Dr. Jonas Pfoh


Address: Technische Universität München
Lehrstuhl für Sicherheit in der Informatik (I20)
Boltzmannstraße 3
D - 85748 Garching bei München
E-Mail: pfoh@sec.in.tum.de
Room: 01.08.057

Curriculum vitae

Research Interests

My research interests range quite a bit.  I have been most active in the area of virtualization and virtual machine introspection.  Particularly, I wrote my doctoral thesis on the subject of gathering information about a guest OS without any previous knowledge about the guest OS itself.  This is especially interesting as it requires extensive use of the hardware itself. I have also begun to branch into the field of embedded application processors as ARM has introduced virtualization extensions in their Cortex A series of processors.

Further interests include administering a honeynet that we manage here at the lab, primarily for teaching purposes.  This includes the management and administration aspect as well as analysis.  Additionally, I have always had an interest in low-level programming and offer a rootkit programming course.  Contrary to the initial impression, the goal is not teach malicous programming, but rather to understand a very complex software system (an OS kernel) by taking it apart and making it do what we want (even if the inital programmers never intended this :) ).

In my free time, I am also active in our department's CTF team.


Supervised Work


I generally teach two practical lab courses.  One in the summer semester and one in the winter semester.  In the summer semester, I offer a Honeynet course and in the winter semester, I offer a Rootkit Programming course.  A link to the most recent relevant course content page can be found below.  I also teach other lab sessions for lectures from time to time.  These are listed below as well (if relevant).