TU Wien Informatics

Overview Professors Scientific Staff Administrative Staff Student Staff External Lecturers By Responsibilities By Committee By Name
Related
Guest Professors Honoraries Alumni (LinkedIn) #5qw

Carlotta Tagliaro

Dr.techn. / MSc

Research Areas

  • Internet of Things, System Security, Cybersecurity
Carlotta Tagliaro

About

I joined the Security and Privacy group at TU Wien in October 2021 as a PhD student. My current research focuses on the IoT ecosystem and the security of network protocols IoT devices use to communicate (e.g., MQTT, CoAP, HbbTV). I am also interested in the role that companion apps (i.e., apps with which a user can remotely control their IoT devices) play in the communication between devices and cloud backends and how such apps could impact the security and privacy of consumers.

Role

Contact

  • “Things” Fall Apart : Adventures in Securing a World of Connected Chaos / Tagliaro, C. (2026). “Things” Fall Apart : Adventures in Securing a World of Connected Chaos [Dissertation, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2026.100308
    Download: PDF (6.39 MB)
  • Are You Sure You Want To Do Coordinated Vulnerability Disclosure? / Chen, T.-H., Tagliaro, C., Lindorfer, M., Borgolte, K., & van der Ham-de Vos, J. (2024). Are You Sure You Want To Do Coordinated Vulnerability Disclosure? In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 307–314). https://doi.org/10.1109/EuroSPW61312.2024.00039
    Project: IoTIO (2020–2025)
  • Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols / Tagliaro, C., Komsic, M., Continella, A., Borgolte, K., & Lindorfer, M. (2024). Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols. In RAID ’24: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses (pp. 561–578). https://doi.org/10.1145/3678890.3678899
    Download: PDF (1010 KB)
    Project: IoTIO (2020–2025)
  • IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis / Schmidt, D., Tagliaro, C., Borgolte, K., & Lindorfer, M. (2023). IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis. In CCS ’23: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (pp. 681–695). Association for Computing Machinery. https://doi.org/10.1145/3576915.3623211
    Download: PDF (1.26 MB)
    Projects: IoTIO (2020–2025) / W4MP (2023–2027)
  • I Still Know What You Watched Last Sunday: Privacy of the HbbTV Protocol in the European Smart TV Landscape / Tagliaro, C., Hahn, F., Sepe, R., Aceti, A., & Lindorfer, M. (2023). I Still Know What You Watched Last Sunday: Privacy of the HbbTV Protocol in the European Smart TV Landscape. In Proceedings Network and Distributed System Security (NDSS) Symposium 2023. 30th Annual Network and Distributed System Security Symposium (NDSS) 2023, San Diego, United States of America (the). https://doi.org/10.14722/ndss.2023.24102
    Projects: IoTIO (2020–2025) / SPFBT (2020–2027)
  • Investigating HbbTV Privacy Invasiveness Across European Countries / Tagliaro, C., Hahn, F., Sepe, R., Aceti, A., & Lindorfer, M. (2023). Investigating HbbTV Privacy Invasiveness Across European Countries. In Learning from Authoritative Security Experiment Results (LASER) 2023. Workshop on Learning from Authoritative Security Experiment Results (LASER 2023), San Diego, United States of America (the). https://doi.org/10.14722/laser-ndss.2023.24102
    Project: IoTIO (2020–2025)