SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT


1st International Summer School on Security & Privacy for Blockchains and Distributed Ledger Technologies Closes Strong

As an educational outreach event organized by TU Wien, Princeton University, and SBA Research, the 1st International Summer School on Security & Privacy for Blockchains and Distributed Ledger Technologies took place between September 2-5, 2019. Held in Vienna, Austria in its first year, it was organized as a mix of in-depth lectures from 15 high-profile speakers from academia and industry, as well as two hackathons. The summer school provided the 85 students, academic, and industry attendees an opportunity to learn about cutting-edge topics on blockchains and other distributed ledger technologies and foster their understanding of the security and privacy specific requirements and guarantees, and was made possible thanks to generous support by Liquidity Network, Nimiq, Research Institute, Bitpanda, NuCypher, Bolt Labs, the Vienna Center for Logic and Algorithms, and the city of Vienna.

The summer school’s closing panel with Patrick McCorry (King’s College and PISA Research), Jing Chen (Stony Brook University and Algorand), and Krzysztof Pietrzak (IST Austria), moderated by Matteo Maffei (TU Wien), discussed the future of blockchain technologies. It highlighted the technologies’ disruptive potential, from giving control over citizens’ money back to them, to reducing the processing costs of financial transactions, to enabling a worldwide trustworthy distributed computing platform, and it discussed their grand challenges, in particular emphasizing the need of interdisciplinary research that bridges cryptography and economy, and the need to address scalability and sustainability. 

More details are available on the website of the summer school:

Edgar Weippl at puls4, live interview on “hacking”!

SBA Research & Technische Universität Wien

Watch the video here!


This year´s ARES & CD-MAKE conference took place at the University of Kent in Canterbury, UK from August 26-29, 2019. On campus accommodation provided a great possibility for 230 participants from 33 countries to discuss the various aspects of security from early morning until late evening. For the third year in succession, the International IFIP Cross Domain Conference for Machine Learning & Knowledge Extraction (CD-MAKE) was co-located with ARES 2019.

21 full papers (acceptance rate: 20.75%) and 9 short papers were presented in the ARES main track. Participants were also offered a vast range of topics within 19 workshops (3 of them in the context of the EU Projects Symposium). Several social events provided good networking opportunities as well as insights into Canterbury´s surroundings and culture.

2019 Keynote Speakers
Accepted ARES Papers
Accepted CD-MAKE Papers

ARES & CD-MAKE 2020 will be hosted at the University College of Dublin.

Prof. Ilias S. Kotsireas visits MatRIS research group, Sep 2 – 6, 2019

Prof. Ilias S. Kotsireas ( from Wilfrid Laurier University in Waterloo, Canada, visited MatRIS research group for exploration of new scientific ideas in the field of applied combinatorial mathematics, strengthening the collaboration which recently resulted in the joint publication of a paper to the 8th International Conference on Algebraic Informatics ( Prof. Kotsireas is an expert in the areas of symbolic computation and combinatorial designs and he is interested in using algorithmic, meta-heuristic and high-performance computing techniques to study existence questions for combinatorial designs.

SBA Research as one of three expert opinions in “Kurier” and “futurezone”!

“There are technical ways to minimize the scale of such attacks, but there is no one hundred percent protection.”

Media: Kurier & Fututrezone

Security Advisory: Ping Identity Agentless Integration Kit <1.5 Reflected Cross-site Scripting (XSS)

Ping Identity Agentless Integration Kit before 1.5 is susceptible to Reflected Cross-site Scripting at the /as/authorization.oauth2 endpoint due to improper encoding of an arbitrarily submitted HTTP GET parameter name.

Full security advisory:

This Website uses Cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.