Floragasse 7 – 5th floor, 1040 Vienna

Georg Merzdovnik

Georg Merzdovnik

is senior researcher at SBA Research, leads the Systems and (I)IoT Security Research Group and is adjunct lecturer at TU Wien.

  • gmerzdovnik@sba-research.org
  • +43 (1) 505 36 88
  • 96C2 15D2 2E42 4135 B492 3BF3 63BD 06FD 2788 B752
    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: SKS 1.1.4
    Comment: Hostname: pgp.mit.edu
    
    mQINBFKy7IsBEACfBXaf9oWXlYgU/t1UNhgrRrhWq+OVqq2MGFUOZEMgUuaBVqLs/rc4rmbo
    8Bcc997+tLhT7zjW8lVEYxWYPGyIx7nslA0QPSv86mwd+RIa6wjQedpRKEhW0pM8yYF4rrys
    SunXPDw8lHUh1OHz5p5RLu4Xh3LpNa9wrNsxsLjReD2E4E+DMYl8yVT0x6AZHi8U20eAy4ju
    3t2F8MXewB/FPR9qTAQtLUu43Sn6jpCxcSIh+JRhH6zMgKusqbvvege+l7zM/YrgnSH3hPiy
    WHVQoTtKgnM16R2/WA0DW6Mwwx7t3hPplaFfF4gG7yhAMH+rmK5yCM/VDloc34uSz2Z1/tBF
    vB7x4OSxl6zcJLZFujRkwT20PMWys8kMMP7M6YPUl6jnjsxdVtX08ANixT+Q3Dm98z7DWb2c
    wekj0QVLd3Xb8uzFtt7et/wJKnjoD3U62qV5pujl9c60bGw1SDM+FH0tqPqhsuanyL0k5Kiy
    6gb0L5ZPmRAEa6hE2sywL3LhTH4pAo/sBMxO+06IUi7F1WmKuP0lxtG6W/udHSz3IZPAukQu
    K+BIOU0Dx0rmv9Qz+yU6ABZqDWhUHoXIfh84eRqk9t5/BY4NLMONZZUPaFlcIVrNuYmwNmQ7
    OaADS0rLlV1lBnX/Cho5IinxO2matpknOO1XX/e7zrYXcCDNsQARAQABtC9HZW9yZyBNZXJ6
    ZG92bmlrIDxnbWVyemRvdm5pa0BzYmEtcmVzZWFyY2gub3JnPokCOQQTAQIAIwUCUrLsiwIb
    IwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEGO9Bv0niLdSB4IP/1neo1g529No/lPn
    7fhAFecm0Gjq4mIQl2jKe/oSSYQr/t7eE5zINlE79qGWMSF59ltM34jNUtOdB2y0XCb1+pyY
    414LS3nqfGTyKfDYEi5YimP3SrrDL1m/aEa9qeOrxGJX37ZkjD8PCqFNa3J4XLi3R7NuPvG0
    LrpZiEJl9c/E3JjlyRgKmA8sVt4fKg3afb0lRV213Mrt3LPo3MKxD/D0NHdSNzNaqLpJKpdB
    4mpmLCx8pPkL+YFJ11M26OqwMxNKsI0f/fyEK0fYXYqDW8dU3DYtHKaeJi2bHk7UQuDsMFCh
    Xp1DM55GvSUWjcj9R+oq2eEBoQpbZ2PBQnxQRym1URZ+WEbY7e1aFcCdtn374Y6tZq7RA/HS
    ucDwxvMs0nZUXD5PMy23wnziSy+MOuWo4wYd8QcZj6QB6NQ71VQBfxJoufzhN++dlKTeyjU0
    LJLlLy3pHcA+zPEToo5AsldyYgSGt0tvyXDaUxD7NJt8HFVW6ZcgTt8QJYmEDti1+hYKZifr
    AnxfZKHv1YYK2+mbfUPjWqhq1t2ehYlDgnnc8wI5H0bjuEaw3RvjpBBHLbFFKL80osVGz6pm
    DS9E0/tfawvlDENSNz3hG9TmD7MglW3sZ5lDTh80BgS6gcMpBnQ3mLZxQXo9Z2K9I47W2kcQ
    kcOC5kf/ycMLGwuWSJixuQINBFKy7IsBEADHKImGhC8uhkKVIqh0PidXG9vfGhBWKOAFNnzt
    tujU84KjgZisbFvUQVH9EQGnSp3J8z+rte7bAgIGXr3i0Z9mxUCma4bHQGdn4jaloFsjJy2G
    j0tGMlo3g5dzqHB9EKeRKNKtQI2p+TBOH4EoRJUrKTv0O/iMI6Dei6LU6yZQr2KRaEhtihHF
    CjkNJqpY3ILBqqTe/OEV/iPHKbaSKideIF7hFN/hY9zrcIk8HUYx/f2qqS1/Bsj6HwCddOUm
    JEAfEy5VLUwUH0MCWTvd/xRoroG0VPVTpkfKNx5V+1vvn8t1th7sSb/U+EYqfst+C28dK4xt
    pNyIeMQIFSOxfXLW2PKtco28d9/sFTRMrsAZ6Q4U/JmxWhY0SlafJ10lm3GANgU/U6e887si
    jGbZo6xuCRNTlRMr5TNyH1agQkJ6As/kprUxHK6RURD5Dg+1nMlSLfBogjXcF4L1UIOy0I1T
    I8duTTE3poAoQMvYBQLTZ7VxVJikJ7JVmMjv4XBF1iNy+7/mdKsn4e9sttXTGDZlThmDi56I
    lBEAPA7q7EAnYEQzxKk/4xJYdNZ3m1RXzW3E7Jp9cSMdoBQ32RDLugloQhMWDLqMOxhx80Bx
    FQ0RMeSPy/qSlA1seaJvLaH7hs4r/iCnRUwXTQMV5ulckC9y7Fw6foyVdXVuWKWJmf9byQAR
    AQABiQIfBBgBAgAJBQJSsuyLAhsMAAoJEGO9Bv0niLdSFQsP/38A7gxOrP6G3p/1wyUYQ6c4
    6rxntiSc+eTrsx4Qxyl4HJLuLwBPEjSv6yWJI3lpt0/kgRQt9Kgoo2vQK2H6Ji++OYRXJPmY
    dVofJ+HbDO9r81hjCvVcU6N5dQwur0yLWZP3Y6/u6qvhatHNKprDEezXsmlEB/gqVFOBZr27
    du/1ki9AnIgOe+lBwJytx0lXD99nM87BY1rJUrguKL/yEe5bq+RHj/NoCoay2yA6v7iBP1JS
    Qj81jzLg/mWzz9V19TFvEg/+FIe9rXJYylyc0/pv05G3bt7zssuwQ82gD8UMuFpfCkZS8C3k
    mCulR3mGky62r87EBfe+SXXjE/ytni5oSK4q9fI/mOeji/j7nruQEzSnx3GOkYav43kQPa7W
    y+FoPKa49UMGSdiT7+YYH067UjS3ixvdygh3gpeygaW4xYtzmtsvHqnL4q2z7bMFu2nYsoot
    v5yyAoDwca+7/aGhfa4ZpKXnrExfQxWL3gh+p/L/X8rVKRl948iM/qFPhu9HHAFlGG/mKlEg
    OswNITbVJuWWekfJaubNm44MFbH2tWvfhACoBlyhTi+vxzHm1cxKWoV9Y2ICRh4jaEy+ZWF/
    9IVsesxIAcuHYK8GyOyuSZdagOS+vUvNOkEZ1tdLFl+LCqEGEgwnueszWIhN2anuHiJdJt5P
    K9vcfYismyio
    =dZd5
    -----END PGP PUBLIC KEY BLOCK-----

Research Interests

Georg’s research interests include applied systems and software security, IoT security (ranging from device to network level) as well as online privacy in general.


Bio

Georg received an BSc in computer engineering, an MSc in software and information engineering, and an PhD in computer science with distinction at TU Wien. His thesis focused on security and privacy in mobile environments. He is currently teaching graduate and undergraduate courses on Internet Security at TU Wien as well as organizing the CTF Team [We_0wn_Y0u].


Publications

Top Publications:

  • Plugin in the Middle - Minimising Security Risks in Mobile Middleware Implementations (2014)
    • INPROCEEDINGS--
    • Peter Aufner and Georg Merzdovnik and Markus Huber and Edgar R. Weippl
    • SINCONF 2014 (Conference on Security of Information and Networks)
    @INPROCEEDINGS{Aufner2014Plugin,
       author = {Peter Aufner and Georg Merzdovnik and Markus Huber and {Edgar R.} Weippl},
       title = {Plugin in the Middle - Minimising Security Risks in Mobile Middleware Implementations},
       booktitle = {SINCONF 2014 (Conference on Security of Information and Networks)},
       year = {2014},
       month = {9},
       pdf = {secperv.pdf},
    }
  • Network Security Challenges in Android Applications (2015)
    • INPROCEEDINGS--
    • Damjan Buhov and Markus Huber and Georg Merzdovnik and Edgar R. Weippl and Vesna Dimitrova
    • 10th International Conference on Availability, Reliability and Security (ARES 2015)
    @INPROCEEDINGS{Buhov2015Network,
       author = {Damjan Buhov and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl and Vesna Dimitrova},
       title = {Network Security Challenges in Android Applications},
       booktitle = {10th International Conference on Availability,
       Reliability and Security (ARES 2015)},
       year = {2015},
       month = {8},
       pdf = {Network_Security_Preprint.pdf},
    }
  • Pin It! Improving Android Network Security At Runtime (2016)
    • INPROCEEDINGStruetrue
    • Damjan Buhov and Markus Huber and Georg Merzdovnik and Edgar R. Weippl
    • IFIP Networking 2016
    @INPROCEEDINGS{Buhov2016Improving,
       author = {Damjan Buhov and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Pin It! Improving Android Network Security At Runtime},
       booktitle = {IFIP Networking 2016},
       year = {2016},
       month = {5},
       pdf = {Pin It! Improving Android Network Security at Runtime.pdf},
    }
  • Browser History Stealing with Captive Wi-Fi Portals (2016)
    • INPROCEEDINGS--
    • Adrian Dabrowski and Georg Merzdovnik and Nikolaus Kommenda and Edgar R. Weippl
    • Proceedings of Workshops at IEEE Security & Privacy 2016, Mobile Security Technologies (MoST)
    @INPROCEEDINGS{Dabrowski2016Browser,
       author = {Adrian Dabrowski and Georg Merzdovnik and Nikolaus Kommenda and {Edgar R.} Weippl},
       title = {Browser History Stealing with Captive Wi-Fi Portals},
       booktitle = {Proceedings of Workshops at IEEE Security & Privacy 2016,
       Mobile Security Technologies (MoST)},
       year = {2016},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Dabrowski2016Browser.pdf},
    }
  • Measuring Cookies and Web Privacy in a Post-GDPR World (2019)
    • INPROCEEDINGS--
    • Adrian Dabrowski and Georg Merzdovnik and Johanna Ullrich and Gerald Sendera and Edgar R. Weippl
    • Passive and Active Measurement Conference 2019
    @INPROCEEDINGS{Dabrowski2019Measuring,
       author = {Adrian Dabrowski and Georg Merzdovnik and Johanna Ullrich and Gerald Sendera and {Edgar R.} Weippl},
       title = {Measuring Cookies and Web Privacy in a Post-GDPR World},
       booktitle = {Passive and Active Measurement Conference 2019},
       year = {2019},
       month = {3},
       pdf = {201903 - ADabrowski - Measuring Cookies.pdf},
    }
  • Towards Practical Methods to Protect the Privacy of Location Information with Mobile Devices (2014)
    • INPROCEEDINGS--
    • Christoph Hochreiner and Markus Huber and Georg Merzdovnik and Edgar R. Weippl
    • SINCONF 2014 (Conference on Security of Information and Networks)
    @INPROCEEDINGS{Hochreiner2014Towards,
       author = {Christoph Hochreiner and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl},
       title = {Towards Practical Methods to Protect the Privacy of Location Information with Mobile Devices },
       booktitle = {SINCONF 2014 (Conference on Security of Information and Networks)},
       year = {2014},
       month = {9},
       pdf = {sinconf_preprint.pdf},
    }
  • Lightweight Address Hopping for Defending the IPv6 IoT (2017)
    • INPROCEEDINGS--
    • Aljosha Judmayer and Johanna Ullrich and Georg Merzdovnik and Artemios G. Voyiatzis and Edgar R. Weippl
    • 12th International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Judmayer2017Lightweight,
       author = {Aljosha Judmayer and Johanna Ullrich and Georg Merzdovnik and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       title = {Lightweight Address Hopping for Defending the IPv6 IoT},
       booktitle = {12th International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2017},
       month = {9},
       pdf = {201707 - JUDMAYER - LightweightAddressHopping.pdf},
    }
  • Autohoney(I)IoT - Automated device Independent honeypot Generation of IoT and Industrial IoT devices (2019)
    • ARTICLE--
    • Christian Kudera and Georg Merzdovnik and Edgar R. Weippl
    • ERCIM News
    @ARTICLE{Kudera2019AutohoneyIoT,
       author = {Christian Kudera and Georg Merzdovnik and {Edgar R.} Weippl},
       title = {Autohoney(I)IoT - Automated device Independent honeypot Generation of IoT and Industrial IoT devices},
       journal = {ERCIM News},
       year = {2019},
       month = {10},
       pdf = {https://ercim-news.ercim.eu/images/stories/EN119/EN119-web.pdf},
       volume = {119},
    }
  • Notary-assisted Certificate Pinning for Improved Security of (Android) Apps (2016)
    • INPROCEEDINGS-true
    • Georg Merzdovnik and Damjan Buhov and Artemios G. Voyiatzis and Edgar R. Weippl
    • 11th International Conference on Availability, Reliability and Security (ARES 2016)
    @INPROCEEDINGS{Merzdovnik2016Notaryassisted,
       author = {Georg Merzdovnik and Damjan Buhov and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       authorhotlist = {true},
       title = {Notary-assisted Certificate Pinning for Improved Security of (Android) Apps},
       booktitle = {11th International Conference on Availability,
       Reliability and Security (ARES 2016)},
       year = {2016},
       month = {9},
       pdf = {notarypin.pdf},
    }
  • Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services (2016)
    • INPROCEEDINGS-true
    • Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and Artemios G. Voyiatzis and Edgar R. Weippl
    • 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016)
    @INPROCEEDINGS{Merzdovnik2016Whom,
       author = {Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       authorhotlist = {true},
       title = {Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services},
       booktitle = {30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016)},
       year = {2016},
       pdf = {TLSnotaries_preprint.pdf},
    }
  • Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools (2017)
    • INPROCEEDINGStruetrue
    • Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl
    • 2nd IEEE European Symposium on Security and Privacy (Euro S&P)
    @INPROCEEDINGS{Merzdovnik2017,
       author = {Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools},
       booktitle = {2nd IEEE European Symposium on Security and Privacy (Euro S&P)},
       year = {2017},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/block_me_if_you_can.pdf},
    }
  • A performance assessment of network address shuffling in IoT systems (2017)
    • INPROCEEDINGS--
    • Georg Merzdovnik and Aljosha Judmayer and Artemios G. Voyiatzis and Edgar R. Weippl
    • 16th International Conference on Computer Aided Systems Theory (EUROCAST 2017)
    @INPROCEEDINGS{Merzdovnik2017performance,
       author = {Georg Merzdovnik and Aljosha Judmayer and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       title = {A performance assessment of network address shuffling in IoT systems},
       booktitle = {16th International Conference on Computer Aided Systems Theory (EUROCAST 2017)},
       year = {2017},
       month = {2},
       pdf = {http://eurocast2017.fulp.ulpgc.es/sites/default/files/Eurocast_2017_Extended_Abstract_Book.pdf},
    }
  • u'smile - Secure Mobile Environments (2017)
    • ARTICLE--
    • Georg Merzdovnik and Damjan Buhov and Artemios G. Voyiatzis and Edgar R. Weippl
    • ERCIM News
    @ARTICLE{Merzdovnik2017usmile,
       author = {Georg Merzdovnik and Damjan Buhov and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
       title = {u'smile - Secure Mobile Environments},
       journal = {ERCIM News},
       year = {2017},
       month = {4},
       pdf = {https://ercim-news.ercim.eu/images/stories/EN109/EN109-web.pdf},
       volume = {109},
       pages = {53--54},
    }
  • Enter Sandbox: Android Sandbox Comparison (2014)
    • INPROCEEDINGS--
    • Sebastian Neuner and Victor Van der Veen and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and Edgar R. Weippl
    • Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)
    @INPROCEEDINGS{Neuner2014Enter,
       author = {Sebastian Neuner and Victor {Van der Veen} and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and {Edgar R.} Weippl},
       title = {Enter Sandbox: Android Sandbox Comparison},
       booktitle = {Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)},
       year = {2014},
       month = {5},
       pdf = {mostAndroid.pdf},
       publisher = {IEEE},
       link_slides = {http://www.slideshare.net/SBAResearch/enter-sandbox-android-sandbox-comparison},
    }
  • AES-SEC: Improving software obfuscation through hardware-assistance (2014)
    • INPROCEEDINGS--
    • Sebastian Schrittwieser and Stefan Katzenbeisser and Georg Merzdovnik and Peter Kieseberg and Edgar R. Weippl
    • ARES 2014
    @INPROCEEDINGS{Schrittwieser2014AESSEC,
       author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Georg Merzdovnik and Peter Kieseberg and {Edgar R.} Weippl},
       title = {AES-SEC: Improving software obfuscation through hardware-assistance },
       booktitle = {ARES 2014},
       year = {2014},
       month = {9},
       pdf = {http://ieeexplore.ieee.org/document/6980281/},
    }
  • Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis? (2016)
    • ARTICLEtrue-
    • Sebastian Schrittwieser and Stefan Katzenbeisser and Johannes Kinder and Georg Merzdovnik and Edgar R. Weippl
    • ACM Computing Survey (CSUR)
    @ARTICLE{Schrittwieser2016Protecting,
       author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Johannes Kinder and Georg Merzdovnik and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?},
       journal = {ACM Computing Survey (CSUR)},
       year = {2016},
       pdf = {http://dl.acm.org/citation.cfm?id=2886012},
       volume = {49},
       publisher = {ACM},
    }
  • From hack to elaborate technique - A survey on binary rewriting (2019)
    • ARTICLEtruetrue
    • Matthias Wenzl and Georg Merzdovnik and Johanna Ullrich and Edgar R. Weippl
    • ACM Computing Surveys
    @ARTICLE{Wenzl2019From,
       author = {Matthias Wenzl and Georg Merzdovnik and Johanna Ullrich and {Edgar R.} Weippl},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {From hack to elaborate technique - A survey on binary rewriting},
       journal = {ACM Computing Surveys},
       year = {2019},
       month = {6},
       pdf = {201906 - GMerzdovnik - From hack to elaborate technique.pdf},
    }
  • ISaFe - Injecting Security Features into Constrained Embedded Firmware (2019)
    • ARTICLE--
    • Matthias Wenzl and Georg Merzdovnik and Edgar R. Weippl
    • ERCIM News
    @ARTICLE{Wenzl2019ISaFe,
       author = {Matthias Wenzl and Georg Merzdovnik and {Edgar R.} Weippl},
       title = {ISaFe - Injecting Security Features into Constrained Embedded Firmware},
       journal = {ERCIM News},
       year = {2019},
       month = {10},
       pdf = {https://ercim-news.ercim.eu/images/stories/EN119/EN119-web.pdf},
       volume = {119},
    }

This Website uses Cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close