Systems & Application Security

Software plays an essential role in the security of IT systems: Most attacks on IT systems are carried out with the help of malware, i.e. software; and this malware exploits weak points (from a security point of view: programming errors) in regularly installed software on the victim system. Systems Security must therefore deal with the detection of malware on the one hand and methods of developing secure software on the other.

Attacks with malware pose an ever-increasing threat to the IT infrastructure, not only in the private sphere, but above all in the business and government sectors. The number of newly discovered malware cases per year is already in the tens of millions. Therefore the importance of the analysis of suspicious codes and the development of defense measures (antivirus software and intrusion detection systems) is increasing more and more.

The research focus Systems & Application Security is primarily concerned with the dynamic analysis of malware: the suspicious code samples are executed in a secure environment and the activities logged. For these execution traces, patterns for certain (malicious) behaviors are defined. Data mining algorithms are used to find, categorize and classify these patterns. Another focus is the use of formal methods to describe malicious (or "normal") behavior patterns.

A further research topic of this focus is the topic of digital forensics: Digital forensics deals with the securing, evaluation and documentation of evidence on digital data carriers. Our fields of activity include file carving, mobile forensics, cloud forensics, eDiscovery, privacy and database forensics. Anti-forensics can be seen as an antithesis to forensics. The Institute's fields of activity in this area include the development of new steganographic methods, steganalysis and the topic of software obfuscation.

Key Focus Coordinator

  • Head of Research Institute
    Institute of IT Security Research
  • Head of Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • International Coordinator
  • Department of Computer Science and Security
P: +43/676/847 228 648

Research Staff

  • Junior Researcher
    Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • Department of Computer Science and Security
  • Junior Researcher Institute of IT Security Research
  • Department of Computer Science and Security
P: +43/2742/313 228 699
  • Research Assistant
    Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • Department of Computer Science and Security
  • Lecturer
  • Department of Computer Science and Security
  • Junior Researcher
    Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • Department of Computer Science and Security
  • Research Assistant
    Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • Department of Computer Science and Security
  • Researcher
    Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks
  • Department of Computer Science and Security
P: +43/2742/313 228 690

Projects

MalwareDef– Recognition through description

Defining formal descriptions of potentially malicious actions to allow developing proactive defensive measures

Data Mining für Malware Klassifizierung

Das Projekt konzentriert sich auf diejenigen Samples, deren Zuordnung zu Clustern mit den bisherigen Methoden nicht oder nur mit großem Aufwand (manuelle Analyse und Zuordnung) zu bewerkstelligen is...

SmartMeterIDS

This project aims at improving the operational security of advanced metering infrastructures by the development of an innovative intrusion detection system tailored to the specific characteristics.

Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET)

The Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) is a research institution operated by the St. Pölten University of Applied Sciences. Its mission is to explore nov...

Publications