SBA Research is a research center for Information Security funded by the national initiative for COMET Competence Centers for Excellent Technologies. We bring together 25 companies, 4 Austrian universities, one university of applied sciences, a non-university research institute, and many international research partners to jointly work on challenges ranging from organizational to technical security.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT


SBA Research @ ESORICS 2016

Today is the first day of the 21th European Symposium on Research in Computer Security (ESORICS 2016). Two of our researchers, Stefan Brunthaler and Johanna Ullrich, are attending; Johanna is presenting her paper on attacks exploiting Xen rate limits tomorrow. ESORICS 2016 takes place from 28-30 September 2016 in Heraklion, Crete, and is A-ranked according to the CORE ranking.

Masaryk University

As part of the colloquia programme Edgar Weippl gave a presentation on research methods for applied computer scecurity students.


SBA @ ASQT 2016

Last Friday our researcher Peter Kieseberg presented our work in the area of “Testing Algorithms in Sensitive Data Driven Research” and related security issues on the 14th installment of the “Anwenderkonferenz Softwarequalität, Test und Innovation” (ASQT 2016) at the Alpen-Adria-Universität Klagenfurt (University Klagenfurt).

Expert Discussion on Big Data

ADV organized an expert discussion on Big Data and Data Analytics jointly with the researchers from China. Edgar Weippl presented current and upcoming security and privacy challenges.

Adrian Dabrowski @ Report Verlag Panel Discussion

Adrian Dabrowski participated in the panel discussion „IT ist überall – Wie sicher ist unsere Infrastruktur?“ hosted by the Report Verlag that took place 13.09.2016. More information can be found here.

Tokyo Tech visits SBA

Students of Tokyo’s Institute of Technology visited SBA Research.
Tokyo Tech at SBA Research

Best Paper Award at ARES 2016

The paper “No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large” has won the best paper award at ARES 2016. Congrats to our researchers Willi, Aaron, Martin and Markus!

You can find the paper here, our slides are openly available as well.

Bart Preneel @ Alpbach

Bart Preneel, member of SBA Research’s Scientific Board, talked about Cryptography to

Screen Shot 2016-09-05 at 19.59.24

ARES 2016

Today is the first day of the 11th International Conference on Availability, Reliability and Security (ARES 2016), which is hosted by the University of Applied Sciences Salzburg and SBA Research. The ARES 2016 Conference takes place from 31 August to 2 September 2016 in Salzburg, Austria.

We are welcoming 227 participants from 41 countries! At ARES 2016 35 full & short papers will be presented; 18 workshops, the CD-ARES 2016 and the ARES EU Symposium are co-located and in total we are welcoming 12 invited talks.


Salzburger Dialog

Salzburger Dialog is an annual event organized by Dr. Stefan Eder. Edgar Weippl gave a presentation on Cyber-Security and possible effects of the NIS directive.
2016-08-30 14.58.34

2nd NIST/SBA Workshop on Combinatorial Security Testing

The second joint workshop between NIST and SBA Research on combinatorial security testing was held at SBA Research, Vienna on August 4th, 2016.

The scope of the workshop was to strengthen the existing and already high successful cooperation between the Combinatorial Security Testing team of SBA Research and the ACTS project team of US NIST on the research field of combinatorial security testing.

The workshop was highly successful and paved the way for new applications of combinatorial security testing in cyber-physical systems, cryptography and web technologies, together with the advancement of methodologies for constructing optimal arrays and covering sequences.

For more information on the workshop’s agenda, see here.

TRUST 2016 Conference

Today is the last day of the 9th International Conference on Trust & Trustworthy Computing (TRUST 2016), which is hosted by SBA Research. We are welcoming Virgil D. Gligor (Carnegie Mellon University, UK) & Stefan Katzenbeisser (TU Darmstadt & CASED, Germany) as Keynote Speakers at TRUST 2016. The TRUST 2016 Conference takes place from 29-30 June 2016 in Vienna. Website

SBA at Alpbach – Breakout Session on Cyber-Security

Under the lead of TU Austria, we organize an Alpbach Breakout Session on Cyber-Security as a fundamental right. Participants include Isao Echizen (NII), Lokke Moerel (Tilburg University), Günter Müller (University of Freiburg), Reinhard Posch (TU Graz), Bart Preneel (University of Leuven), A Min Tjoa (TU Wien), and Edgar Weippl (TU Wien, SBA Research).

Mozilla Winter of Security

Klaus Krapfenbauer, one of SBA’s bright students, successfully finished his Winter of Security project at Mozilla.

As part of his master thesis he implemented a PoC for fully automated Let’s Encrypt support in nginx. Due to the design of nginx, this was not a straight forward task. You can read the technical details in the blogpost from Mozilla.

If you are interested in participating in this year’s Winter of Security, please contact Martin Schmiedecker.

Changwon National University visits SBA Research

Students from the Changwon National University of South Korea visited SBA Research.


Adrian Dabrowski @ the “heise Show”

Adrian Dabrowski talking at the “#heiseshow” about the finale of the Cyber Grand Challenge, the world´s first all-machine hacking tournament, which took place at the DefCon 2016 conference.

Watch it here:

The full article/ show can also be at heise online or YouTube.

SBA at USENIX Security

Members of SBA will be present at USENIX Security and co-located workshops like WOOT or FOCI to cover them for our PRIME partner program. If you run into them, don’t be shy to say hi.


Sebastian and Martin will present two research papers at DFRWS USA, the leading conference in digital forensics.

The first one is on using nano-second timestamps for embedding steganographic information securely, titled “Time is on my side: Steganography in filesystem metadata”. You can find a preprint of the paper, the data and the source codes online. The second paper improves the forensic process by leveraging sub-file hashes part of the Torrent filesharing protocol, “PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics”. Preprint, data and source codes can be found here.