The International Secure Systems Lab is the union of five systems security research labs and was
originally founded in 2005 at the Technical University of Vienna. As
of 2008, the Secure Systems Lab has became international and was initially
distributed over three geographical locations including the Institute Eurécom in the French Riviera and the University of California, Santa
Barbara. In 2010, Ruhr University in Bochum in Germany joined the iSecLab family, and in 2011, Northeastern University came on board.
In 2012 the Hardware Security Lab Vienna was founded to conduct in-depth security research on embedded devices and Integrated Circuits.
Lab members collaborate closely, apply for joint funding, share data, exchange ideas, and have fun together.
iSecLab encourages and supports student and faculty mobility within the labs. The research focus is on applied computer security, with
a recent emphasis on web security, malware analysis, intrusion
detection, and vulnerability analysis.
Some of the iSecLab Anubis
development work is being sponsored by Lastline, Inc.
, a spin-off of UCSB, as a free public service:
Click here to request a Lastline Analyst account for added functionality
Work in the lab is also being sponsored by the European Commission, Austrian FWF, French ANR, Office of Naval Research, DARPA, and the National Science Foundation.
Practicals, Theses and Internships
Our lab is constantly
looking for motivated TU Vienna students who want to
do a practical ("Praktikum"), an internship or a thesis with us. If you think you
have what it takes, please have a look at this page.
- 10.04.2015 Our team "We_0wn_Y0u" ranked 3rd in this year's iCTF 2014-2015 contest.
- 04.11.2014 We are attending CCS 2014 to present some of our work.
- 22.03.2013 Our CTF team WE_0WN_Y0U scored the 2nd place at this year's iCTF (scoreboard)
- 11.01.2013 There was a report on our clickonomics paper: NDSS 2013
- 03.12.2012 Quite a number of us are attending ACSAC 2012 to present papers -- as iSecLab, we have 5-6 papers ;)
- 02.12.2012 There was a report on our upload payments paper: Raid 2012
- 07.11.2012 The Hardware Security Lab in Vienna in founded. We're looking forward to do some groundbreaking Hardware Security research in the future !
- 25.11.2012 Our CTF team WE_0WN_Y0U scored the 3rd place at this year's RuCTFE.
- 16.10.2012 We are presenting our paper Vanity, Cracks and Malware: Insights into the Anti-Copy Protection Ecosystem at CCS 2012.
- 29.07.2012 Our CTF team WE_0WN_Y0U participated in the 20th DEFCON CTF, ranking at place 16/20.
- 19.07.2012 Our brandnew lecture environment is online.
- 30.05.2012 We have released Andrubis our brand new extension for Anubis that allows analysis of Android APKs!
- 05.02.2012 We attended NDSS 2012 to present a paper.
- 03.12.2011 Our Team We_0wn_Y0u from Vienna scored first on the ictf2011!! Click here for the final scoreboard. Details follow.
- 08.11.2011 Forbes reports on our paper on the security of the Amazon Cloud services.
- 24.05.2011 We are attending IEEE S&P in Oakland to present a paper.
- 15.05.2011 The Register reports on our study on the privacy of file sharing services.
- 17.03.2011 Forbes reports on on our recent HPP work at Blackhat Europe.
- 07.03.2011 We attended Financial Crypto 2011 in St. Lucia to present a paper.
- 09.02.2011 We attended NDSS to present papers.
- 09.02.2011 NewScientist published an article on EXPOSURE.
- 25.01.2011 MIT Tech Review published an article on our iPhone app study.
- 23.12.2010 We attended ACSAC to present papers.
- 09.12.2010 We are online with PAPAS (currently in Beta), a system to scan websites for HTTP Parameter Pollution vulnerabilitites. Please refer to this blog post for more information.
- 14.10.2010 We now have an iSecLab blog.
- 29.09.2010 Next week, we are attending ACM CCS in Chicago to present a paper on system-centric malware protection.
- 14.09.2010 We are attending RAID 2010 to present a paper on the privacy of social-networks.
- 25.08.2010 Chris was named TR35 young innovator.
- 11.08.2010 We are attending USENIX Security 2010 to present a paper on web vulnerability detection.
- 30.07.2010 We are attending the Google faculty summit . Interesting talks on security, social nets, and cloud. Nice fit for our research
- 27.07.2010 We are attending the DEFCON Capture the Flag contest this weekend in Las Vegas. We are Team Shellphish.
- 14.07.2010 We are attending SOUPS 2010 to present a poster on our de-anonymization paper for social networks.
- 02.07.2010 Next week, we are attending DIMVA in Bonn, Germany to present a paper.
- 02.07.2010 We attended OWASP AppSec Research 2010 with a talk on Clickjacking.
- 01.07.2010 Thorsten Holz, one of our previous fellows has joined iSecLab as faculty. We welcome Ruhr University Bochum.
- 12.06.2010 Wow, two of our recent publications have been Slashdotted at the same time: Here and here.
- 12.06.2010 PC World published an article on our WEIS 2010 paper.
- 11.06.2010 BBC News published an article on our WEIS 2010 paper.
- 10.06.2010 DarkReading published an article on our LEET 2010 paper.
- 09.06.2010 We attended WEIS 2010 at Harvard University to present a paper.
- 19.05.2010 We just attended IEEE Security and Privacy to present papers.
- 19.04.2010 We just attended Asia CCS in Beijing, China to present a paper.
- 28.03.2010 We just attended ACM SAC 2010 in Sierre, Switzerland to present several papers.
- 23.03.2010 Brian Krebs blogged about our system FIRE.
- 05.03.2010 We just attended NDSS 2010 in San Diego to present a paper.
- 24.02.2010 DarkReading published an article on our deanonymization attack.
- The 3rd place of our join iCTF Team "We_0wn_Y0u" in the iCTF 2014-2015 contest was covered here:
[TU-Wien], [Futurezone], [derStandard], [OE24], [vienna.at], [Wirtschaftsblatt], [Finanzen.at], [Nachrichten.at] and others.
- We were interviewed by the 'Help' Magazin regarding the secure deletion of user data from smart phones: [link]
- There was an interview with us concerning Smart Phone Application Security: [link]
- The Austrian Futurezone covers our joint Smart Grid Security project SG2 and the critical infrastructure security research conducted at the Hardware Security Lab Vienna: [link]
- Markus Kammerstetter is Studio Guest in 'Pro und Contra' concerning Edward Snowden and privacy: [Stream]
- The TV Magazine "Newton" covered the Hardware Security Labs research on embedded system security for building fire alarm systems: [link]
- The Austrian newspaper "der Standard" reported on our success at the iCTF 2013 [link]
- There was a report on our clickonomics paper: NDSS 2013
- DarkReading reported on our upcoming ACSAC paper: Disclosure
- There was a report on our upload payments paper: Raid 2012
- The Austrian newspaper Standard reports about our Facebook paper and PiOS [link]
- Austria national TV (ORF) interviews iSecLab on recent Anonymous activity [Stream]
- Funkschau (12/2011) writes about iSecLab, iPhone and Appz [download]
- Switzerland national TV reports about PiOS [Stream]
- The Register reports on our study on the privacy of file sharing services.
- Forbes reports on on our recent HPP work at Blackhat Europe.
- NewScientist published an article on EXPOSURE.
- MIT Tech Review published an article on our iPhone app study.
- Two of our recent publications have been Slashdotted at the same time: Here and here.
- PC World published an article on our WEIS 2010 paper.
BBC News published an article on our WEIS 2010 paper.
DarkReading published an article on our LEET 2010 paper.
Brian Krebs blogged about our system FIRE.
DarkReading published an article on our our deanonymization attack.
Our deanonymization attack has been Slashdotted
Spiegel Online has published an article on our deanonymization attack.
Heise.de published an article on our social network deanonymization attack.
We gave an interview to Nature related to our work that shows that profile cloning attacks are feasible in practice.
Last Modified: Mon Apr 20 09:58:23 CEST 2015