Short Biography
 

I studied applied computer science at the DHBW Stuttgart Campus Horb (2015-2018) and the Heidelberg University (2020-2022). During my masters, I focused on cybersecurity with a master's thesis on "Honeypot Implementation in a Cloud environment". Additionally, I worked as a research assistant at bwInfoSec, where I have been a permanent team member since April 2022.

Research Interests

• Cybersecurity
• Explainability
• Machine Learning

Teaching

At University Heidelberg

If you are interested in IT security as part of an internship or thesis, you can contact me here

Supervisor of BA theses:

• Using Deep Packet Inspection to Analyse and Reduce DDoS Attacks on Servers and Applications
• Functionality and limitation of DPI circumvention software
• Analysing schemes for secure and memorable password generation
• Flow-based Traffic Classification Using Deep Vision
• Analyzing the BrakTooth family of experimental attacks on specific Bluetooth chipsets
• Vulnerabilities in Medical Data Transfer based on Blockchain Technologies
• DNS-Angriffe: Erkennung und Umgehung von Anomalieerkennungssystemen
• Reproducible Virtual Private Network Benchmarking using Declarative Environments
• Erkennung und Analyse von Shadowsocks-Traffic
• Validation of Public Proxy Servers using Internet-Wide-Scanning
• Advancing the Development of Training Environments for the Next Generation of Cybersecurity Specialists
• Erkennung und Analyse von Shadowsocks-Traffic
• Benchmarking an Open-Source distributed Intrusion Detection System for DNS Attacks
• Evaluating Datasets for Clustering Methods to Identify Anomalies in Network Traffic
• Detecting QUIC-Attacks using Machine Learning
• Neue Ansätze zur Effizienzoptimierung von heiDPI
• Deployment and Analysis of Mid- and High-Interaction Honeypots in a Restricted Network
• Evaluating Defense Strategies for Adversarial Attacks against Face Recognition Systems
• Evaluation of Imaged-Based intrusion detection in Industrial Control Systems (ICS)
• Evaluation von Detektionsverfahren für DNS-basierte Angriffe
• Evaluating Zeek in an Open-Source CIDS
• Evaluating adversarial evasion of DNS Tunneling Detection
• Optimierung der Bereitstellungszeiten dedizierter virtueller Maschinen
• Evaluation von On-Host Überwachung für heterogene Betriebssysteme

Supervisor of MA theses:

• Adding Interpretability to an Anomaly-Based Method for Deep Packet Inspection in Intrusion Detection Systems
• Implementing an exploit as a Metasploit module and investigating the exploit ranking mechanism
• Schutz-Prinzipien für Softwarearchitekturen mit erhöhtem Schutzbedarf
• Passwortschemata zur Erstellung sicherer Passwörter allein durch Menschenhand
• Evaluation, benchmarking, and ensembling of Intrusion Detection Systems using a comparative platform
• The mathematical foundation of HQC
• Designing and Evaluating Autonomous PenTest Frameworks Driven by LLM Agents
• Evaluation of GNN-Based Intrusion Detection Systems

Lectures and Seminars

• Assistant at the IT-Security Lecture 1
• Assistant at the IT-Security Lecture 2
• Assistant at the IT-Security Lecture 3
• Assistant at the IT-Security Seminar
• Assistant at the IT-Security Beginner Practicals
• Assistant at the IT-Security Advanced Practicals

Projects

• heiDGAF - a machine learning based DNS inspector to detect DGAs in the wild!
• heiFIP - A tool to convert network traffic into images for ML use cases

Awards

• Best Paper Award: 2024 8th Cyber Security in Networking Conference (CSNet)

Publications

• M.Ludwig, S. Machmeier, and V. Heuveline, "Cross-Study Comparability for IDS: A Call for Clarity", in 2025 9th Cyber Security in Networking Conference (CSNet), Abu Dhabi, UAE, 2025.
• S. Machmeier, M. Ludwig, M. Fuchs, V. Heuveline, "heiDGAF: A Novel Open-Source CIDS Solution for DGA Detection", 15th SPRING graduate workshop, 2025.
• M. Fuchs, S. Machmeier, S. Zelch, V. Heuveline, "A Reproducible VPN Benchmarking Framework for Comparison Across Implementations", In Proceedings of the 2025 14th International Conference on Software and Computer Applications (ICSCA '25).
• S. Machmeier, and V. Heuveline, "Detecting DNS Tunnelling and Data Exfiltration using Dynamic Time Warping", in 2024 8th Cyber Security in Networking Conference (CSNet), Paris, France, 2024. https://doi.org/10.1109/CSNet64211.2024.10851475.
• P. Memmesheimer, S. Machmeier, V. Heuveline, “Increasing Detection Rate for Imbalanced Malicious Traffic using Generative Adversarial Networks”, In Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference (EICC '24). https://doi.org/10.1145/3655693.3655703.
• M. Schroeder, S. Machmeier, S. Maeng, V. Heuveline, "Validating CESU-8 Encoded Text Utilising SIMD Instructions", In Proceedings of the 2024 13th International Conference on Software and Computer Applications (ICSCA '24). https://doi.org/10.1145/3651781.3651797
• S. Machmeier, M. Hoecker, V. Heuveline, "Explainable Artificial Intelligence for Improving a Session-Based Malware Traffic Classification with Deep Learning", in 2023 IEEE Symposium Series on Computational Intelligence (SSCI), Mexico-City, Mexico, 2023. https://doi.org/10.1109/SSCI52147.2023.10371980
• S. Machmeier, M. Trageser, M. Buchwald, and V. Heuveline, "A generalizable approach for network flow image representation for deep learning", in 2023 7th Cyber Security in Networking Conference (CSNet), Montréal, Canada, 2023. https://doi.org/10.1109/CSNet59123.2023.10339761
• M. Schroeder, S. Machmeier, V. Heuveline (2023). Vtable hijacking: Object Type Integrity for run-time type information. Preprint Series of the EMCL.
• S. Machmeier (2023). Honeypot Implementation in a Cloud Environment. arXiv preprint arXiv:2301.00710.