SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT


Stefan Katzenbeisser on ZDF (German TV)

Stefan Katzenbeisser talks about privacy and mobile security (starting at 14:43)

John Tait: Patent Search- a Challenging Problem!

1030 am: Guest talk by John Tait

Patent Search – a Challenging Problem!

To be valid a patent has to show that it it describes a novel and useful idea. The test of novelty is that at the date of filing there does not exist in the public domain (in another patent, or the academic literature, or elsewhere, for example in the news media) an earlier description of the invention. This earlier, invalidating, description might well be presented in another language or using quite different technical terms from the way the idea is expressed in the patent in question. Thus patent search is a very challenging information retrieval problem.

Patent Search is also economically important. It is difficult to estimate the total value of the patents in the world economy, but it certainly runs into many billions of euros, and many thousands of people around the world are employed in the patent ecosystem: in Patent Offices; patent attorneys; translators; software and data suppliers; and elsewhere.

The talk will overview the field of patent search, relate it to developments in semantic search, and in particular review some of the recent work reported in our new book “Current Challenges in atent Information Retrieval”.

Security in Social Media – Talks at BildungOnline

Managing director Markus Klemen gave two talks at the BildungOnline conference in Hall in Tirol focusing on Security in Social Media. The Austrian Computer Society (OCG) organized the talk. The target audience were teachers, students and parents.

Ivona Brandic, Energy Efficient Clouds

Ivona Brandic, Energy Efficient Clouds
May 31, 10am SBA

Cloud computing is a promising technology for the realization of large, scalable, and on-demand provisioned computing infrastructures. Currently, many enterprises are adopting this technology to achieve high performance and scalability for their applications while maintaining low cost. Service provisioning in the Cloud is based on a set of predefined non-functional properties specified and negotiated by means of Service Level Agreements (SLAs). Cloud workloads are dynamic and change constantly. Thus, in order to reduce steady human interactions, self-manageable Cloud techniques are required to comply with the agreed customers’ SLAs. In this talk we discuss flexible and reliable management of SLAs, which is of paramount importance for both Cloud providers and consumers. On the one hand, the prevention of SLA violations avoids penalties that are costly to providers. On the other hand, based on flexible and timely reactions to possible SLA violation threats, user interaction with the system can be minimized enabling Cloud computing to take roots as a flexible and reliable form of on-demand computing. Furthermore, a trade-off has to be found between proactive actions that prevent SLA violations and those that reduce energy consumption, i.e., increase energy efficiency.


Im Rahmen von IMPACT 2011 fanden vier interessante Vorträge statt.

Prof. Dr. Stefan Katzenbeisser – TU Darmstadt – Privacy by Design – Technischer Datenschutz für hochsensible Daten
Prof. Davide Balzarotti, Ph.D. – EURECOM Sophia Antipolis – G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries
Prof. Dr. Günther Pernul – Universität Regensburg – On the Maturity of RBAC – A Survey and Classification of the Research Area
Günther Wiesauer – CEO Underground_8, Linz – Sicherheitsarchitektur für moderne Firewallsysteme


Seminar on Social Network Security at DSV Forum

Markus Huber will hold a seminar on Social Network Security at the DSV Form in Stockholm on the 19th of May.

Research Talk: Designing Truthful Mechanisms

May 10, 2011, 10am @ SBA: Designing Truthful Mechanisms
Angelina Vidali

In this talk I will present my work on many different aspects of one of the most fundamental problems in algorithmic game theory (and more specifically algorithmic mechanism design), the problem of scheduling unrelated machines to minimize the makespan and I will also explain its connection with the problem of designing truthful combinatorial auctions. We assume that the machines behave like selfish players: they have to get paid in order to process the tasks, and would lie about their processing times if they could increase their utility in this way. The problem was proposed and studied in the seminal paper of Nisan and Ronen, where it was shown that the approximation ratio of mechanisms is between 2 and n.

Leak in Tor for Android (Orbot)

While performing traffic analysis on the current development version of Orbot, the official Android for Tor app, Manuel Leithner (Junior Researcher, SBA Research gGmbH) discovered that certain types of traffic (including VPN, GPS and videos) were not tunnelled through Tor. He subsequently developed a patch that enables full and enforced transparent proxying for all TCP and DNS traffic through the anonymisation service.

Talk by Daniel S Yeung on “Sensitivity Based Generalization Error for Single and Multiple Classifier Systems with Applications”

Sensitivity Based Generalization Error for Single and Multiple Classifier Systems with Applications


Generalization error model provides a theoretical support for a classifier’s performance in terms of prediction accuracy. However, existing models give very loose error bounds. This explains why classification systems generally rely on experimental validation for their claims on prediction accuracy. In this talk we will revisit this problem and explore the idea of sensitivity measure in developing a new generalization error model based on the assumption that only prediction accuracy on unseen points in a neighborhood of a training point will be considered, since it will be unreasonable to require a classifier to accurately predict unseen points “far away” from training samples. Relationship between the new model and the regularization technique will be examined and a number of generic as well as domain specific applications will be presented.

Daniel S Yeung, Chair Professor, School of Computer Science and Engineering, South China University of Technology, Guangzhou, China, Junior Past President, IEEE Systems, Man and Cybernetics Society, Fellow of IEEE

Martin Mulazzani now works on Trudie

Martin Mulazzani now works on Trudie (TRUDIE – Trust Relationships in the Underground Economy, Sponsor: FIT-IT Trust in IT-Systems 3. Call, Austria)

USENIX Security ’11: Paper accepted

Our paper Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space was accepted. Unfortunately we cannot provide a preprint because the affected vendor(s) still need the time to fix some things…

SBA master student discovers flaw in Ruby on Rails

Rails 3.0.5 doesn’t validate the input for the X-Forwarded-For field in the header sent by clients with a class C remote-addr. (see: TRUSTED_PROXIES). (Security Focus, more details…)

Gilbert Wondracek joined SBA research as senior researcher

We are happy to have Gilbert Wondracek as a senior researcher on our team.

His last two IEEE S&P papers:

  • Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel. 2010. A Practical Attack to De-anonymize Social Network Users. In Proceedings of the 2010 IEEE Symposium on Security and Privacy (SP ’10). IEEE Computer Society, Washington, DC, USA, 223-238. DOI=10.1109/SP.2010.21
  • Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda. 2009. Prospex: Protocol Specification Extraction. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (SP ’09). IEEE Computer Society, Washington, DC, USA, 110-125. DOI=10.1109/SP.2009.14

INMOTOS website online

Interdependencies among Critical Infrastructures, both inside the ICT domain and between ICT and other sectors (e.g. Oil&Gas and Transport), are complex to be understood. Critical Infrastructures risks always change due to new threats, interdependencies and possible scenarios.

ADV Seminar on Virtualization

ADV organized a seminar on virtualization at SBA Research. Edgar Weippl gave a presentation on security foundations.

Markus Huber received grant for Einsteins in the City 2011

Markus Huber received a grant from the Vienna University of Technology to attend the Einsteins in the City 2011 conference in New York. He will present our latest research results on social network forensic.

Gilbert Wondracek in the Economist

Gilbert Wondracek at the Vienna University of Technology in Austria and his colleagues built a history-stealing website aimed at groups on Xing, a business-orientated social network. Mr Wondracek’s analysis of over 6,500 Xing groups, containing a total of more than 1.8m users, suggested that his rogue site would be able to determine the identity of around four in ten visitors. A trial run, in which Mr Wondracek invited colleagues who use Xing to visit his history-stealing site, showed this estimate to be about right. The vulnerability he exploited has since been addressed by the engineers behind several browsers, including Firefox and Safari, but has so far not been fixed in Microsoft’s Internet Explorer.” (verbatim quote from The Economist, Monitor: Anonymous no more, May 10, 2010,

Sebastian Schrittwieser post graduate research at NII

Sebastian will stay 5 months at the National Institute of Informatics (NII) in Tokyo, Japan.

Invited Talk at NII

Edgar Weippl gives an invited talk at NII.

Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and restore deleted data. While this fact is well known for computer forensic and multiple tools to forensically analyze data exist, the systematic analysis of
data sources such as Web 2.0 services and their underlying database systems has only recently begun.

Clearly, database system are bound to leave more extensive traces since they not only store a file but, in addition, need indexes, rollback segments and log files. In this talk I will cover the basics of forensic analysis particularly focusing on database systems.

During the past few years, a huge number of online file storage services have been introduced. While some provide very basic functionality, e.g., uploading and retrieving files by a specific user, more advanced services offer features like shared folders, real-time collaboration, minimization of data transfers or unlimited storage space. In this talk we closely look at Dropbox, in particular the Dropbox client software as well as the transmission protocol, and describe an attack that results in the unauthorized access to files stored with Dropbox. This attack can be used effectively for forensic investigations.

Österreichs Rolle im IT-Markt der Dach-Region (Future Networks)

Markus Klemen and Edgar Weippl are panelists at Future-Network’s event on “Austria’s role in IT markets in Germany, Austria and Switzerland”.

IEEE Internet Computing Special Issue on Security and Privacy in Social Networks

Our manuscript “Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam” has been accepted for the upcoming special issue on Security and Privacy in Social Networks in the IEEE Journal of Internet Computing in May/Jun 2011. Preprint is available here.

In this article we have introduced friend-in-the-middle (FITM) attacks which are active eavesdropping attacks against social networking sites. By cloning a user’s authentication cookie which is transmitted in an unencrypted way, it becomes possible to completely impersonate the user. This can then be used to collect sensitive information in an automated fashion which ultimately enables large context-aware spam campaigns that propagate via social phishing. FITM attacks are applicable to the great majority of currently deployed SNSs, such as Facebook, Friendster, and Orkut. Based on FITM attacks we described three subsequent exploits: (1) Friend injection, (2) Application injection, and (3) Social engineering. We furthermore evaluated the impact of a large-scale spam attack on basis of FITM attacks. We therefore set-up a Tor exit node and analyzed the passing through HTTP traffic. Our experiments showed that finding possible FITM attack seeds for spam campaigns is cheap regarding time and hardware resources. Our attack simulation results furthermore suggest that based on the 4000 possible Facebook attack seeds we observed within two weeks, ~300.000 users could have been targeted with context-aware spam.

There are a number of limited protection strategies available to social networking users, such as using browser extensions such as EFF HTTPS Everywhere. The Tor browser bundles include the EFF HTTPS Everywhere extension since May 2010. Social networking providers ultimately have to protect their users against FITM attacks by securing the communication channels of their services with HTTPS. At the time of writing Facebook has announced that they will offer optional HTTPS support for their web service. We strongly advice users to make use of this option once it will become available to everyone.

Entry in IEEE Xplore

IPhone privacy

Our partners at ISecLab have a nice paper on privacy and IPhones (German heise Article)

Guest talk / Seminar: John Tait

Guest talk: John Tait

The term Semantic Search is becoming fashionable, but there are a number of problems with the term.

1) There are at least two forms of semantic search. One is based more-or-less hand programmed knowledge sources, like domain ontologies or thesauri. The other is based on emergent properties of the data being searched, using technques like Latent Semantic Analysis or clustering. It is far from clear that the results of applying the two approaches are similar or even compatible.
2) It is often assumed that semantic search is in some sense different from surface text search: which implies that normal old-fashioned Google search (for example) is equivalent to randon string search, when of course the underlying statistics depend critically on the fact that both the queries and copora are natural language (English or German) words with underlying semantics.
3) Semantic Search depends critically on text annotation processes during indexing: but these are potentially corruptable by malefactors. How can this be prevented?

The seminar will explore these three issues, and attempt to find a better definition of the term semantic search and to identify soem ways forward.

Timbus projects starts March 1, 2011

The digital preservation problem is well-understood for query-centric information scenarios but has been less explored for scenarios where the important digital information to be preserved is the execution context within which data is processed, analysed, transformed and rendered. Furthermore, preservation is often considered as a set of activities carried out in the isolation of a single domain, without considering the dependencies on third-party services, information and capabilities that will be necessary to validate digital information in a futureusage context.
TIMBUS will endeavour to enlarge the understanding of DP to include the set of activities, processes and tools that ensure continued access to services and software necessary to produce the context within which information can be accessed, properly rendered, validated and transformed into knowledge. One of the fundamental requirements is to preserve the functional and non-functional specifications of services and software, along with their dependencies.

SBA Research
SQS Software Quality systems AG
Westfälische Wilhelms-Universität Münster
INESC ID – Instituto de engenharia de sistemas e computadores, investigacao e desenvolvimento em Lisboa
iPharro Media GmbH
Intel Performance learning solutions limited
Caixa Magica Software lda
Laboratorio Nacional de Engenharia Civil
Karlsruher Institut für Technologie
Laboratorio de Instrumentacao e Fisica Experimental de Particulas
Digital Preservation Coalition limited by guarantee*DPC


SBA is via AARIT part of the ABCDE project and will accept follows that want to join the research center.

Initiated in 1992 and open to PhD holders from Europe and all over the world, the Alain Bensoussan Fellowship Programme (ABFP) is designed for ICT students, researchers and professionals. Funded entirely by ERCIM members, the ABFP yields about 20 fellows per year on average.
Focusing on inter-sectoral ICT research and lasting generally 18 months, the fellowships are composed of two 9-month periods (9+9) to be spent in two different ERCIM institutes (located in two European countries) to foster trans-national mobility. Fellowships of 12 months hosted by one single ERCIM institution are also considered. In such cases, short research visits to other institutes are required in order to meet the training and mobility objectives of the programme.
Throughout the programme, the fellows are supported by the ERCIM Human Resource Task Force in driving their personal development scheme and to assist them in their future career plans, whether in European research institutions or in European Industry.
We believe ABCDE will provide a real opportunity to further develop and improve the already robust and self-sustainable Alain Bensoussan Fellowship Programme. Moreover, given the strategic nature of this training scheme focusing on ICT and novel technologies, COFUND support in up-scaling this Fellowship Programme would also enhance its impact over European research and competitiveness at large.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.