Am Donnerstag, den 18. Jänner, findet die erste DBT-Veranstaltung im neuen Jahr 2018 statt: Ab 19:30 Uhr dreht sich im Foyer des Haus der Musik alles um das Thema „IT-Sicherheit: Vom Stiefkind zur globalen Herausforderung“.
Im Anschluss an die Keynote von Alexander Janda (KSÖ – Kuratorium Sicheres Österreich) diskutieren u.a. Verena Becker (Wirtschaftskammer Österreich), Alexander Mense (FH Technikum Wien), Markus Schreiber (A1 Telekom Austria) und Johanna Ullrich (SBA Kompetenzzentrum der TU Wien).
‘Securing the Internet, One HTTP 200 OK at a Time’ (Login, Usenix Magazine Winter 2017, Vol. 42, No. 4) is a summary of our recent Usenix Security paper ‘“I Have No Idea What I’m Doing” – On the Usability of Deploying HTTPS‘, and you’ll be soon able to watch the recording here due to the USENIX open access policy.
Heise’s C’t also just covered our research in a long article.
Wilfried Mayer and Edgar Weippl will work on our newly accepted FWF project “FuOnA: Future of Online Anonymity”
This project aims to (i) understand the foundations of online anonymity, (ii) study the proposed technical mechanisms in detail, and (iii) further extend the schemes which are able to work at scale and protect the online personae of its users.
“On Security Research towards Future Mobile Network Generations” accepted in IEEE Communications Surveys and Tutorials
David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, and Christina P ̈opper. On security research towards future mobile network generations. IEEE Communications Surveys and Tutorials, 2018. https://arxiv.org/abs/1710.08932.
At this event, organized by the OCG Forum Privacy and the OCG-working group IT-security, the project consortium presents three significant results of the KIRAS project CERT-Komm II. This project, for the federal chancellery of Austria, consists of SBA Research as the consortium leader and the following project partners:
- University of Vienna, Faculty of Informatics, Multimedia Information Systems Research Group
- Danube University Krems, department for infrastructural security
- Research Institute AG & Co KG
- IKARUS Security Software GmbH
More information can be found here. (in german)
At the Software Quality Days 2018, Edgar Weippl gives a talk on Security Challenges in Cyber-Physical Production Systems with a focus on securing the lifecycle of production systems engineering.
published by Springer.
IoT4CPS will develop guidelines, methods and tools to enable safe and secure IoT-based applications for automated driving and for smart production. The project will address safety and security aspects in a holistic approach both along the specific value chains and the product life cycles.
Click here for full article.
The paper “Grid Shock: Coordinated Load-Change Attacks on Power Grids” by Adrian Dabrowski, Johanna Ullrich, and Edgar Weippl was recently presented at the 2017 Annual Computer Security Applications Conference (ACSAC 33).
Our work analyzes whether large-scale botnets are able to modulate electric power consumption in a coordinate way to bring down the power grid. ACSAC is a leading conference in applied computer security. In total, 48 out of 244 submissions were accepted, resulting in an acceptance rate of 19.7%. ACSAC 33 will be held in San Juan, Puerto Rico in December 2017.
Our new book on empirical research for software security is available.
Empirical Research for Software Security: Foundations and Experience,
Lotfi ben Othmane, Martin Gilje Jaatun, Edgar Weippl (eds), CRC Press, ISBN 9781498776417.
We are happy to announce that SBA Research is hosting the security track „Private and Secure Development“ of WeAreDevelopers World Congress 2018, the biggest development conference in Europe (Twitter).
We are supporting WeAreDevelopers with our information security and secure development experience.
HTTPS is the most commonly used cryptographic protocol on the Internet. It protects communication content and provides endpoint authenticity at scale. However, deploying HTTPS in a truly secure fashion can be a challenging task even for experienced admins. To explore why this is the case and how these challenges can be fixed in order to support an even wider adoption, we conducted a user study, which was presented at USENIX Security 2017.
(Securing the Internet, One HTTP 200 OK at a Time, Wilfried Mayer, Katharina Krombholz, Martin Schmiedecker,and Edgar Weippl, Login, Usenix 2017, Vol 42, No 4)
Johanna Ullrich has contributed a post on IPv6 Address Security and Privacy to RIPE Labs.
For the full article please see here.
Sebastian Schrittwieser (SBA Research) works on faster identification of cyber attacks by making the hacking process more obvious. Schrittwieser and his team are designing highly complex program codes in order to prevent damage.
Johanna Ullrich finally got her PhD officially awarded sub auspiciis Praesidentis in presence of the Austrian president Dr. Alexander Van der Bellen. This type of promotion is the highest honor for achievement, and the laureates receive a gold ring from the president. The tradition dates back to the 17th century.
500 participants discussed and prepared pilot projects at several workshops on Tuesday, December 5.
SBA Research is among the cooperation partners of WU´s newly founded Research Department of Crypto Economy that is in charge of accompanying the pilot projects.
Interview with Edgar Weippl in “Die Messe”.
Marc Juarez from KU Leuven gave a guest lecture at TU Wien (in this years “Privacy Enhancing Technologies” course).
He spoke about “Website Fingerprinting Attacks and Defenses in the Wild” on December 1st 2017.