Malware in Silizium wird ein zunehmend wichtigeres Thema. Da die Aufrechterhaltung eines Fabs sehr teuer ist, verlagern immer mehr Unternehmen Ihre Chip Produktion zu Auftragsfertigern ins Ausland. Doch wer garantiert, dass nicht absichtliche Backdoors oder Datenlecks in die Chips eingeschleust werden? Das Projekt “Malware in Silicon II”* präsentiert seine Ergebnisse und lädt aus diesem Anlass zum Abschluss-Event.

25. Juli 2014; 12.00 – 13.30 Uhr
Weiter Infos finden Sie hier.

Aljosha Judmayer and Martin Mulazzani will present recent research results of SBA Research at the EU Korea Conference on Science and Technology, including methods to detect and prevent HTTP session hijacking, as well as large-scale exploitation of online services and social engineering. The EKC 2014 will be held from 23rd to 25th of July 2014 at the Vienna University of Economics and Business.
You can find the program here: http://www.ekc2014.org/program/sgsessioninfo/EKC2014-SG-ICT

SACMAT 2015 will be held in Vienna from June 1-3; SBA Research is the local organizer.

Dimitris Simos gives a talk on July, 21st in the second Workshop on Joining AcadeMiA and Industry Contributions  (JAMAICA 2014) about Test Automation and Model-based Testing. The workshop is co-located with the International Symposium on Software Testing and Analysis (ISSTA 2014) taking place at Hilton San Jose, Bay Area, California, USA during July 21-July 25.

Abstract

Das Projekt „Transport Layer Security in Practice (TLSiP)“ beschäftigt sich mit Methoden zur Erkennung von unsicheren kryptografische Verfahren bei Internetservices und soll Internetbenutzern eine transparente Lösung für sichere Internetkommunikation ermöglichen. Das Internet hat sich in unserer Gesellschaft als ein wichtigstes Kommunikationswerkzeug etabliert und für viele Bereiche wie der täglichen Kommunikation, Online-Handel oder Online-Banking ist eine gesicherte Datenübertragung unabdingbar geworden. Transport Layer Security (TLS) hat sich hierbei als Standardprotokoll durchgesetzt. Die Verfügbarkeit von Werkzeugen und Studien zur Verbesserung der Verwendung von TLS ist daher wichtig und von steigender Bedeutung für Gesellschaft und Wirtschaft.

Partner: Cyan Networks Software

This project aims to fundamentally increase the performance of current state of-the-art forensic methods and decrease the manual work necessary for a forensic analyst by 1) developing new methods to increase the use of parallelized data processing within the specific environment of digital forensics, 2) identifying the best method(s) on how to exclude a possibly vast number of files and file system artefacts that are not specific to a case, and 3) streamlining and improve methods proposed in the literature that have not been included into existing processing steps for additional insights for various reasons. The overall degree of automation in the forensic process will be increased and as such will allow the analyst to focus on case-specifics in the near future instead of being overwhelmed with unrelated data. Furthermore, due to the much finer granularity of data analysis, we believe that this will allow the creation of new tools and analysis methods based on our findings.

Partner: Bravestone Information-Technology

Ziel von DEXHELPP ist die Entwicklung neuer Methoden, Modelle und Technologien um Planung und Steuerung im Gesundheitssystem zu unterstützen.
Projektpartner Research:

• TU Wien, Institut für Statistik und Wahrscheinlichkeitsrechnung (Konsortialführer)
• TU Wien, Institut für Analysis und Scientific Computing
• UMIT Privatuniversität für Medizin und Informatik
• VRVis Zentrum für Virtual Reality und Visualisierung

Projektpartner Industrie:

• Dwh
• Gesundheit Österreich
• Hauptverband der österreichischen Sozialversicherungen
• Hauptverband der österreichischen Sozialversicherungen
• IMEHPS.research
• Synthesis

Ziel dieses Projektvorhabens ist die Erforschung innovativer Lösungen zur Identifikation, Prävention und Reduktion der organisierten Finanzkriminalität am Beispiel der Geldwäsche und mit besonderer Hinsicht auf virtuelle Währungen.

Projektpartner aus Österreich:

• AIT Austrian Institute of Technology (Konsortialführung Österreich)
• XYLEM Science and Technology Management
• M²D MasterMind Development
• IRKS-Research
• Bundesministerium für Inneres
• Bundesministerium für Finanzen

Projektpartner aus Deutschland:

• Westfälische Wilhelms-Universität Münster, Institut für Wirtschaftsinformatik (Konsortialführung gesamt)
• Philipps-Universität Marburg, Institut für Kriminalwissenschaften und Institut für Rechtsvergleichung
• Empolis Information Management
• Dence
• Bundeskriminalamt
• Bundesamt für Wirtschaft und Ausfuhrkontrolle
• Bundesanstalt für Finanzdienstleistungsaufsicht

Martin Mulazzani presented the paper on malicious Tor exit relays at PETS2014 in Amsterdam.

Core contribution of the paper are two modular exit relay scanners which can detect various MitM attacks and passive credential sniffing attacks, namely exitmap and HoneyConnector. You can find the slides here. Details and the links to the source code repositories of the scanners can be found here.

Media coverage: Deutschlandfunk ThreatPost WIRED Ars Technica LWN

The 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec’14) was held in Vienna, Austria from 14-16 July 2014, organized by SBA Research.

We updated our paper on comparing multiple dynamic Android analysis frameworks, to remove incorrect statements as well as to clarify inprecise statements.

You can find the updated version here: here
The slides can be found here: here

The abstract of the paper: Expecting the shipment of 1 billion Android devices in 2017, cyber criminals have naturally extended their vicious activities towards Google’s mobile operating system. With an estimated number of 700 new Android applications released every day, keeping control over malware is an increasingly challenging task. In recent years, a vast number of static and dynamic code analysis platforms for analyzing Android applications and making decision regarding their maliciousness have been introduced in academia and in the commercial world. These platforms differ heavily in terms of feature support and application properties being analyzed. In this paper, we give an overview of the state-of-the-art dynamic code analysis platforms for Android and evaluate their effectiveness with samples from known malware corpora as well as known Android bugs like Master Key. Our results indicate a low level of diversity in analysis platforms resulting from code reuse that leaves the evaluated systems vulnerable to evasion. Furthermore the Master Key bugs could be exploited by malware to hide malicious behavior from the sandboxes.

DBSec just started with Chris Clifton’s keynote on privacy.
Visit the conference website for details.

At this year’s IPCIS summer school Edgar Weippl teaches two classes: (1) Social Engineering and (2) Research Ethics. View program.

We are about to start our Internet research scans regarding TLS and Bitcoin/Namecoin P2P networks. These scans are non-intrusive and collect information for two research projects (BitScan and TLSiP) in conjuction with the Vienna University of Technology. The goals of these projects are (among other things) to quantify and empiricaly evaluate the security of large-scale protocols used by hundreds of million users daily, in particular HTTPS and Bitcoin/Namecoin.

If you want to be excluded from the scans, please send us an email: scan@sba-research.org

Weiterführende Informationen zum Research Update: Heartbleed Kurzvortrag und Re-test der Smartphone-Messenger.
View PDF.

Adrian Dabrowski, RFID & NFC Spezialist der SBA Research stand ORF Konkret Rede und Antwort über die Möglichkeiten von RFID Chips und ihren Gefahren.

ORF2, 2.7.2014 18:30

The Josef-Ressel-Center (usmile) at FH Hagenberg with an external module at SBA Research was successfully evaluated and we can continue our research as planned.

Edgar Weippl gave a presentation on technically mediated social engineering attacks at ISC2 Secure Zurich.

Auf dem Galaabend der TU Wien war IT-Sicherheit ein Schwerpunkt (Hacker Competition; das Team von SBA Research gewann).

Dr. Eyal Kolman, Principal research scientist, CTO RSA Israel | RSA, The Security Division of EMC, gives a talk about “Machine Learning in security applications ”. Abstract
Wednesday, June 18, 2014 10:30 -11:30

Sebastian defended his thesis successfully and graduated with distinction. Congratulations!