St. Pölten, Austria
+43 2742 313228 648

Author: Sebastian Schrittwieser

Paper accepted at ForSE 2018

We present a meta model for comprehensive, time-enabled attacker/defender behavior ready for incorporation in a dynamic, imperfect information multi-player game that derives significant parts of its ruleset from established information security sources such as STIX, CAPEC, CVE/CWE and NIST SP800-53. Concrete attack patterns, vulnerabilities, and mitigating controls are mapped to their counterpart strategies and actions…
Read more

Invited talk at MSAS 2017

Sebastian Schrittwieser presented research results of the Josef Ressel Center at the MSAS 2017 workshop (International Workshop on Modeling and Security of Autonomous Systems) which was co-located with the 36th International Conference on Conceptual Modeling (ER 2017).

Scientific recognition award

Sebastian Schrittwieser received a scientific recognition award by the federal state of Lower Austria for his work and dissertation on code obfuscation. Pictures of the award ceremony Information folder

Paper accepted at ISPEC 2017

Jinwoo Kim, Kuyju Kim, Junsung Cho, Hyoungshick Kim and Sebastian Schrittwieser. Hello, Facebook! Here is the stalkers’ paradise!: Design and analysis of enumeration attack using phone numbers on Facebook. 13th International Conference on Information Security Practice and Experience (ISPEC 2017) Abstract: We introduce a new privacy issue on Facebook. We were motivated by the Facebook’s…
Read more

Patrick Kochberger gave a talk at the Young Researcher’s Day 2017

Patrick Kochberger presented his work on graph-based binary analysis at this year’s Young Researcher’s Day, which was co-organized by the OCG working group on information security and SBA Research. Credits: SBA Research

Paper accepted at 9th EAI International Conference on Digital Forensics & Cyber Crime

Peter Kieseberg, Sebastian Neuner, Sebastian Schrittwieser, Martin Schmiedecker and Edgar Weippl. Real-time Forensics through Endpoint Visibility. 9th EAI International Conference on Digital Forensics & Cyber Crime. 2017 Abstract: In the course of the last years, there has been an established forensic process in place known by every investigator and researcher. This traditional process is regarded…
Read more

ICSSA Summer School at Penn State University

JRC TARGET co-organized the first ICSSA Summer School at Penn State University in Altoona, Pennsylvania. From July 17th to July 22nd, Sebastian Schrittwieser and Simon Tjoa gave multiple lectures on malware analysis and software security. Undergraduate and graduate students from St. Pölten University of Applied Sciences, Penn State University (US), Sungkyunkwan University (South Korea), and…
Read more

Two full papers accepted at ICSSA 2017

Stefan Marschalek, Robert Luh and Sebastian Schrittwieser. Endpoint data classification using Markov chains. Abstract: Behavior based analysis of software executed in a sandbox environment has become an established part of malware and APT detection. In this paper, we explore a unique approach to conduct such an analysis based on data generated by live corporate workstations.…
Read more

Paper accepted at Journal of Information Processing

Sebastian Eresheim, Robert Luh, Sebastian Schrittwieser. The Evolution of Process Hiding Techniques in Malware – Current Threats and Possible Countermeasures. Journal of Information Processing (JIP) – Special issue of “Computer Security Technologies against Sophisticated Cyber Attacks”. 2017 Abstract: Rootkits constitute a significant threat to modern computing and information systems. Since their first appearance in the…
Read more

Paper published in “41. WI-MAW-Rundbrief der Gesellschaft für Informatik (GI)”

Peter Kieseberg, Sebastian Schrittwieser, Bernd Malle, Edgar Weippl, Andreas Holzinger. Das Testen von Algorithmen in sensibler datengetriebener Forschung. 41. WI-MAW-Rundbrief der Gesellschaft für Informatik (GI), 2017 German Abstract: Datengetrieben Forschung ist ein wesentlicher Bestandteil in der Entwicklung neuer Methoden zur Modellbildung und Simulation, aber auch im Bereich des Machine Learning und darauf aufbauender neuer und…
Read more

Poster accepted at SACMAT 2017

Our poster “Design of an Anomaly-based Threat Detection & Explication System” got accepted at SACMAT 2017. Abstract: The poster corresponding to this summary depicts a proposition of a system able to explain anomalous behavior within a user session by considering anomalies identified through their deviation from a set of baseline process graphs. We adapt star structures,…
Read more

Paper accepted at AINA 2017

Robert Luh, Sebastian Schrittwieser, Stefan Marschalek. “LLR-based sentiment analysis for kernel event sequences”. Proceedings of the 31st IEEE International Conference on Advanced Information Networking and Applications (AINA), 2017 Behavior-based analysis of dynamically executed binaries has become a widely used technique for the identification of suspected malware. Most solutions rely on function call patterns to determine…
Read more

Second paper accepted at ICISSP 2017

Robert Luh, Sebastian Schrittwieser, Stefan Marschalek, Helge Janicke. Design of an Anomaly-based Threat Detection & Explication System. Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP), 2017 Current signature-based malware detection systems are heavily reliant on fixed patterns that struggle with unknown or evasive applications, while behavior-based solutions usually leave most…
Read more

Paper accepted at ForSE Workshop

Robert Luh, Gregor Schramm, Markus Wagner and Sebastian Schrittwieser, “Sequitur-based inference and analysis framework for malicious system behavior”, 1st International Workshop on FORmal methods for Security Engineering (ForSE) Targeted attacks on IT systems are a rising threat against the confidentiality of sensitive data and the availability of critical systems. With the emergence of Advanced Persistent…
Read more

Paper accepted at ICISSP 2017

Julian Rauchberger, Robert Luh, Sebastian Schrittwieser. Longkit – A UEFI/BIOS Rootkit in the System Management Mode. ICISSP 2017 The theoretical threat of malware inside the BIOS or UEFI of a computer has been known for almost a decade. It has been demonstrated multiple times that exploiting the System Management Mode (SMM), an operating mode implemented…
Read more

British Ambassador Leigh Turner visited the St. Poelten UAS

Her Majesty’s Ambassador to the Republic of Austria and UK Permanent Representative to the United Nations Leigh Turner visited the St. Poelten University of Applied Sciences. Robert Luh, researcher at the JRC TARGET and external PhD student at De Montfort University in Leicester (UK) talked about our research at TARGET.

Talk at DeepSec 2016

Sebastian Schrittwieser and Julian Rauchberger presented our work on System Management Mode malware at DeepSec 2016. Title: Advanced Concepts for SMM Malware Abstract: Hiding malware inside the BIOS/UEFI of a computer has long been deemed a theoretical threat rather than an actual attack vector. Implementation seemed too difficult and the benefits for malicious actors aiming…
Read more


Robert Luh and Martin Pirker presented our research at ITSeCX 2016. Title: Love and Hate – Sentiment Analysis for Unkown Applications Abstract: Sentiment analysis is commonly used to determine emotions in written statements by evaluating significant terms in a corpus of text. In our research, we use an adapted approach to classify applications by their…
Read more

Paper accepted at iiWAS 2016

Robert Luh, Sebastian Schrittwieser and Stefan Marschalek. TAON: An ontology-based approach to mitigating targeted attacks Abstract: Targeted attacks on IT systems are a rising threat against the confidentiality of sensitive data and the availability of systems and infrastructures. Planning for the eventuality of a data breach or sabotage attack has become an increasingly difficult task…
Read more

ERCIM News No.107

The ERCIM News No.107 has been published at We contributed to the article Privacy Aware Machine Learning and the “Right to be forgotten” by Bernd Malle, Peter Kieseberg, Sebastian Schrittwieser, and Andreas Holzinger.

Paper accepted at ASQT 2016

Peter Kieseberg, Sebastian Schrittwieser, Edgar Weippl, Andreas Holzinger. Testing Algorithms in Sensitive Data Driven Research. 14. Anwenderkonferenz (ASQT 2016) Softwarequalität, Test und Innovation.

Two papers accepted at ICSSA 2016

Martin Pirker and Andreas Nusser. Assessment of Server State via Inter-Clone Differences. Damjan Buhov, Richard Thron, Sebastian Schrittwieser. Catch Me If You Can! Transparent Detection Of Shellcode.

ERCIM News No.105

The ERCIM News No. 105 has been published at We contributed to the article “Detection of Data Leaks in Collaborative Data Driven Research” by Peter Kieseberg, Edgar Weippl and Sebastian Schrittwieser.

Paper accepted for publication in the Journal of Computer Virology and Hacking Techniques (Springer)

Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser. Semantics-aware detection of targeted attacks – A survey. Journal of Computer Virology and Hacking Techniques, Springer. Accepted for publication 2016. Abstract: In today’s interconnected digital world, targeted attacks have become a serious threat to conventional computer systems and critical infrastructure alike. Many researchers contribute to…
Read more

CMG-AE Symposium “Cyber-Abwehr in der Praxis – Wie sichere ich sensible Systeme ab?”

Sebastian Schrittwieser hosts the CMG-AE Symposium “Cyber-Abwehr in der Praxis – Wie sichere ich sensible Systeme ab?” on April 19th, 2016 (10am – 2pm) at St. Pölten University of Applied Sciences. German Abstract: Sensible IT-Systemen sind einerseits EDV-Systeme mit entscheidendem Einfluss auf den Geschäftsgang von Anwendern und sind andererseits über das Vorhandensein sie betreffender spezifischer…
Read more

Paper accepted for publication in ACM Computing Surveys

Sebastian Schrittwieser, Stefan Katzenbeisser, Johannes Kinder, Georg Merzdovnik, Edgar Weippl. Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis? Accepted for publication in ACM Computing Surveys. 2016 Abstract: Software obfuscation has always been a highly controversially discussed research area. While theoretical results indicate that provably secure obfuscation in general is impossible,…
Read more

Call for Papers: JRZ TARGET organizes workshop at the ARES Conference 2016

The 1st International Workshop on Targeted Attacks and Mitigation Strategies is going to be held in conjunction with the 11th International Conference on Availability, Reliability and Security (August 31 – September 2, 2016) in Salzburg, Austria. The workshop aims at bringing together experts from academia and industry to share their research, ideas, knowledge and experience…
Read more

Two papers accepted at [email protected]’16

Two papers got accepted at the Workshop on Empirical Research Methods in Information Security which is held in conjunction with the 25rd International World Wide Web Conference (WWW 2016) in Montreal. Martin Pirker, Andreas Nusser. A Work-Flow for Empirical Exploration of Security Events. First Workshop on Empirical Research Methods in Information Security 2016. Abstract: As…
Read more