We can fix it!

Tobias Fiebig

Researcher System and Network Engineer

More About Me

Let me introduce myself.

Profile Picture

I am a researcher between the field of network measurement using large-scale datasets, computer security and human factors in computer security (especially system administration). My current research projects include work on using DNS for security measurements, investigations of IPv6 deployment (and security), and, large-scale misconfiguration on the internet and the human factors that contribute to them. In addition to that, I also enjoy interacting with students, either in giving lectures or in supervising thesises and projects. Besides my academic interests, I am also a successful freelance system and network engineer, experienced in improving the maintainability, security, and resillience of complex infrastructures.


  • Large scale measurements
  • DNS: Ops and security
  • Security Misconfiguration
  • IPv6 deployment and security
  • Human factors in system operations


  • Seminar on history of IT security
  • Applied thesises
    • networking students with the industry
    • integrating students into research
  • Data analysis for computer security
  • ICT risk management


  • Infrastructure analysis and redesign
  • Data analysis and datascience
  • Security evaluations and concepts
  • Process optimization and trainings
Where to find me

TU Delft
Building 31
Jaffalaan 5
Room B3.170
2628 BX Delft

Email Me At


Call Me At

Mobile: (+31) (0)616 80 98 99

To appear: October 2018

Investigating System Operators' Perspective on Security Misconfigurations

Constanze Dietrich, Katharina Krombholz, Kevin Borgolte, Tobias Fiebig, ACM Conference on Computer and Communications Security (CCS), 2018.

July 2018
May 2018

Enumerating Active IPv6 Hosts for Large-scale Security Scans

Kevin Borgolte, Shuang Hao, Tobias Fiebig, Giovanni Vigna, IEEE Symposium on Security&Privacy (Oakland), 2018.

March 2018

Taking Control of SDN-based Cloud Systems via the Data Plane

Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean-Pierre Seifert, Anja Feldmann, Stefan Schmid, ACM Symposium on SDN Research (SOSR), 2018.

March 2018
February 2018

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates

Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, Giovanni Vigna, Network and Distributed System Security Symposium (NDSS), 2018.

November 2017

The vAMP Attack: Taking Control of Cloud Systems via the Unified Packet Parser

Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean-Pierre Seifert, Anja Feldmann, Stefan Schmid, ACM Cloud Computing Security Workshop (CCSW), 2017.

September 2017

Static Program Analysis as a Fuzzing Aid

Bhargava Shastry, Markus Leutner, Tobias Fiebig, Kashyap Thimmaraju, Fabian Yamaguchi, Konrad Rieck, Stefan Schmid, Jean-Pierre Seifert, Anja Feldmann, Conference on Research in Attacks, Intrusions and Defenses (RAID), 2017.

March 2017
October 2016

A One-Year Perspective on Exposed In-memory Key-Value Stores

Tobias Fiebig, Anja Feldmann, Matthias Petschick, SafeConfig'16, CCS Workshops.

October 2016
May 2015
August 2014

A Metric for the Evaluation and Comparison of Keylogger Performance

Tobias Fiebig, Janis Danisevski, Marta Piekarska, CSET 2014, USENIX Security Workshops.

August 2014

Security Impact of High Resolution Smartphone Cameras

Tobias Fiebig, Jan Krissler, Ronny Hänsch, WOOT 2014, USENIX Security Workshops.




January 2015 - Dezember 2017

Funding Program Selbstdatenschutz, IKT2020 (BMBF)

Creating usable End-to-End encryption implementations, securing day-to-day communications without relying on central infrastructure (PKI).

My contributions

Responsible for the TU Berlin portions of the proposal; conceptualization, application, budgeting and integration among the partners.


Assistant Professor

Since October 2017

TU Delft, Netherlands.

Faculty of Technology, Policy and Management

Visiting Researcher

March 2017 - May 2017

University of California, Santa Barbara, USA.

Research Group of Prof. Christopher Kruegel and Prof. Giovanni Vigna, Research on Internet-scale measurements of DNS misconfiguration.

Research assistant

June 2015 - December 2017

Technische Universität Berlin

Research Group of Prof. Anja Feldmann, Ph. D, Research on Internet measurement, human factors in security and Internet-scale security misconfiguration.

Research assistant

September 2013 - May 2015

Technische Universität Berlin

Research Group of Prof. Dr. Jean-Pierre Seifert, Research on mobile security, security of financial transaction security models, and Internet-scale security misconfiguration.


Lectureship - Master Thesis Supervision


Beuth Hochschule Berlin, Germany.

Constanze Dietrich, "Human Factors as Security Risks in IT Operations: An Empirical Evaluation of Operators' Experiences with Security Misconfigurations", Examiners: Tobias Fiebig, Ilse Schmiedecke, Prof. Dr. Agathe Merceron.


Winterterm 2014 / 2015

Technische Universität Berlin, Germany.

Computer Security Seminar of FG SecT


Summer Term 2014

Technische Universität Berlin, Germany.

Computer Security Seminar of FG SecT


PhD Student

September 2013 - Present

TU Berlin, Berlin, Germany.

Advised by Prof. Feldmann together with Prof. Seifert.
Thesis Title: An Empirical Evaluation of Misonfiguration in Internet Services.
Thesis defense date: 16.06.2017

MSc System and Network Engineering

September 2012 - July 2013

University of Amsterdam, Netherlands.

Grade: 7.8 GPA (US Letter Grade: A)

BSc Cognitive Science

October 2008 - August 2012

University of Osnabrück, Germany.

Majors: Cognitive Psychology, Philosophy of Mind, Artificial Intelligence, Computational Linguistics and Computer Science, Grade: Very Good.

March 2017

You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet

Internet Engineering Task Force (IETF) Meeting No. 98, Chicago, Presenting first steps towards scanning IPv6 globally in an industry context, with a special focus on transferring academic insights to industry players.

December 2016

You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet

33C3: 33rd Chaos Communication Congress, Hamburg, Presenting first steps towards scanning IPv6 globally.

March 2016

Kleine Fehler - Große Wirkung

Ringkolloquium: Digitale Herausforderungen, Berlin, Presenting on operations personell as overlooked part of security and usability research.

June 2014

Teaching Crypto - How to Make Teenagers Curious

20. Kryptotag der Gesellschaft für Informatik, Berlin, Using hardware reverse engineering as a tool to teach high-school students about computer science.

September 2012
May 2012