2013
  • PATTERNS 2013
  • International Journal On Advances in Networks and Services 2013
  • ICDAR 2013
  • ICN 2013
  • International Journal On Advances in Networks and Services 2012
  • DAGM 2012
  • ICPR 2012
  • PATTERNS 2012
  • ICN 2012
  • PATTERNS 2011
  • ICN 2011
  • ICAART 2011
  • ICN 2010
  • Journal: Pattern Recognition Letters 2009
  • ICN 2009
  • KI 2008
  • ECCV 2008
  • CVPR 2008
  • VISAPP 2008
  • ICCV 2007
  • CVPR 2007
  • MVA 2007