SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT

SBA Research moved to a new location!

Our new address: Floragasse 7, 1040 Vienna, Austria Effective since: June 25, 2019 More at:


USENIX Security ’11: Paper accepted

Our paper Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space was accepted. Unfortunately we cannot provide a preprint because the affected vendor(s) still need the time to fix some things…

SBA master student discovers flaw in Ruby on Rails

Rails 3.0.5 doesn’t validate the input for the X-Forwarded-For field in the header sent by clients with a class C remote-addr. (see: TRUSTED_PROXIES). (Security Focus, more details…)

Gilbert Wondracek joined SBA research as senior researcher

We are happy to have Gilbert Wondracek as a senior researcher on our team.

His last two IEEE S&P papers:

  • Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel. 2010. A Practical Attack to De-anonymize Social Network Users. In Proceedings of the 2010 IEEE Symposium on Security and Privacy (SP ’10). IEEE Computer Society, Washington, DC, USA, 223-238. DOI=10.1109/SP.2010.21
  • Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda. 2009. Prospex: Protocol Specification Extraction. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (SP ’09). IEEE Computer Society, Washington, DC, USA, 110-125. DOI=10.1109/SP.2009.14

INMOTOS website online

Interdependencies among Critical Infrastructures, both inside the ICT domain and between ICT and other sectors (e.g. Oil&Gas and Transport), are complex to be understood. Critical Infrastructures risks always change due to new threats, interdependencies and possible scenarios.

ADV Seminar on Virtualization

ADV organized a seminar on virtualization at SBA Research. Edgar Weippl gave a presentation on security foundations.

Markus Huber received grant for Einsteins in the City 2011

Markus Huber received a grant from the Vienna University of Technology to attend the Einsteins in the City 2011 conference in New York. He will present our latest research results on social network forensic.

Gilbert Wondracek in the Economist

Gilbert Wondracek at the Vienna University of Technology in Austria and his colleagues built a history-stealing website aimed at groups on Xing, a business-orientated social network. Mr Wondracek’s analysis of over 6,500 Xing groups, containing a total of more than 1.8m users, suggested that his rogue site would be able to determine the identity of around four in ten visitors. A trial run, in which Mr Wondracek invited colleagues who use Xing to visit his history-stealing site, showed this estimate to be about right. The vulnerability he exploited has since been addressed by the engineers behind several browsers, including Firefox and Safari, but has so far not been fixed in Microsoft’s Internet Explorer.” (verbatim quote from The Economist, Monitor: Anonymous no more, May 10, 2010,

Sebastian Schrittwieser post graduate research at NII

Sebastian will stay 5 months at the National Institute of Informatics (NII) in Tokyo, Japan.

Invited Talk at NII

Edgar Weippl gives an invited talk at NII.

Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and restore deleted data. While this fact is well known for computer forensic and multiple tools to forensically analyze data exist, the systematic analysis of
data sources such as Web 2.0 services and their underlying database systems has only recently begun.

Clearly, database system are bound to leave more extensive traces since they not only store a file but, in addition, need indexes, rollback segments and log files. In this talk I will cover the basics of forensic analysis particularly focusing on database systems.

During the past few years, a huge number of online file storage services have been introduced. While some provide very basic functionality, e.g., uploading and retrieving files by a specific user, more advanced services offer features like shared folders, real-time collaboration, minimization of data transfers or unlimited storage space. In this talk we closely look at Dropbox, in particular the Dropbox client software as well as the transmission protocol, and describe an attack that results in the unauthorized access to files stored with Dropbox. This attack can be used effectively for forensic investigations.

Österreichs Rolle im IT-Markt der Dach-Region (Future Networks)

Markus Klemen and Edgar Weippl are panelists at Future-Network’s event on “Austria’s role in IT markets in Germany, Austria and Switzerland”.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.