SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT

News

Two papers at DFRWS’16 accepted

Two papers have been accepted at the DFRWS USA ’16 conference on digital forensics, to be held from August 7th to 10th, 2016 in Seattle, WA:

You can find pre-prints of the papers as well as the data sets on the corresponding websites.

Paper accepted @ DBSec16

The paper “Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services” by Georg Merzdovnik, Klaus Falb, Martin Schmiedecker, Artemios Voyiatzis and Edgar Weippl has been accepted for publication in the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016) which takes place from July, 18th-21th, 2016 in Trento, Italy. DBSec 2016 is an A-ranked conference in CORE.

Abstract: TLS is currently the most widely-used protocol on the Internet to facilitate secure communications, in particular secure web browsing. TLS relies on X.509 certificates as a major building block to establish a secure communication channel. Certificate Authorities (CAs) are trusted third parties that validate the TLS certificates and establish trust relationships between communication entities. To counter prevalent attack vectors – like hacked CAs issuing fraudulent certificates and active man-in-the-middle (MitM) attacks – TLS notary services were proposed as a solution to verify the legitimacy of certificates using alternative communication channels.
In this paper, we are the first to present a long-term study on the effectiveness of TLS notary services. We evaluated the services using active performance measurements over a timespan of one year, and discuss the effectiveness of TLS notary services in practice. Based on our findings we propose the usage of multiple notary services in conjunction with a semi-trusted centralized proxy approach, so as to protect arbitrarily-sized networks on the network level without the need to install any software on the client machines. Lastly, we identify multiple issues that prevent the widespread use of TLS notary services in practice, and propose steps to overcome them.

Cryptocurrencies Tutorial at WWW 2016

Aljosha Judmayr’s Tutorial on Cryptocurrencies at WWW 2016 was very well received.

WWW’s keynote speakers Sir Tim Berners-Lee and Mary Ellen Zurko attended and you can read Mary Ellen’s tweets (tweet (Tweet, more )

Other positive comments by Tactika and Surya Kallumadi.

Screen Shot 2016-04-23 at 11.32.34

The abstract is published in ACM DL. Aljosha Judmayer and Edgar Weippl. 2016. Cryptographic Currencies Crash Course (C4): Tutorial. In Proceedings of the 25th International Conference Companion on World Wide Web (WWW ’16 Companion). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, 1021-1024. DOI=http://dx.doi.org/10.1145/2872518.2891066

Katharina Krombholz @ “Lange Nacht der Forschung” kick-off event

Katharina Krombholz was invited to participate in the kick-off event and press conference of “Lange Nacht der Forschung” together with Gerald Klug (technology minister), Hannes Androsch (Austrian Council for Research and Technology Development) and Clara Eibensteiner (bmvit-research trainee).

Lange Nacht der Forschung

Martin Schmiedecker and Sebastian Neuer gave insights into how hackers really worked in contrast to the what is portrayed in movies. A second exhibit showed how mobile devices may compromise their owners’ privacy.

You can find the pictures from the OCG here.

Adrian Dabrowski at Ö1

On April 22, 2016, Adrian Dabrowski is a guest at Ö1 “Nachtquartier” and speaks about “to hack or not to hack”. He will answer questions from the audience about the life of a hacker and IT security researcher.

April 22, 2016, 00:05, http://oe1.orf.at/programm/434407 

SBA at Alpbach – Breakout Session on Cyber-Security

Under the lead of TU Austria, we organize an Alpbach Breakout Session on Cyber-Security as a fundamental right. Participants include Isao Echizen (NII), Lokke Moerel (Tilburg University), Günter Müller (University of Freiburg), Reinhard Posch (TU Graz), and Bart Preneel (University of Leuven).

Tomasz Miksa PhD defense

Tomek defended his PhD thesis “Verification and Validation of Scientific Workflow Re-executions” successfully and graduated with distinction. Congratulations!

Tomasz Miksa PhD

Guest Talk: “DNS Traffic Analysis: Opportunities, Risks, and (Self-)Defenses”

Dominik Herrmann, post-doctoral researcher in the Security in Distributed Systems Group (SVS) at University of Hamburg, Germany gives a talk about “DNS Traffic Analysis: Opportunities, Risks, and (Self-)Defenses”. Abstract.

Friday, 15.04.2016, 14.00-15.00

This event is hosted by the Vienna ACM SIGSAC Chapter.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close