- 2026-05-06 –, IFEN room 2, Workshops and AI Security Village (Building D)
- 2026-05-06 –, Workshops May 6th, Speaker's room May 7+8th (C1.02.13)
All times in Europe/Luxembourg What can we learn from ordinary packets on the wire, using a disconcerting connected toy as a demo device? How can you tell when something is phoning home? In this workshop, we’ll use Wireshark to observe what devices send and receive during regular operation
Connected devices talk a lot, even when nothing appears to be happening.
In this workshop, we’ll take packet capture from a disconcerting connected toy and use it as a starting point to learn how to read ordinary network traffic. Step by step, we’ll look at how devices introduce themselves on a local network, resolve names, establish connections, negotiate encryption, and continue communicating during normal operation. Once we have familiarized ourselves, we will move on to some real-world captures.
Rather than breaking encryption or exploiting vulnerabilities, the focus is on observation and understanding. Using Wireshark, we’ll practice identifying patterns, relationships, and metadata that remain visible even when payloads are encrypted. Along the way, we’ll look at how to recognise when a device is phoning home, what kinds of context travel with requests, and how much can be learned from traffic that is behaving exactly as designed.
This workshop is aimed at beginners and the curious. No prior experience with packet analysis is required. A willingness to look closely at what is already on the wire is enough.
Katherine is a tech professional with 2.5 years of experience, having retrained in her 40s to become a Computer Expert, specialising in System Integration. Originally from New Zealand, she is currently based in Germany. During her training, she undertook a practicum at SevenShift, a boutique IoT cybersecurity company in Cologne that recognized her talent and dedication, ultimately hiring her. She is now in a training position, where she is honing her skills and contributing to the company's security initiatives. Outside of her professional life, Katherine is a dedicated single mother to a teenager. She is also a member of the Haecksen, the FLINTA branch of the CCC, and a leader of the Cologne OWASP Chapter