2024W

• Introduction to Security / 194.157 / VU

• Global VoIP security threats - large scale validation based on independent honeynets / Gruber, M., Hoffstadt, D., Aziz, A., Fankhauser, F., Schanes, C., Rathgeb, E., & Grechenig, T. (2015). Global VoIP security threats - large scale validation based on independent honeynets. In 2015 IFIP Networking Conference (IFIP Networking). IFIP Networking Conference (IFIP Networking 2015), Toulouse, Frankreich, EU. IEEE Conference Publications. https://doi.org/10.1109/ifipnetworking.2015.7145329
• KCI-based Man-in-the-Middle Attacks against TLS / Hlauschek, C., Gruber, M., Fankhauser, F., & Schanes, C. (2015). KCI-based Man-in-the-Middle Attacks against TLS. BSidesVienna 2015, Wien, Austria. http://hdl.handle.net/20.500.12708/86221
• Prying open Pandora's box: KCI attacks against TLS / Hlauschek, C., Gruber, M., Fankhauser, F., & Schanes, C. (2015). Prying open Pandora’s box: KCI attacks against TLS. 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington D.C., Non-EU. http://hdl.handle.net/20.500.12708/86209
• Aktive Bewußtseinsbildung / Schanes, C., Fankhauser, F., & Grechenig, T. (2015). Aktive Bewußtseinsbildung. Workshop Internationale Wirtschafts- und Industriespionage, Wien, Austria. http://hdl.handle.net/20.500.12708/86225
• Generic Approach for Security Error Detection Based on Learned System Behavior Models for Automated Security Tests / Schanes, C., Hübler, A., Fankhauser, F., & Grechenig, T. (2013). Generic Approach for Security Error Detection Based on Learned System Behavior Models for Automated Security Tests. In Proceedings of the Sixth IEEE International Conference on Software Testing, Verification and Validation (pp. 453–460). IEEE. http://hdl.handle.net/20.500.12708/55058
• Improving the Accuracy of Automated Security Tests Based on Learned System Behavior Models / Schanes, C., Fankhauser, F., Hübler, A., & Grechenig, T. (2013). Improving the Accuracy of Automated Security Tests Based on Learned System Behavior Models. In Proceedings of the Fourth International Workshop on Security Testing (SECTEST 2013). The Fourth International Workshop on Security Testing (SECTEST 2013), Luxembourg, EU. IEEE. http://hdl.handle.net/20.500.12708/55059
• Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach / Gruber, M., Schanes, C., Fankhauser, F., Moutran, M., & Grechenig, T. (2013). Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach. In J. Lopez, X. Huang, & R. Sandhu (Eds.), Network and System Security (pp. 628–634). Springer Lecture Notes in Computer Science. http://hdl.handle.net/20.500.12708/55054
• Voice calls for free: How the black market establishes free phone calls - Trapped and uncovered by a VoIP honeynet / Gruber, M., Schanes, C., Fankhauser, F., & Grechenig, T. (2013). Voice calls for free: How the black market establishes free phone calls - Trapped and uncovered by a VoIP honeynet. In J. Castellà-Roca (Ed.), Proceedings of the International Conference on Privacy, Security and Trust (pp. 205–212). IEEE. http://hdl.handle.net/20.500.12708/55055
• Security status of voip based on the observation of real-world attacks on a honeynet / Gruber, M., Fankhauser, F., Taber, S., Schanes, C., & Grechenig, T. (2011). Security status of voip based on the observation of real-world attacks on a honeynet. In Proceedings of the Third IEEE International Conference on Information Privacy, Security, Risk and Trust (pp. 1041–1047). IEEE. http://hdl.handle.net/20.500.12708/54039
• Generic data format approach for generation of security test data / Schanes, C., Fankhauser, F., Taber, S., & Grechenig, T. (2011). Generic data format approach for generation of security test data. In Proceedings of the Third International Conference on Advances in System Testing and Validation Lifecycle (pp. 103–108). IARIA. http://hdl.handle.net/20.500.12708/54038
• Trapping and analyzing malicious voip traffic using a honeynet approach. / Gruber, M., Fankhauser, F., Taber, S., Schanes, C., & Grechenig, T. (2011). Trapping and analyzing malicious voip traffic using a honeynet approach. In Proceedings of the 6th International Conference on Internet Technology and Secured Transactions (pp. 442–447). IEEE. http://hdl.handle.net/20.500.12708/54037
• Security test approach for automated detection of vulnerabilities of sip-based voip softphones. / Schanes, C., Taber, S., Popp, K., Fankhauser, F., & Grechenig, T. (2011). Security test approach for automated detection of vulnerabilities of sip-based voip softphones. International Journal On Advances in Security, 4(1 & amp;2), 95–105. http://hdl.handle.net/20.500.12708/163156
• Security test environment for voip research / Fankhauser, F., Ronniger, M., Schanes, C., & Grechenig, T. (2011). Security test environment for voip research. International Journal for Information Security Research, 1(1), 53–60. http://hdl.handle.net/20.500.12708/163157
• Automated Security Test Approach for SIP based VoIP Softphones / Taber, S., Schanes, C., Hlauschek, C., Fankhauser, F., & Grechenig, T. (2010). Automated Security Test Approach for SIP based VoIP Softphones. In Proceedings of The Second International Conference on Advances in System Testing and Validation Lifecycle (pp. 114–119). IEEE Computer Society Press. http://hdl.handle.net/20.500.12708/53539
• Mining security changes in freebsd / Mauczka, A., Schanes, C., Fankhauser, F., Bernhart, M., & Grechenig, T. (2010). Mining security changes in freebsd. In Proceedings of 7th IEEE Working Conference on Mining Software Repositories (MSR) (pp. 90–93). IEEE. http://hdl.handle.net/20.500.12708/53545
• Work in progress: Black-Box approach for testing quality of service in case of security incidents on the example of a SIP-based VoIP service. / Steinbacher, P., Fankhauser, F., Schanes, C., & Grechenig, T. (2010). Work in progress: Black-Box approach for testing quality of service in case of security incidents on the example of a SIP-based VoIP service. In Proceedings of IPTComm 2010 Principles, Systems and Applications of IP Telecommunications (pp. 107–116). Technische Universität München, Germany. http://hdl.handle.net/20.500.12708/53544
• A Robust and Flexible Test Environment for VoIP Security Tests. / Ronniger, M., Fankhauser, F., Schanes, C., & Grechenig, T. (2010). A Robust and Flexible Test Environment for VoIP Security Tests. In Proceedings of The 5th International Conference for Internet Technology and Secured Transactions (pp. 96–101). Infonomics Society, UK. http://hdl.handle.net/20.500.12708/53543
• Problem space and special characteristics of security testing in live and operational environments of large systems exemplified by a nationwide IT infrastructure / Schanes, C., Fankhauser, F., Grechenig, T., Schafferer, M., Behning, K., & Hovemeyer, D. (2009). Problem space and special characteristics of security testing in live and operational environments of large systems exemplified by a nationwide IT infrastructure. In Advances in System Testing and Validation Lifecycle (pp. 161–166). IEEE. http://hdl.handle.net/20.500.12708/53068
• Einsatz von Honeypots und Honeynets als unterstützende Sicherungsmaßnahme für IT-Infrastrukturen universitärer Forschungseinrichtungen / Fankhauser, F. (2006). Einsatz von Honeypots und Honeynets als unterstützende Sicherungsmaßnahme für IT-Infrastrukturen universitärer Forschungseinrichtungen [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/186859

• Robotics and edge computing in 5G: A prototype for the openairInterface 5G System. / Spettel, S. (2023). Robotics and edge computing in 5G: A prototype for the openairInterface 5G System. [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2023.109701
  Download: PDF (3.74 MB)
• Evaluating the arm TrustZone as an environment for rootkits : Analyzing the impact of a compromised secure world / Marth, D. (2021). Evaluating the arm TrustZone as an environment for rootkits : Analyzing the impact of a compromised secure world [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.88999
  Download: PDF (1.88 MB)
• TPM 2.0 als Sicherheitsmaßnahme gegen Rootkits auf Linux-basierten Desktop-Systemen / Marmsoler, J. (2021). TPM 2.0 als Sicherheitsmaßnahme gegen Rootkits auf Linux-basierten Desktop-Systemen [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2021.88000
  Download: PDF (3.17 MB)
• Efficiency of security test concepts exemplified by a decentralised component in a large IT infrastructure with high protection needs in the eHealth sector / Czerny, R. (2020). Efficiency of security test concepts exemplified by a decentralised component in a large IT infrastructure with high protection needs in the eHealth sector [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2020.60981
  Download: PDF (1.72 MB)
• Shell activity logging and auditing in exercise environments of security Lectures using OSS / Pritz, F. (2019). Shell activity logging and auditing in exercise environments of security Lectures using OSS [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2019.65385
  Download: PDF (939 KB)
• Effiziente automatisierte Erst-Analyse von Android-Anwendungen in Bezug auf IT-Sicherheit basierend auf Open-Source-Werkzeugen / Guschlbauer, F. (2019). Effiziente automatisierte Erst-Analyse von Android-Anwendungen in Bezug auf IT-Sicherheit basierend auf Open-Source-Werkzeugen [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2019.70063
  Download: PDF (3.18 MB)
• Untersuchung von State-of-the-Art Malware-Analyse-Techniken auf mobilen Endgeräten und Ableitung einer generalisierten Malware-Analyse-Methodologie am Beispiel von Android / Konrad, A. (2017). Untersuchung von State-of-the-Art Malware-Analyse-Techniken auf mobilen Endgeräten und Ableitung einer generalisierten Malware-Analyse-Methodologie am Beispiel von Android [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/80097
• Sicherheitstests mobiler Applikationen im Umfeld medizinischer Anwendungen / Stipsits, T. J. (2017). Sicherheitstests mobiler Applikationen im Umfeld medizinischer Anwendungen [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/79617
• Design and implementation of a model-based test data generation framework for automated web application security testing / Falb, K. (2017). Design and implementation of a model-based test data generation framework for automated web application security testing [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/78775
• Attacking confidential data stored in hardware-based secure elements on android-based NFC mobile phones / Nawratil, A. (2016). Attacking confidential data stored in hardware-based secure elements on android-based NFC mobile phones [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/79072
• Analyse spezieller Anforderungen an Sicherheitstesttools für GUI-basierte Anwendungen und Entwurf eines toolgestützten methodischen Sicherheitstestvorgehens / Taber, S. (2013). Analyse spezieller Anforderungen an Sicherheitstesttools für GUI-basierte Anwendungen und Entwurf eines toolgestützten methodischen Sicherheitstestvorgehens [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/159704
• Entwurf und Entwicklung einer dynamischen Prüfkomponente für den Pseudonymisierungsgrad zum Zweck des Peer-to-Peer Austauschs medizinischer Daten in Forschung und Lehre / Shadlau, P. (2009). Entwurf und Entwicklung einer dynamischen Prüfkomponente für den Pseudonymisierungsgrad zum Zweck des Peer-to-Peer Austauschs medizinischer Daten in Forschung und Lehre [Master Thesis, Technische Universität Wien]. reposiTUm. https://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-31245
  Download: PDF (2.92 MB)
• Entwicklung eines webbasierten Prototyps zur Unterstützung des Risikomanagements für IT-Sicherheitsrisiken in großen Infrastrukturen / Muri, S. (2008). Entwicklung eines webbasierten Prototyps zur Unterstützung des Risikomanagements für IT-Sicherheitsrisiken in großen Infrastrukturen [Master Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/183795
• Durchführungskonzept eines Penetrationstests anhand einer IT- Infrastruktur eines Unternehmens mit mobilen Clients / Schanes, C. (2008). Durchführungskonzept eines Penetrationstests anhand einer IT- Infrastruktur eines Unternehmens mit mobilen Clients [Master Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/183793
• Heuristische Methoden zur Abwehr von Distributed Denial of Service Angriffen auf HTTP-Dienste / Terczka, A. (2008). Heuristische Methoden zur Abwehr von Distributed Denial of Service Angriffen auf HTTP-Dienste [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/183758