Research Interests

I am interested in Security and Privacy in IT-Systems in general.

My emphasis lies in the areas:

  • Analysis of network protocols and Protocol Reverse Engineering
  • Usage of Physical(ly) Unclonable Functions (PUFs)
  • Security of wireless communications, especially of Implantable Medical Devices (IMDs)

Besides that my further interests are:

  • Security and forensics of mobile devices
  • Privacy implications on unsing mobile devices
  • Malware analyses
  • Penetration testing
  • Security of web technologies

Peer-Reviewed Publications

  • Kleber, Stephan, and Patrick Wachter. „A Strategy to Evaluate Test Time Evasion Attack Feasibility“. Datenschutz und Datensicherheit - DuD 47, Nr. 8 (August 2023). DOI: 10.1007/s11623-023-1802-0.
  • Wachter, Patrick, and Stephan Kleber. „Analysis of the DoIP Protocol for Security Vulnerabilities“. In Proceedings of the Computer Science in Cars Symposium. CSCS 2022. Ingolstadt, Germany: ACM, December 2022. DOI: 10.1145/3568160.3570229. Author Version.
  • Kleber, Stephan, and Frank Kargl. „Refining Network Message Segmentation with Principal Component Analysis“. In Proceedings of the tenth annual IEEE Conference on Communications and Network Security. CNS. Austin, TX, USA: IEEE, 2022. Author Version.
  • Kleber, Stephan, Milan Stute, Matthias Hollick, and Frank Kargl. „Network Message Field Type Classification and Recognition for Unknown Binary Protocols“. In Proceedings of the DSN Workshop on Data-Centric Dependability and Security. DCDS. Baltimore, Maryland, USA: IEEE/IFIP, 2022. DOI: 10.1109/DSN-W54100.2022.00023Author Version. Video.
  • Kröll, Tobias, Stephan Kleber, Frank Kargl, Matthias Hollick, and Jiska Classen. „ARIstoteles - Dissecting Apple’s Baseband Interface“. In Proceedings of the European Symposium on Research in Computer Security. ESORICS, 2021. 10.1007/978-3-030-88418-5_7.
  • Kleber, Stephan, Rens Wouter van der Heijden, and Frank Kargl. „Message Type Identification of Binary Network Protocols using Continuous Segment Similarity“. In Proceedings of the Conference on Computer Communications. INFOCOM. IEEE, 2020. DOI: 10.1109/INFOCOM41043.2020.9155275. Author version 1. Author version 2.
  • Stephan Kleber and Frank Kargl (2019). "Poster: Network Message Field Type Recognition". In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19). ACM, New York, NY, USA, 2581-2583. DOI: 10.1145/3319535.3363261. Author version.
  • Kleber, Stephan, Lisa Maile und Frank Kargl (2019). “Survey of Protocol Reverse Engineering Algorithms: Decomposition of Tools for Static Traffic Analysis”. In: IEEE Communications Surveys and Tutorials 21(1), Februar 2019. DOI: 10.1109/COMST.2018.2867544. Author version.
  • Kleber, Stephan, Henning Kopp und Frank Kargl (2018). “NEMESYS: Network Message Syntax Reverse Engineering by Analysis of the Intrinsic Structure of Individual Messages”. In: 12th USENIX Workshop on Offensive Technologies, WOOT 18. Baltimore, MD, USA: USENIX Association. url:
  • Kleber, Stephan, Florian Unterstein, Matthias Hiller, Frank Slomka, Matthias Matousek, Frank Kargl und Christoph Bösch (2018). “Secure Code Execution: A Generic PUF-driven System Architecture”. In: 21st Information Security Conference, ISC 18. Surrey, UK. DOI: 10.1007/978-3-319-99136-8_2. Author version.
  • Lukaseder, Thomas, Kevin Stölzle, Stephan Kleber, Benjamin Erb und Frank Kargl (2018). “An SDN-based Approach For Defending Against Reflective DDoS Attacks”. In: Proceedings of the 43rd IEEE Conference on Local Computer Networks, LCN 18. Chicago, IL, USA. DOI: 10.1109/LCN.2018.8638036. Author version.
  • Kleber, Stephan, Henrik Ferdinand Nölscher und Frank Kargl (2017). “Automated PCB Reverse Engineering”. In: 11th USENIX Workshop on Offensive Technologies, WOOT 17. Vancouver, BC, Canada: USENIX Association. url:
  • Stephan Kleber, Florian Unterstein, Matthias Matousek, Frank Kargl, Frank Slomka and Matthias Hiller: Design of the Secure Execution PUF-based Processor (SEPP). Workshop on Trustworthy Manufacturing and Utilization of Secure Devices, TRUDEVICE 2015. September 2015. Author version.
  • Stephan Kleber, Rens W. van der Heijden, Henning Kopp and Frank Kargl: Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions. Networked Systems (NetSys), 2015 IEEE International Conference and Workshops on. März 2015; DOI: 10.1109/NetSys.2015.7089068. Author version.

Further Publications

  • Kleber, Stephan. „Message Type Identification of Binary Network Protocols using Continuous Segment Similarity“. Hot Topic presentation at the International Conference and Workshops on Networked Systems (NetSys) 2021, Lübeck, September 2021. Program.
  • Kleber, Stephan and Ömer, Sahin (Mai 2016). “Durchgecheckt: Forensische Online-Tools zum Enttarnen bösartiger Apps”. In: iX - Magazin für professionelle Informationstechnik 2016.5. Heise Verlag.
  • Stephan Kleber, Florian Unterstein, Matthias Matousek, Frank Kargl, Frank Slomka and Matthias Hiller: Secure Execution Architecture based on PUF-driven Instruction Level Code Encryption. IACR 2015/651. Juli 2015
  • Heiko Platzlaff and Stephan Kleber: Working Groups Report: Cyberforensics. In Marc Dacier and Frank Kargl and Hartmut König and Alfonso Valdes (Editors), Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures Band 14292 aus Report from Dagstuhl Seminar. Kapitel 5.4, Seite 75--77. Herausgeber: Dagstuhl Publishing, Germany, 2014. DOI: 10.4230/DAGREP.4.7.62.


Master of Science (M. Sc.) in Computer Science

Master graduation at Uni Ulm in 2011

Bachelor of Computer Science (B. Comp. Sc.)

Bachelor graduation at Uni Ulm in 2007