Martin Schmiedecker

Martin Schmiedecker

was senior researcher at SBA Research.

Bio

Martin Schmiedecker received the master’s degree in Computer and Data Security in 2009 from the TU Wien. His research interest includes digital forensics, online privacy in general, browser fingerprinting, Tor, large-scale systems and applied security. He spent two semesters in 2010 as a visiting scholar at Purdue university in West Lafayette, IN. He is currently teaching graduate and undergraduate courses on computer security and digital forensics at TU Wien and multiple universities of applied sciences in Austria. He obtained the Ph.D. degree in 2014, his thesis about digital forensics of online services can be found here.

His research focuses on digital forensics, online privacy, Tor and TLS.

Top Publications:

  • NavigaTor: Finding Faster Paths to Anonymity (2016)
    • INPROCEEDINGStruetrue
    • Robert Annessi and Martin Schmiedecker
    • IEEE European Symposium on Security and Privacy (Euro S&P)
    @INPROCEEDINGS{Annessi2016NavigaTor,
       author = {Robert Annessi and Martin Schmiedecker},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {NavigaTor: Finding Faster Paths to Anonymity},
       booktitle = {IEEE European Symposium on Security and Privacy (Euro S&P)},
       year = {2016},
       month = {3},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/NavigaTor_preprint.pdf},
       publisher = {IEEE},
       link_source = {https://naviga-tor.github.io/#source},
       link_data = {https://naviga-tor.github.io/#data},
    }
  • SHPF: Enhancing HTTP(S) Session Security with Browser Fingerprinting (2013)
    • INPROCEEDINGS--
    • Thomas Unger and Martin Schmiedecker and Dominik Frühwirt and Markus Huber and Sebastian Schrittwieser and Edgar R. Weippl
    • Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{ARES_SHPF_short_2013,
       author = {Thomas Unger and Martin Schmiedecker and Dominik Frühwirt and Markus Huber and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {SHPF: Enhancing HTTP(S) Session Security with Browser Fingerprinting},
       booktitle = {Proceedings of the Eighth International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2013},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/shpf_extendedPreprint.pdf},
       link_source = {https://github.com/mmulazzani/shpf},
       link_slides = {http://www.slideshare.net/SBAResearch/shpf-enhancing-https-session-security-with-browser-fingerprinting},
    }
  • IMSI-Catch Me If You Can: IMSI-Catcher-Catchers (2014)
    • INPROCEEDINGStrue-
    • Adrian Dabrowski and Nicola Pianta and Thomas Klepp and Martin Schmiedecker and Edgar R. Weippl
    • Annual Computer Security Applications Conference (ACSAC)
    @INPROCEEDINGS{Dabrowski2014IMSICatch,
       author = {Adrian Dabrowski and Nicola Pianta and Thomas Klepp and Martin Schmiedecker and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {IMSI-Catch Me If You Can: IMSI-Catcher-Catchers},
       booktitle = {Annual Computer Security Applications Conference (ACSAC)},
       year = {2014},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/DabrowskiEtAl-IMSI-Catcher-Catcher-ACSAC2014.pdf},
       link_source = {http://sourceforge.net/p/icc/},
    }
  • Cloud Speicherdienste als Angriffsvektoren (2011)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar R. Weippl
    • 9th Information Security Konferenz in Krems
    @INPROCEEDINGS{DropboxKrems2011,
       author = {Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and {Edgar R.} Weippl},
       title = {Cloud Speicherdienste als Angriffsvektoren},
       booktitle = {9th Information Security Konferenz in Krems},
       year = {2011},
       month = {10},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/DunkleWolken.pdf},
    }
  • Trust me, I am a Root CA! Analyzing SSL Root CAs in modern Browsers and Operating Systems (2015)
    • INPROCEEDINGS--
    • Tariq Fadai and Sebastian Schrittwieser and Peter Kieseberg and Martin Schmiedecker
    • International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Fadai2015Trust,
       author = {Tariq Fadai and Sebastian Schrittwieser and Peter Kieseberg and Martin Schmiedecker},
       title = {Trust me,
       I am a Root CA! Analyzing SSL Root CAs in modern Browsers and Operating Systems},
       booktitle = {International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2015},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/SSL.pdf},
    }
  • Sicherheit in sozialen Netzwerken: Quo Vadis (2010)
    • INPROCEEDINGS--
    • Peter Fruehwirt and Markus Huber and Martin Schmiedecker and Edgar R. Weippl
    • 8th Information Security Konferenz in Krems
    @INPROCEEDINGS{Fruewirt_Sicherheit_in_sozialen_Netzwer_2010,
       author = {Peter Fruehwirt and Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Sicherheit in sozialen Netzwerken: Quo Vadis},
       booktitle = {8th Information Security Konferenz in Krems},
       year = {2010},
       month = {11},
    }
  • Friend-in-the-middle Attacks (2010)
    • TECHREPORT--
    • Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and Edgar R. Weippl
    • -
    @TECHREPORT{Huber2010Friendin-the-middle,
       author = {Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and {Edgar R.} Weippl},
       title = {Friend-in-the-middle Attacks},
       booktitle = {Technical Report},
       year = {2010},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/FITM_TR-SBA-Research-0710-01.pdf},
    }
  • Appinspect: large-scale evaluation of social networking apps (2013)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl
    • Proceedings of the first ACM conference on Online social networks
    @INPROCEEDINGS{huber2013appinspect,
       author = {Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {Appinspect: large-scale evaluation of social networking apps},
       booktitle = {Proceedings of the first ACM conference on Online social networks},
       year = {2013},
       month = {10},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/AppInspect_peprint.pdf},
       pages = {143--154},
       publisher = {ACM},
       link_slides = {http://cosn.acm.org/2013/files/Session6/Session6Paper1.pdf},
    }
  • Cheap and Automated Socio-Technical Attacks based on Social Networking Sites (2010)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl
    • 3rd Workshop on Artificial Intelligence and Security AISec 10
    @INPROCEEDINGS{Huber_Cheap_and_Automated_Socio_Tech_2010,
       author = {Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {Cheap and Automated Socio-Technical Attacks based on Social Networking Sites},
       booktitle = {3rd Workshop on Artificial Intelligence and Security AISec 10},
       year = {2010},
       month = {10},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/p61huber.pdf},
    }
  • Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam (2011)
    • ARTICLE--
    • Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and Edgar R. Weippl
    • IEEE Internet Computing: Special Issue on Security and Privacy in Social Networks
    @ARTICLE{Huber_Friend_in_the_middle_Attacks_E_2011,
       author = {Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and {Edgar R.} Weippl},
       title = {Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam},
       journal = {IEEE Internet Computing: Special Issue on Security and Privacy in Social Networks},
       year = {2011},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/FITM_InternetComputing_preprint.pdf},
       note = {Pre Print},
    }
  • InnoDB Database Forensics (2010)
    • INPROCEEDINGS--
    • Peter Fruehwirt and Markus Huber and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the 24th International Conference on Advanced Information Networking and Applications
    @INPROCEEDINGS{Huber_InnoDB_Database_Forensics_2010,
       author = {Peter Fruehwirt and Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {InnoDB Database Forensics},
       booktitle = {Proceedings of the 24th International Conference on Advanced Information Networking and Applications},
       year = {2010},
       month = {4},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/AINA2010-InnoDBforensics_preprint.pdf},
    }
  • Social Networking Sites Security Quo Vadis (2010)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing
    @INPROCEEDINGS{Huber_Social_Networking_Sites_Securi_2010,
       author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Social Networking Sites Security Quo Vadis},
       booktitle = {Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing},
       year = {2010},
       month = {8},
    }
  • Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites (2010)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the IFIP International Information Security Conference 2010: Security and Privacy
    @INPROCEEDINGS{Huber_Who_On_Earth_Is_Mr_Cypher_Auto_2010,
       author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites},
       booktitle = {Proceedings of the IFIP International Information Security Conference 2010: Security and Privacy},
       year = {2010},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sec2010-friendInjection_preprint.pdf},
    }
  • Towards Fully Automated Digital Alibis with Social Interaction (2014)
    • INPROCEEDINGS--
    • Stefanie Beyer and Martin Schmiedecker and Sebastian Schrittwieser and Markus Huber and Edgar R. Weippl
    • Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics
    @INPROCEEDINGS{ifip119_2014_alibi,
       author = {Stefanie Beyer and Martin Schmiedecker and Sebastian Schrittwieser and Markus Huber and {Edgar R.} Weippl},
       title = {Towards Fully Automated Digital Alibis with Social Interaction},
       booktitle = {Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics},
       year = {2014},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/alibigenerator_preprint.pdf},
       link_source = {https://github.com/mmulazzani/alibiFramework},
       link_slides = {http://www.slideshare.net/SBAResearch/digitale-alibis-ifip},
    }
  • Windows Installer Security (2014)
    • INPROCEEDINGS--
    • Christian Kadluba and Martin Schmiedecker and Lorenz Zechner and Sebastian Neuner and Edgar R. Weippl
    • Sixth ASE International Conference on Privacy, Security, Risk and Trust (PASSAT 2014)
    @INPROCEEDINGS{Kadluba2014Windows,
       author = {Christian Kadluba and Martin Schmiedecker and Lorenz Zechner and Sebastian Neuner and {Edgar R.} Weippl},
       title = {Windows Installer Security},
       booktitle = {Sixth ASE International Conference on Privacy,
       Security,
       Risk and Trust (PASSAT 2014)},
       year = {2014},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Sebastian Neuner msiInstaller.pdf},
    }
  • An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata (2014)
    • ARTICLEtrue-
    • Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Isao Echizen and Edgar R. Weippl
    • Electronic Markets - The International Journal on Networked Business
    @ARTICLE{Kieseberg2014algorithm,
       author = {Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Isao Echizen and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata},
       journal = {Electronic Markets - The International Journal on Networked Business},
       year = {2014},
       pdf = {http://link.springer.com/article/10.1007/s12525-014-0154-x},
    }
  • Real-time Forensics through Endpoint Visibility (2017)
    • INPROCEEDINGS--
    • Peter Kieseberg and Sebastian Neuner and Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl
    • International Conference on Digital Forensics & Cyber Crime (ICDF2C)
    @INPROCEEDINGS{Kieseberg2017Realtime,
       author = {Peter Kieseberg and Sebastian Neuner and Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Real-time Forensics through Endpoint Visibility},
       booktitle = {International Conference on Digital Forensics & Cyber Crime (ICDF2C)},
       year = {2017},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/fleetForensics.pdf},
       link_slides = {https://www.slideshare.net/SBAResearch/realtime-forensics-through-endpoint-visibility-80707652},
    }
  • Trees Cannot Lie: Using Data Structures for Forensics Purposes (2011)
    • INPROCEEDINGS--
    • Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Markus Huber and Edgar R. Weippl
    • European Intelligence and Security Informatics Conference (EISIC 2011)
    @INPROCEEDINGS{Kieseberg_Trees_Cannot_Lie_Using_Data_St_2011,
       author = {Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
       title = {Trees Cannot Lie: Using Data Structures for Forensics Purposes},
       booktitle = {European Intelligence and Security Informatics Conference (EISIC 2011)},
       year = {2011},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/btree_forensics_camera_ready.pdf},
    }
  • "I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS (2017)
    • INPROCEEDINGStruetrue
    • Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and Edgar R. Weippl
    • 26th USENIX Security Symposium (USENIX Security 2017)
    @INPROCEEDINGS{Krombholz2017Have,
       author = {Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS},
       booktitle = {26th USENIX Security Symposium (USENIX Security 2017)},
       year = {2017},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sec17-krombholz.pdf},
       link_slides = {https://www.slideshare.net/SBAResearch/i-have-no-idea-what-im-doing-on-the-usability-of-deploying-https},
    }
  • No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large (2015)
    • ARTICLEtrue-
    • Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber
    • arXiv preprint
    @ARTICLE{Mayer2015Need,
       author = {Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber},
       sbahotlist = {true},
       title = {No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large},
       journal = {arXiv preprint},
       year = {2015},
       month = {10},
       pdf = {http://arxiv.org/abs/1510.08646},
       link_data = {https://scans.io/study/sba-email},
    }
  • No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large (2016)
    • INPROCEEDINGS-true
    • Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber
    • International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Mayer2016Need,
       author = {Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber},
       authorhotlist = {true},
       title = {No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large},
       booktitle = {International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/scanTLS.pdf},
       link_data = {https://scans.io/study/sba-email},
       link_slides = {http://www.slideshare.net/SBAResearch/no-need-for-black-chambers},
    }
  • TLScompare: Crowdsourcing Rules for HTTPS Everywhere (2016)
    • INPROCEEDINGS--
    • Wilfried Mayer and Martin Schmiedecker
    • Workshop on Empirical Research Methods in Information Security (ERMIS)
    @INPROCEEDINGS{Mayer2016TLScompare,
       author = {Wilfried Mayer and Martin Schmiedecker},
       title = {TLScompare: Crowdsourcing Rules for HTTPS Everywhere},
       booktitle = {Workshop on Empirical Research Methods in Information Security (ERMIS)},
       year = {2016},
       month = {4},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/crowdsourcing_preprint.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/tlscompareorg-crowdsourcing-rules-for-https-everywhere},
    }
  • Securing the Internet, One HTTP 200 OK at a Time (2017)
    • ARTICLEtruetrue
    • Wilfried Mayer and Katharina Krombholz and Martin Schmiedecker and Edgar R. Weippl
    • USENIX login, Winter 2017
    @ARTICLE{Mayer2017Securing,
       author = {Wilfried Mayer and Katharina Krombholz and Martin Schmiedecker and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Securing the Internet,
       One HTTP 200 OK at a Time},
       journal = {USENIX login,
       Winter 2017},
       year = {2017},
       month = {12},
       pdf = {https://www.usenix.org/publications/login/winter2017/mayer},
       volume = {42},
       publisher = {USENIX},
    }
  • Turning Active TLS Scanning to Eleven (2017)
    • INPROCEEDINGS-true
    • Wilfried Mayer and Martin Schmiedecker
    • IFIP International Information Security and Privacy Conference (IFIP Sec)
    @INPROCEEDINGS{Mayer2017Turning,
       author = {Wilfried Mayer and Martin Schmiedecker},
       authorhotlist = {true},
       title = {Turning Active TLS Scanning to Eleven},
       booktitle = {IFIP International Information Security and Privacy Conference (IFIP Sec)},
       year = {2017},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/ifipSec2017_preprint.pdf},
       link_source = {https://github.com/WilfriedMayer/turning-active-tls-scanning-to-eleven},
       link_slides = {https://www.slideshare.net/SBAResearch/turning-active-tls-scanning-to-eleven},
    }
  • Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services (2016)
    • INPROCEEDINGS--
    • Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and Artemios G. Voyiatzis and Edgar R. Weippl
    • 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016)
    @INPROCEEDINGS{Merzdovnik2016Whom,
       author = {Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       title = {Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services},
       booktitle = {30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016)},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/TLSnotaries_preprint.pdf},
    }
  • Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools (2017)
    • INPROCEEDINGStruetrue
    • Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl
    • 2nd IEEE European Symposium on Security and Privacy (Euro S&P)
    @INPROCEEDINGS{Merzdovnik2017,
       author = {Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools},
       booktitle = {2nd IEEE European Symposium on Security and Privacy (Euro S&P)},
       year = {2017},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/block_me_if_you_can.pdf},
    }
  • New challenges in digital forensics: online storage and anonymous communication (2014)
    • TECHREPORT--
    • Martin Schmiedecker
    • -
    @TECHREPORT{Mulazzani2014challenges,
       author = {Martin Schmiedecker},
       title = {New challenges in digital forensics: online storage and anonymous communication},
       booktitle = {PhD Thesis},
       year = {2014},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/dissertation_Mulazzani.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/presentation-diss},
    }
  • Aktuelle Herausforderungen in der Datenbankforensik (2009)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Edgar R. Weippl
    • 7th Information Security Konferenz in Krems
    @INPROCEEDINGS{Mulazzani_AktuelleHerausforderungenin_2009,
       author = {Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Aktuelle Herausforderungen in der Datenbankforensik},
       booktitle = {7th Information Security Konferenz in Krems},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Mulazzani_AktuelleHerausforderungenin_2009.pdf},
       publisher = {OCG Austrian Computer Society,
       Krems},
    }
  • Anonymity and Monitoring: How to Monitor the Infrastructure of an Anonymity System (2010)
    • ARTICLE--
    • Martin Schmiedecker and Markus Huber and Edgar R. Weippl
    • IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
    @ARTICLE{Mulazzani_Anonymity_and_Monitoring_How_t_2010,
       author = {Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
       title = {Anonymity and Monitoring: How to Monitor the Infrastructure of an Anonymity System},
       journal = {IEEE Transactions on Systems,
       Man,
       and Cybernetics,
       Part C: Applications and Reviews},
       year = {2010},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/IEEE_SMC_Tor_finalPreprint.pdf},
       pages = {539-546},
    }
  • Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space (2011)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar R. Weippl
    • USENIX Security
    @INPROCEEDINGS{Mulazzani_Dark_Clouds_on_the_Horizon_Usi_2011,
       author = {Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and {Edgar R.} Weippl},
       title = {Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space},
       booktitle = {USENIX Security},
       year = {2011},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/dropboxUSENIX2011.pdf},
    }
  • Quantifying Windows File Slack in Size and Stability (2013)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Sebastian Neuner and Peter Kieseberg and Markus Huber and Sebastian Schrittwieser and Edgar R. Weippl
    • Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics
    @INPROCEEDINGS{Mulazzani_Slackspace_Quantifiation_2013,
       author = {Martin Schmiedecker and Sebastian Neuner and Peter Kieseberg and Markus Huber and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {Quantifying Windows File Slack in Size and Stability},
       booktitle = {Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics},
       year = {2013},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/ifipSlack_2013_preprint.pdf},
       link_data = {http://128.130.204.91/slackspaceDataset.7z},
       link_slides = {http://www.slideshare.net/SBAResearch/quantifying-windows-file-slack-in-size-and-stability},
    }
  • Social Network Forensics: Tapping the Data Pool of Social Networks (2012)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Markus Huber and Edgar R. Weippl
    • Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics
    @INPROCEEDINGS{Mulazzani_Social_Network_Forensics_2012,
       author = {Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
       title = {Social Network Forensics: Tapping the Data Pool of Social Networks},
       booktitle = {Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics},
       year = {2012},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/socialForensics_preprint.pdf},
    }
  • Tor HTTP usage and information leakage (2010)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of IFIP CMS 2010
    @INPROCEEDINGS{Mulazzani_Tor_HTTP_usage_and_information_2010,
       author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Tor HTTP usage and information leakage},
       booktitle = {Proceedings of IFIP CMS 2010},
       year = {2010},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2010 - Huber - Tor HTTP Usage.pdf},
       pages = {245-255},
    }
  • Enter Sandbox: Android Sandbox Comparison (2014)
    • INPROCEEDINGS--
    • Sebastian Neuner and Victor Van der Veen and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)
    @INPROCEEDINGS{Neuner2014Enter,
       author = {Sebastian Neuner and Victor {Van der Veen} and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Enter Sandbox: Android Sandbox Comparison},
       booktitle = {Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)},
       year = {2014},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/mostAndroid.pdf},
       publisher = {IEEE},
       link_slides = {http://www.slideshare.net/SBAResearch/enter-sandbox-android-sandbox-comparison},
    }
  • Gradually Improving the Forensic Process (2015)
    • INPROCEEDINGS--
    • Sebastian Neuner and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl
    • International Workshop on Cyber Crime (IWCC)
    @INPROCEEDINGS{Neuner2015Gradually,
       author = {Sebastian Neuner and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {Gradually Improving the Forensic Process},
       booktitle = {International Workshop on Cyber Crime (IWCC)},
       year = {2015},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Neuner_IWCC2015.pdf},
    }
  • Effectiveness of File‐based Deduplication in Digital Forensics (2016)
    • ARTICLE--
    • Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl
    • Security and Communication Networks
    @ARTICLE{Neuner2016Effectiveness,
       author = {Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Effectiveness of File‐based Deduplication in Digital Forensics},
       journal = {Security and Communication Networks},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Neuner2016Effectiveness_preprint.pdf},
       publisher = {Wiley},
    }
  • PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics (2016)
    • INPROCEEDINGStruetrue
    • Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl
    • 16th Annual DFRWS Conference
    @INPROCEEDINGS{Neuner2016PeekaTorrent,
       author = {Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics},
       booktitle = {16th Annual DFRWS Conference},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/peekatorrent_preprint.pdf},
       link_source = {https://github.com/schmiedecker/peekatorrent},
       link_data = {https://www.peekatorrent.org},
       link_slides = {http://www.slideshare.net/SBAResearch/peekatorrent-leveraging-p2p-hash-values-for-digital-forensics},
    }
  • Time is on my side: Steganography in filesystem metadata (2016)
    • INPROCEEDINGS--
    • Sebastian Neuner and Artemios G. Voyiatzis and Martin Schmiedecker and Stefan Brunthaler and Stefan Katzenbeisser and Edgar R. Weippl
    • 16th Annual DFRWS Conference
    @INPROCEEDINGS{Neuner2016Time,
       author = {Sebastian Neuner and {Artemios G.} Voyiatzis and Martin Schmiedecker and Stefan Brunthaler and Stefan Katzenbeisser and {Edgar R.} Weippl},
       title = {Time is on my side: Steganography in filesystem metadata},
       booktitle = {16th Annual DFRWS Conference},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/timestampStego_preprint.pdf},
       link_data = {https://www.sba-research.org/dfrws2016/},
       link_slides = {http://www.slideshare.net/SBAResearch/time-is-on-my-side-steganography-in-filesystem-metadata},
    }
  • Timestamp hiccups: Detecting manipulated filesystem timestamps on NTFS (2017)
    • ARTICLE--
    • Sebastian Neuner and Artemios G. Voyiatzis and Martin Schmiedecker and Edgar R. Weippl
    • International Conference on Availability, Reliability and Security (ARES)
    @ARTICLE{Neuner2017,
       author = {Sebastian Neuner and {Artemios G.} Voyiatzis and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Timestamp hiccups: Detecting manipulated filesystem timestamps on NTFS},
       journal = {International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2017},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/hiccups.pdf},
    }
  • Privacy and Data Protection in Smartphone Messengers (2015)
    • INPROCEEDINGS--
    • Christoph Rottermanner and Peter Kieseberg and Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser
    • Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (iiWAS2015)
    @INPROCEEDINGS{Rottermanner2015Privacy,
       author = {Christoph Rottermanner and Peter Kieseberg and Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser},
       title = {Privacy and Data Protection in Smartphone Messengers},
       booktitle = {Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (iiWAS2015)},
       year = {2015},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/paper_drafthp.pdf},
    }
  • On Reducing Bottlenecks in Digital Forensics (2016)
    • ARTICLE--
    • Martin Schmiedecker and Sebastian Neuner
    • ERCIM News
    @ARTICLE{Schmiedecker2016Reducing,
       author = {Martin Schmiedecker and Sebastian Neuner},
       title = {On Reducing Bottlenecks in Digital Forensics},
       journal = {ERCIM News},
       year = {2016},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/EN106-peekaTorrent.pdf},
    }
  • Covert Computation - Hiding Code in Code for Obfuscation Purposes (2013)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the 8th International Symposium on ACM Symposium on Information , Computer and Communications Security (ASIACCS 2013)
    @INPROCEEDINGS{schrittwieser-covertcomputation-2013,
       author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Covert Computation - Hiding Code in Code for Obfuscation Purposes},
       booktitle = {Proceedings of the 8th International Symposium on ACM Symposium on Information ,
       Computer and Communications Security (ASIACCS 2013)},
       year = {2013},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/p529-schrittwieser.pdf},
    }
  • Ethics in Security Research - Which Lines Should Not Be Crossed? (2013)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl
    • Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)
    @INPROCEEDINGS{schrittwieser-ethics-2013,
       author = {Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Ethics in Security Research - Which Lines Should Not Be Crossed?},
       booktitle = {Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)},
       year = {2013},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/creds2013_preprint.pdf},
    }
  • Covert Computation - Hiding Code in Code Through Compile-Time Obfuscation (2014)
    • ARTICLEtrue-
    • Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl
    • Computers & Security
    @ARTICLE{Schrittwieser2014Covert,
       author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {Covert Computation - Hiding Code in Code Through Compile-Time Obfuscation},
       journal = {Computers & Security},
       year = {2014},
       month = {5},
       pdf = {http://www.sciencedirect.com/science/article/pii/S0167404814000030},
       publisher = {Elsevier Advanced Technology},
    }
  • Ethik in der Sicherheitsforschung (2013)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl and Sandra Panhans
    • DACH Security 2013
    @INPROCEEDINGS{Schrittwieser_Ethik_in_der_Sicherheitsforsch_2013,
       author = {Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl and Sandra Panhans},
       title = {Ethik in der Sicherheitsforschung},
       booktitle = {DACH Security 2013},
       year = {2013},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/DACH-Camera Ready.pdf},
    }
  • Guess Who Is Texting You? Evaluating the Security of Smartphone Messaging Applications (2012)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Edgar R. Weippl
    • Network and Distributed System Security Symposium (NDSS 2012)
    @INPROCEEDINGS{Schrittwieser_Guess_Who_s_Texting_You_Evalua_2012,
       author = {Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
       title = {Guess Who Is Texting You? Evaluating the Security of Smartphone Messaging Applications},
       booktitle = {Network and Distributed System Security Symposium (NDSS 2012)},
       year = {2012},
       month = {2},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/ndss2012_final.pdf},
    }
  • Secure Software in der Cloud (2012)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Gilbert Wondracek and Sylvi Rennert and Edgar R. Weippl
    • Tagungsband Cloud und Klein: IT im Spannungsfeld zwischen Servercluster und Sensornetz
    @INPROCEEDINGS{Schrittwieser_Secure_Software_in_der_Cloud_2012,
       author = {Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Gilbert Wondracek and Sylvi Rennert and {Edgar R.} Weippl},
       title = {Secure Software in der Cloud},
       booktitle = {Tagungsband Cloud und Klein: IT im Spannungsfeld zwischen Servercluster und Sensornetz},
       year = {2012},
       month = {4},
    }
  • QR Code Security (2010)
    • INPROCEEDINGS--
    • Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Lindsay Munroe and Sebastian Schrittwieser and Mayank Sinha and Edgar R. Weippl
    • Fourth International Workshop on Trustworthy Ubiquitous Computing (TwUC 2010)
    @INPROCEEDINGS{twuc_2010,
       author = {Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Lindsay Munroe and Sebastian Schrittwieser and Mayank Sinha and {Edgar R.} Weippl},
       title = {QR Code Security},
       booktitle = {Fourth International Workshop on Trustworthy Ubiquitous Computing (TwUC 2010)},
       year = {2010},
       month = {11},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/QR_Code_Security.pdf},
    }
  • Spoiled Onions: Exposing Malicious Tor Exit Relays (2014)
    • INPROCEEDINGS--
    • Philipp Winter and Richard Koewer and Martin Schmiedecker and Markus Huber and Sebastian Schrittwieser and Stefan Lindskog and Edgar R. Weippl
    • The 14th Privacy Enhancing Technologies Symposium (PETS)
    @INPROCEEDINGS{Winter2014Spoiled,
       author = {Philipp Winter and Richard Koewer and Martin Schmiedecker and Markus Huber and Sebastian Schrittwieser and Stefan Lindskog and {Edgar R.} Weippl},
       title = {Spoiled Onions: Exposing Malicious Tor Exit Relays},
       booktitle = {The 14th Privacy Enhancing Technologies Symposium (PETS)},
       year = {2014},
       month = {7},
       pdf = {http://www.sba-research.org/wp-content/uploads/publications/pets2014_preprint.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/spoiled-onions},
    }
  • Fast and Efficient Browser Identification with JavaScript Engine Fingerprinting (2012)
    • TECHREPORT--
    • Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Edgar R. Weippl
    • -
    @TECHREPORT{_Fast_and_Efficient_Browser_Ide_2012,
       author = {Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and {Edgar R.} Weippl},
       title = {Fast and Efficient Browser Identification with JavaScript Engine Fingerprinting},
       booktitle = {Technical Report TR-SBA-Research-0512-01},
       year = {2012},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/jsfingerprinting_Tech_Report.pdf},
    }
  • Fast and Reliable Browser Identification with JavaScript Engine Fingerprinting (2013)
    • INPROCEEDINGS--
    • Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Sebastian Schrittwieser and Edgar R. Weippl
    • Web 2.0 Workshop on Security and Privacy (W2SP)
    @INPROCEEDINGS{_Fast_and_Reliable_Browser_Iden_2013,
       author = {Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Sebastian Schrittwieser and {Edgar R.} Weippl},
       title = {Fast and Reliable Browser Identification with JavaScript Engine Fingerprinting},
       booktitle = {Web 2.0 Workshop on Security and Privacy (W2SP)},
       year = {2013},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/jsfingerprinting.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/fast-and-efficient-browser-identification-with-javascript-engine-fingerprinting},
    }
  • Malicious Pixels Using QR Codes as Attack Vector (2012)
    • INPROCEEDINGS--
    • Peter Kieseberg and Sebastian Schrittwieser and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl and Lindsay Munroe and Mayank Sinha
    • Trustworthy Ubiquitous Computing
    @INPROCEEDINGS{_Malicious_Pixels_Using_QR_Code_2012,
       author = {Peter Kieseberg and Sebastian Schrittwieser and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl and Lindsay Munroe and Mayank Sinha},
       title = {Malicious Pixels Using QR Codes as Attack Vector},
       booktitle = {Trustworthy Ubiquitous Computing},
       year = {2012},
       month = {9},
       pages = {21-38},
    }
  • Social Snapshots: Digital Forensics for Online Social Networks (2011)
    • INPROCEEDINGS--
    • Markus Huber and Martin Schmiedecker and Manuel Leithner and Sebastian Schrittwieser and Gilbert Wondracek and Edgar R. Weippl
    • Annual Computer Security Applications Conference (ACSAC)
    @INPROCEEDINGS{_Social_Snapshots_Digital_Foren_2011,
       author = {Markus Huber and Martin Schmiedecker and Manuel Leithner and Sebastian Schrittwieser and Gilbert Wondracek and {Edgar R.} Weippl},
       title = {Social Snapshots: Digital Forensics for Online Social Networks},
       booktitle = {Annual Computer Security Applications Conference (ACSAC)},
       year = {2011},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/social_snapshots_preprint.pdf},
    }
  • Using the Structure of B plus Trees for Enhancing Logging Mechanisms of Databases (2011)
    • INPROCEEDINGS--
    • Peter Kieseberg and Sebastian Schrittwieser and Lorcan Morgan and Martin Schmiedecker and Markus Huber and Edgar R. Weippl
    • International Conference on Information Integration and Web-based Applications & Services (iiWAS2011)
    @INPROCEEDINGS{_Using_the_Structure_of_B_Trees_2011,
       author = {Peter Kieseberg and Sebastian Schrittwieser and Lorcan Morgan and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
       title = {Using the Structure of B plus Trees for Enhancing Logging Mechanisms of Databases},
       booktitle = {International Conference on Information Integration and Web-based Applications & Services (iiWAS2011)},
       year = {2011},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/iiWAS2011_133_Short_Kieseberg.pdf},
    }

 

Professional Activities

  • General chair at the Tenth Annual IFIP WG 11.9 Int. Conference on Digital Forensics, 2014
  • Workshop chair at the Int. Workshop on Digital Forensics (WSDF), 2012-2015
  • General co-chair at the 9th International Conference on Digital Forensics \& Cyber Crime (ICDF2C), 2017

PC Member At

  • Privacy Enhancing Technologies Symposium (PETS), 2016-2017
  • International Conference on Availability, Reliability and Security (ARES), 2016-2017
  • International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), 2016
  • International Workshop on Digital Forensics (WSDF), 2016
  • 20th European Symposium on Research in Computer Security (ESORICS), 2015
  • IFIP International Information Security and Privacy Conference (IFIP SEC), 2015-2016
  • International Conference on Digital Forensics \& Cyber Crime (ICDF2C), 2015-2016
  • Digital Forensics Research Conference (DFRWS EU), 2014-2018
  • IFIP WG 11.9 Int. Conference on Digital Forensics, 2013-2017

Datasets

  • Our dataset on timestamp steganography (DFRWS USA 2016) can be found here.
  • Our dataset on torrents as input source for digital forensics (DFRWS USA 2016) can be found here.
  • Our dataset on Tor network measurements (IEEE Euro S&P 2016) can be found at naviga-tor.github.io.
  • Our dataset on TLS in the email ecosystem for the entire IPv4 adress space can be found at scans.io.
  • Our dataset for our NTFS slackspace evaluation (IFIP Forensics conference 2013) can be found here. SHA1 = 526c5b934e3a067d1c61b3f19bbe027b377482b4

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close