Team

FH-Prof. Dipl.-Ing. Dr. Sebastian Schrittwieser Bakk.

  • Head of Research Institute
    Institute of IT Security Research
  • Head of Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • International Coordinator
  • Department of Computer Science and Security
Location: Matthias Corvinus-Straße 15
M: +43/676/847 228 648

Study programmes

  • Information Security (MA)
  • Applied Research and Innovation in Computer Science (MA)
  • IT Security (BA)
  • Data Science and Business Analytics (BA)

Departments

  • Computer Science and Security

Short profile

  • 2006-2010 Studies for the master program in Economics and Computer Science with a focus on IT-Security (Vienna University of Technology)
  • 2010-2013 Researcher for IT Security (SBA Research)
  • 2010-2014 Studies for the doctoral program in Computer Science (Vienna University of Technology)
  • since 09/2013: Lecturer for IT Security, St. Pölten University of Applied Sciences
  • since 04/2015: Head of Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks

Download CV

Publications

Schrittwieser, S., Rauchberger, J., Dam, T., & Buhov, D. (2019, April). Coineater: Automatisierte Erkennung Von Krypto-Mining Im Webbrowser. Presented at the FFH Forum, Wiener Neustadt, Österreich.
Limbeck-Lilienau, B., & Schrittwieser, S. (2019, January). Cryptojacking – und warum ist mein Akku immer gleich leer?! Presented at the Security Day, FH St. Pölten.
Schrittwieser, S. (2018, March). Chancen und Potentiale in der IT Sicherheit. Presented at the Cybersecurity Vernetzungstreffen DE-AT, Wien.
Schrittwieser, S. (2018, November). Josef Ressel Zentrum TARGET. Presented at the Technopol Frühstück, Wieselburg.
Schrittwieser, S. (2018, November). Explainable AI. Presented at the EBDVF, Wien.
Schrittwieser, S. (2018, November). Chancen und Potentiale in der IT-Sicherheit. Presented at the European Big Data Value Forum, Wien.
Schrittwieser, S. (2018, September). Trends in Security Research. Presented at the IDC Security Roadshow, Wien.
Schrittwieser, S. (2018, September). Neue Herausforderungen in der IT Security. Presented at the IDC Security Roadshow, Wien.
Schrittwieser, S. (2018, May). Security by Obscurity. Presented at the We Are Developers - World Congress, Wien.
Schrittwieser, S., & Luh, R. (2018, April). Mord im Planetarium - Ein Ausflug in die Welt der Digitalen Forensik. Presented at the Volkshochschule Wien, Wien.
Luh, R., Schramm, G., Wagner, M., Janicke, H., & Schrittwieser, S. (2018). SEQUIN: a grammar inference framework for analyzing malicious system behavior. Journal of Computer Virology and Hacking Techniques, 01–21. https://doi.org/10.1007/s11416-018-0318-x
Schrittwieser, S. (2018, February). Crypto-Mining im Webbrowser. Presented at the Studiengangsbeirat, Fachhochschule St. Pölten.
Rauchberger, J., Schrittwieser, S., Dam, T., Luh, R., Buhov, D., Pötzelsberger, G., & Kim, H. (2018). The Other Side of the Coin: A Framework for Detecting and Analyzing Web-based Cryptocurrency Mining Campaigns. In Proceedings of the 13th International Conference on Availability, Reliability and Security. Hamburg, Deutschland: ACM.
Luh, Robert, Temper, M., Tjoa, S., & Schrittwieser, S. (2018). APT RPG: Design of a Gamified Attacker/Defender Meta Model. In International Workshop on FORmal methods for Security Engineering.
Buhov, D., Rauchberger, J., & Schrittwieser, S. (2018). FLASH: Is the 20th Century Hero Really Gone? Large-Scale Evaluation on Flash Usage & Its Security and Privacy Implications. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 9(4), 15. https://doi.org/http://dx.doi.org/10.22667/JOWUA.2018.12.31.026
Kieseberg, P., Schrittwieser, S., & Weippl, E. (2018). Structural Limitations of B+-Tree forensics. In Proceedings of the Central European Cybersecurity Conference 2018 on - CECC 2018 (pp. 1–4). Ljubljana, Slovenia: ACM Press. https://doi.org/10.1145/3277570.3277579
Schrittwieser, S. (2017, October). Sign up with your phone number, no password to remember! – On the privacy risks of using phones as unique user identifiers and possible mitigations. Presented at the IT-SECX, St. Pölten, Austria.
Marschalek, S., Luh, R., & Schrittwieser, S. (2017). Endpoint Data Classification Using Markov Chains. In 2017 International Conference on Software Security and Assurance (ICSSA) (pp. 56–59). Altoona, PA: IEEE. https://doi.org/10.1109/ICSSA.2017.17
Valicek, M., Schramm, G., Pirker, M., & Schrittwieser, S. (2017). Creation and Integration of Remote High Interaction Honeypots. In 2017 International Conference on Software Security and Assurance (ICSSA) (pp. 50–55). Altoona, PA: IEEE. https://doi.org/10.1109/ICSSA.2017.21
Luh, R., Schrittwieser, S., Janicke, H., & Marschalek, S. (2017). Design of an Anomaly-based Threat Detection & Explication System. Presented at the Third International Conference on Information Systems Security and Privacy, Madeira, Portugal.
Luh, R., Schrittwieser, S., Marschalek, S., Janicke, H., & Weippl, E. (2017). Design of an Anomaly-based Threat Detection & Explication System. Presented at the 22nd ACM Symposium on Access Control Models and Technologies (SACMAT), ACM. https://doi.org/10.1145/3078861.3084162
Wagner, M., Sacha, D., Rind, A., Fischer, F., Luh, R., Schrittwieser, S., … Aigner, W. (2017). Visual Analytics: Foundations and Experiences in Malware Analysis. In L. B. Othmane, M. G. Jaatun, & E. Weippl (Eds.), Empirical Research for Software Security: Foundations and Experience (pp. 139–171). CRC/Taylor and Francis.
Kieseberg, P., Schrittwieser, S., Malle, B., & Weippl, E. (2017). Das Testen von Algorithmen in sensibler datengetriebener Forschung. Rundbrief Des Fachausschusses Management Der Anwendungsentwicklung Und -Wartung (WI-MAW).
Kieseberg, P., Neuner, S., Schrittwieser, S., & Schmiedecker, M. (2017). Real-time Forensics through Endpoint Visibility. Presented at the International Conference on Digital Forensics & Cyber Crime (ICDF2C).
Kim, J., Kim, K., Cho, J., Kim, H., & Schrittwieser, S. (2017). Hello, Facebook! Here is the stalkers" paradise!: Design and analysis of enumeration attack using phone numbers on Facebook. Presented at the 13th International Conference on Information Security Practice and Experience (ISPEC 2017).
Kieseberg, P., Frühwirt, P., & Schrittwieser, S. (2017). Security Testing for Mobile Applications. ERCIM News, 109, 52–53.
Kieseberg, P., Weippl, E., & Schrittwieser, S. (2017). Forensics using Internal Database Structures. ERCIM News, (108).
Eresheim, S., Luh, R., & Schrittwieser, S. (2017). The Evolution of Process Hiding Techniques in Malware – Current Threats and Possible Countermeasures. Journal of Information Processing. https://doi.org/10.2197/ipsjjip.25.866
Rauchberger, J., Luh, R., & Schrittwieser, S. (2017). Longkit - A Universal Framework for BIOS/UEFI Rootkits in System Management Mode. Presented at the Third International Conference on Information Systems Security and Privacy, Madeira, Portugal.
Luh, R., Schrittwieser, S., & Marschalek, S. (2017). LLR-based Sentiment Analysis for Kernel Event Sequences. Presented at the 31th International Conference on Advanced Information Networking and Applications, IEEE.
Luh, R., Schramm, G., Wagner, M., & Schrittwieser, S. (2017). Sequitur-based Inference and Analysis Framework for Malicious System Behavior. Presented at the First International Workshop on Formal Methods for Security Engineering.
Marschalek, S., Kaiser, M., Luh, R., & Schrittwieser, S. (2016). Empirical Malware Research through Observation of System Behaviour. In First Workshop on Empirical Research Methods in Information Security (pp. 467–469). ACM. https://doi.org/10.1145/2872518.2888609
Luh, R., Schrittwieser, S., & Marschalek, S. (2016). TAON: An Ontology-based Approach to Mitigating Targeted Attacks. Presented at the International Conference on Information Integration and Web-based Applications & Services (iiWAS), ACM.
Schrittwieser, S., Katzenbeisser, S., Kinder, J., Merzdovnik, G., & Weippl, E. (2016). Protecting software through obfuscation: Can it keep pace with progress in code analysis. Computing Surveys, 49(1).
Malle, B., Kieseberg, P., Schrittwieser, S., & Holzinger, A. (2016). Privacy Aware Machine Learning and the Right to be Forgotten. ERCIM News, (107).
Kieseberg, P., Weippl, E., & Schrittwieser, S. (2016). Detection of Data Leaks in Collaborative Data Driven Research. ERCIM News, (105).
Kieseberg, P., Weippl, E., & Schrittwieser, S. (2016). Forensics using Internal Database Structures. ERCIM News, (108).
Luh, R., Marschalek, S., Kaiser, M., Janicke, H., & Schrittwieser, S. (2016). Semantics-aware detection of targeted attacks – A survey. Journal of Computer Virology and Hacking Techniques, 1–39. https://doi.org/10.1007/s11416-016-0273-3
Buhov, D., Thron, R., & Schrittwieser, S. (2016). Catch Me If You Can! Transparent Detection Of Shellcode. Presented at the the 2016 International Conference on Software Security and Assurance (ICSSA), IEEE.
Schrittwieser, S. (2015, November). Regin - Chronologie eines gezielten IT-Angriffs. Presented at the IT-SeCX, St. Pölten, Austria.
Mueller, R., Schrittwieser, S., Fruehwirt, P., Kieseberg, P., & Weippl, E. (2015). Security and privacy of smartphone messaging applications. In International Journal of Pervasive Computing and Communications (Vol. 11).
Fadai, T., Schrittwieser, S., Kieseberg, P., & Mulazzani, M. (2015). Trust me, I am a Root CA! Analyzing SSL Root CAs in modern Browsers and Operating Systems. In International Conference on Availability, Reliability and Security (ARES).
Kieseberg, P., Fruehwirt, P., Schrittwieser, S., & Weippl, E. R. (2015). Security tests for mobile applications - Why using TLS or SSL is not enough. In 2015 IEEE Eighth International Conference on Software Testing, Verification and Validation Workshops (ICSTW).
Neuner, S., Mulazzani, M., Schrittwieser, S., & Weippl, E. R. (2015). Gradually Improving the Forensic Process. In International Workshop on Cyber Crime (IWCC).
Marschalek, S., Luh, R., Kaiser, M., & Schrittwieser, S. (2015). Classifying Malicious System Behavior using Event Propagation Trees. In Proceedings of the 17th International Con- ference on Information Integration and Web-based Applications Services (iiWAS2015).
Rottermanner, C., Kieseberg, P., Huber, M., Schmiedecker, M., & Schrittwieser, S. (2015). Privacy and Data Protection in Smartphone Messengers. In Proceedings of the 17th International Conference on Information Integration and Web-based Applications Services (iiWAS2015).
Kieseberg, P., Schrittwieser, S., Mulazzani, M., Echizen, I., & Weippl, E. (2014). An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata. Special Issue on Security and Privacy in Business Networking.
Fruehwirt, P., Kieseberg, P., Hochreiner, C., Schrittwieser, S., & Weippl, E. (2014). InnoDB Datenbank Forensik – Rekonstruktion von Abfragen über Datenbank-interne Logfiles. In GI Sicherheit 2014.
Beyer, S., Mulazzani, M., Schrittwieser, S., Huber, M., & Weippl, E. (2014). Towards Fully Automated Digital Alibis with Social Interaction. In Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics.

Projects