We are happy to have Gilbert Wondracek as a senior researcher on our team.

His last two IEEE S&P papers:

• Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel. 2010. A Practical Attack to De-anonymize Social Network Users. In Proceedings of the 2010 IEEE Symposium on Security and Privacy (SP ’10). IEEE Computer Society, Washington, DC, USA, 223-238. DOI=10.1109/SP.2010.21 http://dx.doi.org/10.1109/SP.2010.21
• Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda. 2009. Prospex: Protocol Specification Extraction. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (SP ’09). IEEE Computer Society, Washington, DC, USA, 110-125. DOI=10.1109/SP.2009.14 http://dx.doi.org/10.1109/SP.2009.14

Interdependencies among Critical Infrastructures, both inside the ICT domain and between ICT and other sectors (e.g. Oil&Gas and Transport), are complex to be understood. Critical Infrastructures risks always change due to new threats, interdependencies and possible scenarios. (more…)

ADV organized a seminar on virtualization at SBA Research. Edgar Weippl gave a presentation on security foundations.

Markus Huber received a grant from the Vienna University of Technology to attend the Einsteins in the City 2011 conference in New York. He will present our latest research results on social network forensic.

“Gilbert Wondracek at the Vienna University of Technology in Austria and his colleagues built a history-stealing website aimed at groups on Xing, a business-orientated social network. Mr Wondracek’s analysis of over 6,500 Xing groups, containing a total of more than 1.8m users, suggested that his rogue site would be able to determine the identity of around four in ten visitors. A trial run, in which Mr Wondracek invited colleagues who use Xing to visit his history-stealing site, showed this estimate to be about right. The vulnerability he exploited has since been addressed by the engineers behind several browsers, including Firefox and Safari, but has so far not been fixed in Microsoft’s Internet Explorer.” (verbatim quote from The Economist, Monitor: Anonymous no more, May 10, 2010, http://www.economist.com/node/18304046?story_id=18304046)

Sebastian will stay 5 months at the National Institute of Informatics (NII) in Tokyo, Japan.

Edgar Weippl gives an invited talk at NII.

Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and restore deleted data. While this fact is well known for computer forensic and multiple tools to forensically analyze data exist, the systematic analysis of
data sources such as Web 2.0 services and their underlying database systems has only recently begun.

Clearly, database system are bound to leave more extensive traces since they not only store a file but, in addition, need indexes, rollback segments and log files. In this talk I will cover the basics of forensic analysis particularly focusing on database systems.

During the past few years, a huge number of online file storage services have been introduced. While some provide very basic functionality, e.g., uploading and retrieving files by a specific user, more advanced services offer features like shared folders, real-time collaboration, minimization of data transfers or unlimited storage space. In this talk we closely look at Dropbox, in particular the Dropbox client software as well as the transmission protocol, and describe an attack that results in the unauthorized access to files stored with Dropbox. This attack can be used effectively for forensic investigations.