My most-cited publications (and also the papers I’m really proud of having been part of the team):

• Block me if you can: a large-scale study of tracker-blocking tools, by Georg Merzdovnik, Markus Huber, Damjan Buhov, Nick Nikiforakis, Sebastian Neuner, Martin Schmiedecker, and Edgar Weippl. Published in the 2nd European Symposium on Security and Privacy (Euro S&P), 2017. bibtex paper
• No need for black chambers: testing TLS in the e-mail ecosystem at large (best paper award), by Wilfried Mayer, Aaron Zauner, Martin Schmiedecker, Markus Huber. Published in Conference on Availability, Reliability and Security (ARES), 2016. bibtex paper
• Spoiled onions: exposing malicious Tor exit relays, by Philipp Winter, Richard Köwer, Martin Mulazzani, Markus Huber, Sebastian Schrittwieser, Stefan Lindskog, and Edgar Weippl. Published at the 14th International Privacy Enhancing Technologies Symposium (PETS), 2014. bibtex paper
• IMSI-catch me if you can: IMSI-catcher-catchers, by Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani and Edgar Weippl. Published at the Annual Computer Security Applications Conference (ACSAC), 2014. bibtex paper
• Dark clouds on the horizon: using cloud storage as attack vector and online slack space, by Martin Mulazzani and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar Weippl. Published at USENIX Security, 2011. bibtex paper

Public Talks Link to heading

• The Past 10 Years of Automotive Vulnerabilities at Troopers'22 and the MCH 2022 hackercamp
• A hackers view to the upcoming ISO SAE 21434 at BruCon 2019
• Current State of Car Security at the IT-SECX 2018
• From 0 to Exit at the Privacyweek 2018
• An academic’s view to incident response at the SHA 2017 hackercamp
• Turning Incident Response to Eleven at the HackPra in Bochum
• Everything you always wanted to know about Certificate Transparency (but were afraid to ask) at the CCC congress 2016 33c3

Academic Publications (full list, chronological) Link to heading

• Cybersecurity Evaluation of Automotive E/E Architectures, by Martin Ring, Davor Frkat, and Martin Schmiedecker. Published in Computer Science In Cars Symposium (CSCS), 2018. bibtex paper

• Securing the Internet, One HTTP 200 OK at a Time, by Wilfried Mayer, Katharina Krombholz, Martin Schmiedecker, and Edgar Weippl. Published in USENIX ;login: Winter, 2017. bibtex paper

• Real-time Forensics through Endpoint Visibility, by Peter Kieseberg, Sebastian Neuner, Sebastian Schrittwieser, Martin Schmiedeckerand Edgar Weippl. Published in International Conference on Digital Forensics & Cyber Crime (ICDF2C), 2017. bibtex paper

• Timestamp hiccups: Detecting manipulated filesystem timestamps on NTFS, by Sebastian Neuner, Artemios Voyiatzis, Martin Schmiedecker, and Edgar Weippl. Published in International Conference on Availability, Reliability and Security (ARES), 2017. bibtex paper

• I Have No Idea What I’m Doing - On the Usability of Deploying HTTPS, by Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl. Published in USENIX Security Symposium, 2017. bibtex paper

• Turning Active TLS Scanning to Eleven, by Wilfried Mayer and Martin Schmiedecker. Published in IFIP International Information Security and Privacy Conference (IFIP Sec), 2017. bibtex paper

• Block me if you can: a large-scale study of tracker-blocking tools, by Georg Merzdovnik, Markus Huber, Damjan Buhov, Nick Nikiforakis, Sebastian Neuner, Martin Schmiedecker, and Edgar Weippl. Published in the 2nd European Symposium on Security and Privacy (Euro S&P), 2017. bibtex paper

• No need for black chambers: testing TLS in the e-mail ecosystem at large (best paper award), by Wilfried Mayer, Aaron Zauner, Martin Schmiedecker, Markus Huber. Published in Conference on Availability, Reliability and Security (ARES), 2016. bibtex paper

• On Reducing Bottlenecks in Digital Forensics, by Sebastian Neuner Martin Schmiedecker. Published in ERCIM News, 2016. bibtex paper

• Time is on my side: Steganography in filesystem metadata, by Sebastian Neuner, Artemios Voyiatzisa, Martin Schmiedecker, Stefan Brunthaler, Stefan Katzenbeisser, and Edgar Weippl. Published in Digital Investigation, 2016. bibtex paper

• PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics, by Edgar Weippl, Sebastian Neuner, and Martin Schmiedecker. Published in Digital Investigations, 18(7):149–156, 2016. bibtex paper

• Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services, by Georg Merzdovnik, Klaus Falb, Martin Schmiedecker, Artemios G Voyiatzis, and Edgar Weippl. Published in 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec), 2016. bibtex paper

• TLScompare: Crowdsourcing Rules for HTTPS Everywhere, by Wilfried Mayer and Martin Schmiedecker. Published in the Workshop on Empirical Research Methods in Information Security (ERMIS), 2016. bibtex paper

• NavigaTor: Finding Faster Paths to Anonymity, by Robert Annessi and Martin Schmiedecker. Published in European Symposium on Security and Privacy (Euro S&P), 2016. bibtex paper

• Effectiveness of file-based deduplication in digital forensics, by Sebastian Neuner, Martin Schmiedecker, and Edgar Weippl. Published in Security and Communication Networks (SCN), 2016. bibtex paper

• Trust me, I’m a Root CA! Analyzing SSL Root CAs in Modern Browsers and Operating Systems, by Tariq Fadai, Sebastian Schrittwieser, Peter Kieseberg, and Martin Mulazzani. Published in the 10th International Availability, Reliability and Security (ARES), 2015. bibtex paper

• Gradually improving the forensic process, by Sebastian Neuner, Martin Mulazzani, Sebastian Schrittwieser, and Edgar Weippl. Published in the International Conference on Availability, Reliability and Security (ARES), 2015. bibtex paper

• Privacy and Data Protection in Smartphone Messengers, by Christoph Rottermanner, Peter Kieseberg, Markus Huber, Martin Schmiedecker, and Sebastian Schrittwieser. Published in the International Conference on Availability, Reliability and Security (ARES), 2015. bibtex paper

• IMSI-catch me if you can: IMSI-catcher-catchers, by Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani and Edgar Weippl. Published at the Annual Computer Security Applications Conference (ACSAC), 2014. bibtex paper

• Enter sandbox: Android sandbox comparison, by Sebastian Neuner, Victor Van der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, Martin Mulazzani, and Edgar Weippl. Published in the Proceedings of the Mobile Security Technologies workshop (MoST), 2014. bibtex paper

• Spoiled onions: exposing malicious Tor exit relays, by Philipp Winter, Richard Köwer, Martin Mulazzani, Markus Huber, Sebastian Schrittwieser, Stefan Lindskog, and Edgar Weippl. Published at the 14th International Privacy Enhancing Technologies Symposium (PETS), 2014. bibtex paper

• An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata, by Peter Kieseberg, Sebastian Schrittwieser, Martin Mulazzani, Isao Echizen, and Edgar Weippl. Published in Electronic Markets, 2014. bibtex paper

• Covert Computation—Hiding code in code through compile-time obfuscation, by Sebastian Schrittwieser, Stefan Katzenbeisser, Peter Kieseberg, Markus Huber, Manuel Leithner, Martin Mulazzani, and Edgar Weippl. Published in Computers & Security (CoSe), 2014. bibtex paper

• Towards fully automated digital alibis with social interaction, by Stefanie Beyer, Martin Mulazzani, Sebastian Schrittwieser, Markus Huber, and Edgar Weippl. Published in IFIP International Conference on Digital Forensics, 2014. bibtex paper

• Appinspect: large-scale evaluation of social networking apps, by Markus Huber, Martin Mulazzani, Sebastian Schrittwieser, and Edgar Weippl. Published in Conference on Online social networks (COSN), 2013. bibtex paper

• SHPF: Enhancing http(s) session security with browser fingerprinting, by Thomas Unger, Martin Mulazzani, Dominik Fruhwirt, Marco Huber, Sebastian Schrittwieser, and Edgar Weippl. Published in Availability, Reliability and Security (ARES), 2013. bibtex paper

• Ethics in security research: which lines should not be crossed?, by Sebastian Schrittwieser, Martin Mulazzani, and Edgar Weippl. Published in Security and Privacy Workshops (SPW), 2013. bibtex paper

• Fast and reliable browser identification with javascript engine fingerprinting, by Martin Mulazzani, Philipp Reschl, Markus Huber, Manuel Leithner, Sebastian Schrittwieser, and Edgar Weippl. Published in Web 2.0 Workshop on Security and Privacy (W2SP), 2013. bibtex paper

• Using the structure of b+-trees for enhancing logging mechanisms of databases, by Peter Kieseberg, Sebastian Schrittwieser, Lorcan Morgan, Martin Mulazzani, Markus Huber, and Edgar Weippl. Published in International Journal of Web Information Systems, 2013. bibtex paper

• Quantifying windows file slack size and stability, by Martin Mulazzani, Sebastian Neuner, Peter Kieseberg, Markus Huber, Sebastian Schrittwieser, and Edgar Weippl. Published in IFIP International Conference on Digital Forensics, 2013. bibtex paper

• Windows installer security, by Christian Kadluba, Martin Mulazzani, Lorenz Zechner, Sebastian Neuner, and Edgar Weippl. Published in International Conference on Privacy, Security, Risk and Trust (PASSAT), 2013. bibtex paper

• Guess Who’s Texting You? Evaluating the Security of Smartphone Messaging Applications, by Sebastian Schrittwieser, Peter Frühwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar Weippl. Published in Network & Distributed System Security Symposium (NDSS), 2012. bibtex paper

• Social network forensics: Tapping the data pool of social networks, by Martin Mulazzani, Markus Huber, and Edgar Weippl. Published in Eighth Annual IFIP WG, 2012. bibtex paper

• Malicious pixels using QR codes as attack vector, by Peter Kieseberg, Sebastian Schrittwieser, Manuel Leithner, Martin Mulazzani, Edgar Weippl, Lindsay Munroe, and Mayank Sinha. Published in Trustworthy Ubiquitous Computing (TwUC) 2012. bibtex paper

• Social snapshots: Digital forensics for online social networks, by Markus Huber, Martin Mulazzani, Manuel Leithner, Sebastian Schrittwieser, Gilbert Wondracek, and Edgar Weippl. Published in the 27th Annual Computer Security Applications Conference (ACSAC), 2011. bibtex paper

• Trees cannot lie: Using data structures for forensics purposes, by Peter Kieseberg, Sebastian Schrittwieser, Martin Mulazzani, Markus Huber, and Edgar Weippl. Published in Intelligence and Security Informatics Conference (EISIC), 2011. bibtex paper

• Dark clouds on the horizon: using cloud storage as attack vector and online slack space, by Martin Mulazzani and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar Weippl. Published at USENIX Security, 2011. bibtex paper

• Friend-in-the-middle attacks: Exploiting social networking sites for spam, by Markus Huber, Martin Mulazzani, Edgar Weippl, Gerhard Kitzler, and Sigrun Goluch. Published in Internet Computing, 2011. bibtex paper

• Qr code security, by Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Lindsay Munroe, Sebastian Schrittwieser, Mayank Sinha, and Edgar Weippl. Published in the 8th International Conference on Advances in Mobile Computing and Multimedia, 2010. bibtex paper

• Cheap and automated socio-technical attacks based on social networking sites, by Markus Huber, Martin Mulazzani, Sebastian Schrittwieser, and Edgar Weippl. Published in Workshop on Artificial intelligence and security (AiSec), 2010. bibtex paper

• Who on earth is “Mr. Cypher”: automated friend injection attacks on social networking sites, by Markus Huber, Martin Mulazzani, and Edgar Weippl. Published in IFIP International Information Security Conference, 2010. bibtex paper

• Anonymity and monitoring: how to monitor the infrastructure of an anonymity system, by Martin Mulazzani, Markus Huber, and Edgar R Weippl.. Published in Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 2010. bibtex paper

• Social networking sites security: Quo Vadis, by Markus Huber, Martin Mulazzani, and Edgar Weippl. Published in Social Computing (SocialCom), 2010. bibtex paper

• Tor HTTP usage and information leakage, by Markus Huber, Martin Mulazzani, and Edgar Weippl. Published in IFIP International Conference on Communications and Multimedia Security, 2010. bibtex paper

• InnoDB database forensics, by Peter Frühwirt, Marcus Huber, Martin Mulazzani, and Edgar R Weippl. Published in the 24th International Conference on Advanced Information Networking and Applications, 2010. bibtex paper