Katharina Krombholz

is senior researcher at SBA Research.Katharina Krombholz

  • E-Mail
  • Phone: +43 (1) 505 36 88
  • Fax: +43 (1) 505 88 88
  • PGP: 0xC0444D5B
  • PGP Fingerprint: 5E3A 8094 0C15 15BA A415 4A2A B1A5 8EF6 C044 4D5B
  • Google Scholar

Research Interests

Her research focuses on usable security, privacy and digital forensics.

Bio

She completed her Ph.D in November 2016 with distinction. She also received a master’s degree in Media Informatics from the TU Wien in 2012.

During her master’s studies, she spent a semester at the University of Coimbra in Portugal. In 2013, she spent a semester as research intern at the National Institute of Informatics in Tokyo, Japan. In 2015, Katharina spent two months as a research intern at the Ruhr-University in Bochum and worked together with Thorsten Holz. Besides her research activities at SBA Research, she is currently teaching graduate courses on digital forensics TU Wien and the University of Applied Sciences FH Campus Wien and cloud security at the University of Applied Sciences FH Technikum Wien.

Katharina is Vice-Chair of the ACM SIGSAC Vienna Chapter.

Program Committees

Top Publications:

  • QR - Inception: Barcode in Barcode Attacks (2014)
    • INPROCEEDINGS--
    • Adrian Dabrowski and Katharina Krombholz and Johanna Ullrich and Edgar R. Weippl
    • 4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)
    @INPROCEEDINGS{Dabrowski2014Inception,
       author = {Adrian Dabrowski and Katharina Krombholz and Johanna Ullrich and {Edgar R.} Weippl},
       title = {QR - Inception: Barcode in Barcode Attacks},
       booktitle = {4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)},
       year = {2014},
       month = {11},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/qrinception.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/qrinception-barcode-in-barcode-attacks},
    }
  • Poster NDSS 2014: Hardware Trojans--Detect and React? (2014)
    • ARTICLE--
    • Adrian Dabrowski and Peter Fejes and Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Edgar R. Weippl
    • Network and Distributed System Security (NDSS) Symposium 2014
    @ARTICLE{Dabrowski2014Poster,
       author = {Adrian Dabrowski and Peter Fejes and Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and {Edgar R.} Weippl},
       title = {Poster NDSS 2014: Hardware Trojans--Detect and React?},
       journal = {Network and Distributed System Security (NDSS) Symposium 2014},
       year = {2014},
       month = {2},
    }
  • Towards a Hardware Trojan Detection Cycle (2014)
    • INPROCEEDINGStrue-
    • Adrian Dabrowski and Heidelinde Hobel and Johanna Ullrich and Katharina Krombholz and Edgar R. Weippl
    • Second International Workshop on Emerging Cyberthreats and Countermeasures, ARES ECTCM 2014
    @INPROCEEDINGS{Dabrowski2014Towards,
       author = {Adrian Dabrowski and Heidelinde Hobel and Johanna Ullrich and Katharina Krombholz and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {Towards a Hardware Trojan Detection Cycle},
       booktitle = {Second International Workshop on Emerging Cyberthreats and Countermeasures,
       ARES ECTCM 2014},
       year = {2014},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/towards a hardware trojan _paper.pdf},
    }
  • Smart Privacy Visor: Bridging the Privacy Gap (2015)
    • INPROCEEDINGS--
    • Adrian Dabrowski and Katharina Krombholz and Edgar R. Weippl and Isao Echizen
    • Workshop on Privacy by Transparency in Data-Centric Services (BIS 2015)
    @INPROCEEDINGS{Dabrowski2015Smart,
       author = {Adrian Dabrowski and Katharina Krombholz and {Edgar R.} Weippl and Isao Echizen},
       title = {Smart Privacy Visor: Bridging the Privacy Gap},
       booktitle = {Workshop on Privacy by Transparency in Data-Centric Services (BIS 2015)},
       year = {2015},
       month = {6},
       pdf = {http://link.springer.com/chapter/10.1007/978-3-319-26762-3_21},
    }
  • Who are you now? Fading to multiple personas (2016)
    • INPROCEEDINGS--
    • Sven Dietrich and Michael Brenner and Katharina Krombholz
    • Who are you?! Adventures in Authentication (SOUPS Workshop)
    @INPROCEEDINGS{Dietrich2016now,
       author = {Sven Dietrich and Michael Brenner and Katharina Krombholz},
       title = {Who are you now? Fading to multiple personas},
       booktitle = {Who are you?! Adventures in Authentication (SOUPS Workshop)},
       year = {2016},
       month = {0},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Dietrich2016now.pdf},
    }
  • Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations (2014)
    • ARTICLE--
    • Peter Fruehwirt and Peter Kieseberg and Katharina Krombholz and Edgar R. Weippl
    • Digital Investigation
    @ARTICLE{Fruehwirt2014Towards,
       author = {Peter Fruehwirt and Peter Kieseberg and Katharina Krombholz and {Edgar R.} Weippl},
       title = {Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations},
       journal = {Digital Investigation},
       year = {2014},
       month = {0},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/towards a forensic aware_paper.pdf},
       volume = {11},
       pages = {336-348},
    }
  • Automated Analysis of Underground Marketplaces (2014)
    • INPROCEEDINGS--
    • Aleksandar Hudic and Katharina Krombholz and Thomas Otterbein and Christian Platzer and Edgar R. Weippl
    • Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics
    @INPROCEEDINGS{Hudic2014Automated,
       author = {Aleksandar Hudic and Katharina Krombholz and Thomas Otterbein and Christian Platzer and {Edgar R.} Weippl},
       title = {Automated Analysis of Underground Marketplaces},
       booktitle = {Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics},
       year = {2014},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/undergroundmarketplaces.pdf},
       link_slides = {http://de.slideshare.net/SBAResearch/automated-analysis-of-underground-marketplaces-42099600},
    }
  • Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness (2016)
    • INPROCEEDINGS--
    • Thomas Hupperich and Katharina Krombholz and Thorsten Holz
    • 9th International Conference on Trust and Trustworthy Computing
    @INPROCEEDINGS{Hupperich2016Sensor,
       author = {Thomas Hupperich and Katharina Krombholz and Thorsten Holz},
       title = {Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness},
       booktitle = {9th International Conference on Trust and Trustworthy Computing},
       year = {2016},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sensorcaptchas.pdf},
    }
  • A Decision Framework Model for Migration into Cloud: Business, Application, Security and Privacy Perspectives (2014)
    • INPROCEEDINGS--
    • Shareeful Islam and Edgar R. Weippl and Katharina Krombholz
    • IIWAS 2014
    @INPROCEEDINGS{Islam2014Decision,
       author = {Shareeful Islam and {Edgar R.} Weippl and Katharina Krombholz},
       title = {A Decision Framework Model for Migration into Cloud: Business,
       Application,
       Security and Privacy Perspectives},
       booktitle = {IIWAS 2014},
       year = {2014},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/09_iiwas_46.pdf},
    }
  • Blocks and Chains: Introduction to Bitcoin, Cryptocurrencies, and Their Consensus Mechanisms (2017)
    • ARTICLE--
    • Aljosha Judmayer and Nicholas Stifter and Katharina Krombholz and Edgar R. Weippl
    • Synthesis Lectures on Information Security, Privacy, and Trust
    @ARTICLE{Judmayer2017Blocks,
       author = {Aljosha Judmayer and Nicholas Stifter and Katharina Krombholz and {Edgar R.} Weippl},
       title = {Blocks and Chains: Introduction to Bitcoin,
       Cryptocurrencies,
       and Their Consensus Mechanisms},
       journal = {Synthesis Lectures on Information Security,
       Privacy,
       and Trust},
       year = {2017},
       month = {0},
       pdf = {https://doi.org/10.2200/S00773ED1V01Y201704SPT020},
    }
  • Hardware Malware (2013)
    • ARTICLE--
    • Christian Krieg and Adrian Dabrowski and Heidelinde Hobel and Katharina Krombholz and Edgar R. Weippl
    • Synthesis Lectures on Information Security, Privacy, and Trust
    @ARTICLE{Krieg2013Hardware,
       author = {Christian Krieg and Adrian Dabrowski and Heidelinde Hobel and Katharina Krombholz and {Edgar R.} Weippl},
       title = {Hardware Malware},
       journal = {Synthesis Lectures on Information Security,
       Privacy,
       and Trust},
       year = {2013},
       month = {11},
       volume = {4},
       pages = {1-115},
    }
  • Social engineering attacks on the knowledge worker (2013)
    • INPROCEEDINGS--
    • Katharina Krombholz and Heidelinde Hobel and Markus Huber and Edgar R. Weippl
    • Proceedings of the 6th International Conference on Security of Information and Networks
    @INPROCEEDINGS{Krombholz2013Social,
       author = {Katharina Krombholz and Heidelinde Hobel and Markus Huber and {Edgar R.} Weippl},
       title = {Social engineering attacks on the knowledge worker},
       booktitle = {Proceedings of the 6th International Conference on Security of Information and Networks},
       year = {2013},
       month = {11},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sig-alternate.pdf},
       pages = {28--35},
       publisher = {ACM},
    }
  • Advanced social engineering attacks (2014)
    • ARTICLE--
    • Katharina Krombholz and Heidelinde Hobel and Markus Huber and Edgar R. Weippl
    • Journal of Information Security and Applications
    @ARTICLE{Krombholz2014Advanced,
       author = {Katharina Krombholz and Heidelinde Hobel and Markus Huber and {Edgar R.} Weippl},
       title = {Advanced social engineering attacks},
       journal = {Journal of Information Security and Applications},
       year = {2014},
       month = {0},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/jisa_revised.pdf},
    }
  • QR Code Security: A Survey of Attacks and Challenges for Usable Security (2014)
    • INBOOK--
    • Katharina Krombholz and Peter Fruehwirt and Peter Kieseberg and Ioannis Kapsalis and Markus Huber and Edgar R. Weippl
    • Springer
    @INBOOK{Krombholz2014Code,
       author = {Katharina Krombholz and Peter Fruehwirt and Peter Kieseberg and Ioannis Kapsalis and Markus Huber and {Edgar R.} Weippl},
       title = {QR Code Security: A Survey of Attacks and Challenges for Usable Security},
       booktitle = {Human Aspects of Information Security,
       Privacy,
       and Trust},
       year = {2014},
       month = {0},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/llncs.pdf},
       pages = {79--90},
       publisher = {Springer},
       link_slides = {http://de.slideshare.net/SBAResearch/qr-code-security-a-survey-of-attacks-and-challenges-for-usable-security},
    }
  • QR Code Security - How Secure and Usable Apps Can Protect Users Against Malicious QR Codes (2015)
    • INPROCEEDINGS--
    • Katharina Krombholz and Peter Fruehwirt and Thomas Rieder and Ioannis Kapsalis and Johanna Ullrich and Edgar R. Weippl
    • 2015 International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Krombholz2015Code,
       author = {Katharina Krombholz and Peter Fruehwirt and Thomas Rieder and Ioannis Kapsalis and Johanna Ullrich and {Edgar R.} Weippl},
       title = {QR Code Security - How Secure and Usable Apps Can Protect Users Against Malicious QR Codes},
       booktitle = {2015 International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2015},
       month = {8},
       pdf = {http://ieeexplore.ieee.org/document/7299920/},
    }
  • Ok Glass, Leave me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing (2015)
    • INPROCEEDINGS--
    • Katharina Krombholz and Adrian Dabrowski and Matthew Smith and Edgar R. Weippl
    • 1st Workshop on Wearable Security and Privacy
    @INPROCEEDINGS{Krombholz2015Glass,
       author = {Katharina Krombholz and Adrian Dabrowski and Matthew Smith and {Edgar R.} Weippl},
       title = {Ok Glass,
       Leave me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing},
       booktitle = {1st Workshop on Wearable Security and Privacy},
       year = {2015},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Ok Glass.pdf},
    }
  • Privacy for Everyone: Towards an Inclusive Design Approach for Accessible Privacy and Security Technology (2015)
    • INPROCEEDINGS--
    • Katharina Krombholz and Christopher Frauenberger and Edgar R. Weippl
    • Workshop on Inclusive Privacy and Security (WIPS), Symposium On Usable Privacy and Security 2015
    @INPROCEEDINGS{Krombholz2015Privacy,
       author = {Katharina Krombholz and Christopher Frauenberger and {Edgar R.} Weippl},
       title = {Privacy for Everyone: Towards an Inclusive Design Approach for Accessible Privacy and Security Technology},
       booktitle = {Workshop on Inclusive Privacy and Security (WIPS),
       Symposium On Usable Privacy and Security 2015},
       year = {2015},
       month = {7},
       pdf = {https://www.ifs.tuwien.ac.at/node/17062},
    }
  • Für bare Münze? NutzerInnenerfahrungen mit Sicherheit und Datenschutz bei Bitcoin (2016)
    • INPROCEEDINGS--
    • Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl
    • Sicherheit 2016: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.
    @INPROCEEDINGS{Krombholz2016bare,
       author = {Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and {Edgar R.} Weippl},
       title = {Für bare Münze? NutzerInnenerfahrungen mit Sicherheit und Datenschutz bei Bitcoin},
       booktitle = {Sicherheit 2016: Sicherheit,
       Schutz und Zuverlässigkeit,
       Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.},
       year = {2016},
       month = {4},
    }
  • Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices (2016)
    • INPROCEEDINGStruetrue
    • Katharina Krombholz and Thomas Hupperich and Thorsten Holz
    • Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)
    @INPROCEEDINGS{Krombholz2016Force,
       author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices},
       booktitle = {Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)},
       year = {2016},
       month = {0},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Krombholz2016Force.pdf},
       link_slides = {http://www.slideshare.net/SBAResearch/use-the-force-evaluating-forcesensitive-authentication-for-mobile-devices},
    }
  • The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy (2016)
    • INPROCEEDINGStrue-
    • Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl
    • International Conference on Financial Cryptography and Data Security (FC)
    @INPROCEEDINGS{Krombholz2016Other,
       author = {Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy},
       booktitle = {International Conference on Financial Cryptography and Data Security (FC)},
       year = {2016},
       month = {2},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/TheOtherSideOfTheCoin_FC16preConf.pdf},
    }
  • Exploring Design Directions for Wearable Privacy (2017)
    • INPROCEEDINGS--
    • Katharina Krombholz and Adrian Dabrowski and Matthew Smith and Edgar R. Weippl
    • Usable Security
    @INPROCEEDINGS{Krombholz2017Exploring,
       author = {Katharina Krombholz and Adrian Dabrowski and Matthew Smith and {Edgar R.} Weippl},
       title = {Exploring Design Directions for Wearable Privacy},
       booktitle = {Usable Security},
       year = {2017},
       month = {0},
       pdf = {https://www.internetsociety.org/sites/default/files/usec2017_03_2_Krombholz_paper.pdf},
    }
  • May the Force be with You: The Future of Force-Sensitive Authentication (2017)
    • ARTICLEtrue-
    • Katharina Krombholz and Thomas Hupperich and Thorsten Holz
    • Journal of Internet Computing, Special Issue of Usable Security and privacy
    @ARTICLE{Krombholz2017Force,
       author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz},
       sbahotlist = {true},
       title = {May the Force be with You: The Future of Force-Sensitive Authentication},
       journal = {Journal of Internet Computing,
       Special Issue of Usable Security and privacy},
       year = {2017},
       month = {0},
    }
  • "I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS (2017)
    • INPROCEEDINGStrue-
    • Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and Edgar R. Weippl
    • 26th USENIX Security Symposium (USENIX Security 2017)
    @INPROCEEDINGS{Krombholz2017Have,
       author = {Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and {Edgar R.} Weippl},
       sbahotlist = {true},
       title = {"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS},
       booktitle = {26th USENIX Security Symposium (USENIX Security 2017)},
       year = {2017},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sec17-krombholz.pdf},
       link_slides = {https://www.slideshare.net/SBAResearch/i-have-no-idea-what-im-doing-on-the-usability-of-deploying-https},
    }
  • Hand Dynamics for Behavioral User Authentication (2016)
    • INPROCEEDINGS--
    • Fuensanta Torres Garcia and Katharina Krombholz and Rudolf Mayer and Edgar R. Weippl
    • 5th International Workshop on Security of Mobile Applications (IWSMA 2016)
    @INPROCEEDINGS{TorresGarcia2016Hand,
       author = {Fuensanta {Torres Garcia} and Katharina Krombholz and Rudolf Mayer and {Edgar R.} Weippl},
       title = {Hand Dynamics for Behavioral User Authentication},
       booktitle = {5th International Workshop on Security of Mobile Applications (IWSMA 2016)},
       year = {2016},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/ARES_2016_paper_19 (2).pdf},
    }
  • IPv6 Security: Attacks and Countermeasures in a Nutshell (2014)
    • INPROCEEDINGS--
    • Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and Edgar R. Weippl
    • 8th USENIX Workshop on Offensive Technologies (WOOT)
    @INPROCEEDINGS{Ullrich2014IPv6,
       author = {Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and {Edgar R.} Weippl},
       title = {IPv6 Security: Attacks and Countermeasures in a Nutshell},
       booktitle = {8th USENIX Workshop on Offensive Technologies (WOOT)},
       year = {2014},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Johanna IPv6.pdf},
       link_slides = {http://de.slideshare.net/SBAResearch/ipv6-security-attacks-and-countermeasures-in-a-nutshell},
    }
  • IPv6 Security: Attacks and Countermeasures in a Nutshell (2015)
    • ARTICLE--
    • Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and Edgar R. Weippl
    • Magdeburger Journal zur Sicherheitsforschung
    @ARTICLE{Ullrich2015IPv6,
       author = {Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and {Edgar R.} Weippl},
       title = {IPv6 Security: Attacks and Countermeasures in a Nutshell},
       journal = {Magdeburger Journal zur Sicherheitsforschung},
       year = {2015},
       month = {3},
       pdf = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_035_Ullrich_IPv6.pdf},
       volume = {1},
    }
  • On Reconnaissance with IPv6: A Pattern-Based Scanning Approach (2015)
    • INPROCEEDINGS--
    • Johanna Ullrich and Peter Kieseberg and Katharina Krombholz and Edgar R. Weippl
    • International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Ullrich2015Reconnaissance,
       author = {Johanna Ullrich and Peter Kieseberg and Katharina Krombholz and {Edgar R.} Weippl},
       title = {On Reconnaissance with IPv6: A Pattern-Based Scanning Approach},
       booktitle = {International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2015},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/PID3762727.pdf},
    }
  • Fake Identities in Social Media: A Case Study on the Sustainability of the Facebook Business Model (2012)
    • ARTICLE--
    • Katharina Krombholz and Dieter Merkl and Edgar R. Weippl
    • Journal of Service Science Research
    @ARTICLE{_Fake_Identities_in_Social_Medi_2012,
       author = {Katharina Krombholz and Dieter Merkl and {Edgar R.} Weippl},
       title = {Fake Identities in Social Media: A Case Study on the Sustainability of the Facebook Business Model},
       journal = {Journal of Service Science Research},
       year = {2012},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/krombholzetal2012.pdf},
    }

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close