SBA Research is a research center for Information Security funded by the national initiative for COMET Competence Centers for Excellent Technologies. We bring together 25 companies, 4 Austrian universities, one university of applied sciences, a non-university research institute, and many international research partners to jointly work on challenges ranging from organizational to technical security.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT


“Malware in Silicon II” Abschluss-Event

Malware in Silizium wird ein zunehmend wichtigeres Thema. Da die Aufrechterhaltung eines Fabs sehr teuer ist, verlagern immer mehr Unternehmen Ihre Chip Produktion zu Auftragsfertigern ins Ausland. Doch wer garantiert, dass nicht absichtliche Backdoors oder Datenlecks in die Chips eingeschleust werden? Das Projekt “Malware in Silicon II”* präsentiert seine Ergebnisse und lädt aus diesem Anlass zum Abschluss-Event.

25. Juli 2014; 12.00 – 13.30 Uhr
Weiter Infos finden Sie hier.

SBA Research at the EU Korea Conference on Science and Technology (EKC 2014)

Aljosha Judmayer and Martin Mulazzani will present recent research results of SBA Research at the EU Korea Conference on Science and Technology, including methods to detect and prevent HTTP session hijacking, as well as large-scale exploitation of online services and social engineering. The EKC 2014 will be held from 23rd to 25th of July 2014 at the Vienna University of Economics and Business.
You can find the program here:

SACMAT 2015 in Vienna

SACMAT 2015 will be held in Vienna from June 1-3; SBA Research is the local organizer.








Dimitris Simos at JAMAICA 2014

Dimitris Simos gives a talk on July, 21st in the second Workshop on Joining AcadeMiA and Industry Contributions  (JAMAICA 2014) about Test Automation and Model-based Testing. The workshop is co-located with the International Symposium on Software Testing and Analysis (ISSTA 2014) taking place at Hilton San Jose, Bay Area, California, USA during July 21-July 25.


FFG Bridge Projekt “Transport Layer Security in Practice” genehmigt

Das Projekt „Transport Layer Security in Practice (TLSiP)“ beschäftigt sich mit Methoden zur Erkennung von unsicheren kryptografische Verfahren bei Internetservices und soll Internetbenutzern eine transparente Lösung für sichere Internetkommunikation ermöglichen. Das Internet hat sich in unserer Gesellschaft als ein wichtigstes Kommunikationswerkzeug etabliert und für viele Bereiche wie der täglichen Kommunikation, Online-Handel oder Online-Banking ist eine gesicherte Datenübertragung unabdingbar geworden. Transport Layer Security (TLS) hat sich hierbei als Standardprotokoll durchgesetzt. Die Verfügbarkeit von Werkzeugen und Studien zur Verbesserung der Verwendung von TLS ist daher wichtig und von steigender Bedeutung für Gesellschaft und Wirtschaft.

Partner: Cyan Networks Software

FFG Bridge Project “Speed Forensics” granted

This project aims to fundamentally increase the performance of current state of-the-art forensic methods and decrease the manual work necessary for a forensic analyst by 1) developing new methods to increase the use of parallelized data processing within the specific environment of digital forensics, 2) identifying the best method(s) on how to exclude a possibly vast number of files and file system artefacts that are not specific to a case, and 3) streamlining and improve methods proposed in the literature that have not been included into existing processing steps for additional insights for various reasons. The overall degree of automation in the forensic process will be increased and as such will allow the analyst to focus on case-specifics in the near future instead of being overwhelmed with unrelated data. Furthermore, due to the much finer granularity of data analysis, we believe that this will allow the creation of new tools and analysis methods based on our findings.

Partner: Bravestone Information-Technology

Kick Off Meeting K-Projekt DEXHELPP auf Stift Vorau

BITCRIME – Bilaterales KIRAS Projekt zu Organisierter Kriminalität genehmigt

Ziel dieses Projektvorhabens ist die Erforschung innovativer Lösungen zur Identifikation, Prävention und Reduktion der organisierten Finanzkriminalität am Beispiel der Geldwäsche und mit besonderer Hinsicht auf virtuelle Währungen.

Projektpartner aus Österreich:

Projektpartner aus Deutschland:

Martin Mulazzani at PETS2014

Martin Mulazzani presented the paper on malicious Tor exit relays at PETS2014 in Amsterdam.

Core contribution of the paper are two modular exit relay scanners which can detect various MitM attacks and passive credential sniffing attacks, namely exitmap and HoneyConnector. You can find the slides here. Details and the links to the source code repositories of the scanners can be found here.

Media coverage: Deutschlandfunk ThreatPost WIRED Ars Technica LWN

This was DBSec’14

The 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec’14) was held in Vienna, Austria from 14-16 July 2014, organized by SBA Research.


MOST Paper revised

We updated our paper on comparing multiple dynamic Android analysis frameworks, to remove incorrect statements as well as to clarify inprecise statements.

You can find the updated version here: here
The slides can be found here: here

The abstract of the paper: Expecting the shipment of 1 billion Android devices in 2017, cyber criminals have naturally extended their vicious activities towards Google’s mobile operating system. With an estimated number of 700 new Android applications released every day, keeping control over malware is an increasingly challenging task. In recent years, a vast number of static and dynamic code analysis platforms for analyzing Android applications and making decision regarding their maliciousness have been introduced in academia and in the commercial world. These platforms differ heavily in terms of feature support and application properties being analyzed. In this paper, we give an overview of the state-of-the-art dynamic code analysis platforms for Android and evaluate their effectiveness with samples from known malware corpora as well as known Android bugs like Master Key. Our results indicate a low level of diversity in analysis platforms resulting from code reuse that leaves the evaluated systems vulnerable to evasion. Furthermore the Master Key bugs could be exploited by malware to hide malicious behavior from the sandboxes.

DBSec 2014

DBSec just started with Chris Clifton’s keynote on privacy.
Visit the conference website for details.
2014-07-14 10.32.44

IPICS 2014: Social Engineering and Research Ethics

At this year’s IPCIS summer school Edgar Weippl teaches two classes: (1) Social Engineering and (2) Research Ethics. View program.

Internet research scans about to start

We are about to start our Internet research scans regarding TLS and Bitcoin/Namecoin P2P networks. These scans are non-intrusive and collect information for two research projects (BitScan and TLSiP) in conjuction with the Vienna University of Technology. The goals of these projects are (among other things) to quantify and empiricaly evaluate the security of large-scale protocols used by hundreds of million users daily, in particular HTTPS and Bitcoin/Namecoin.

If you want to be excluded from the scans, please send us an email:

Research Update

Weiterführende Informationen zum Research Update: Heartbleed Kurzvortrag und Re-test der Smartphone-Messenger.
View PDF.

Adrian Dabrowski über RFID Chips

Adrian Dabrowski, RFID & NFC Spezialist der SBA Research stand ORF Konkret Rede und Antwort über die Möglichkeiten von RFID Chips und ihren Gefahren.


ORF2, 2.7.2014 18:30

Usmile – Josef-Ressel-Center midterm evaluation

The Josef-Ressel-Center (usmile) at FH Hagenberg with an external module at SBA Research was successfully evaluated and we can continue our research as planned.

2014-07-01 at 09-56-16

2014-07-01 at 12-32-38

2014-07-01 at 13-16-48

Secure Zurich: Edgar Weippl on Social Engineering

Edgar Weippl gave a presentation on technically mediated social engineering attacks at ISC2 Secure Zurich.

Rückblick Galaabend der TU Wien

Auf dem Galaabend der TU Wien war IT-Sicherheit ein Schwerpunkt (Hacker Competition; das Team von SBA Research gewann).

Edgar Weippl, SBA Research

Guest talk: “Machine Learning in security applications”

Dr. Eyal Kolman, Principal research scientist, CTO RSA Israel | RSA, The Security Division of EMC, gives a talk about “Machine Learning in security applications ”. Abstract
Wednesday, June 18, 2014 10:30 -11:30

2014-06-18 11.41.10

Sebastian Schrittwieser PhD defense

Sebastian defended his thesis successfully and graduated with distinction. Congratulations!
2014-06-16 09.06.21