16th Austrian IT Security Day | 16 October 2019 | Messe Klagenfurt

On 16 October 2019, the 16th Austrian IT Security Day took place at Messe Klagenfurt in cooperation with “Kärntner Messen”.

There were 9 lectures on the following topics:

  • The challenge of decentralised digitisation for SMEs
  • Risk perception and human (ir)rationality
  • What to do in case of a cyber emergency? Hotline, cyber insurance or solve it yourself?
  • Smartcards in Multi-Devices and Multi-Usecase Environments
  • From network analysis to application protection
  • IT security of production systems
  • Current case law on e-commerce
  • Online trading: Typical risks and their distribution
  • Network and Information Security

Two hacking demos:

  • Networks are dangerous and funny too 😉
  • Digitalization madness – view into the digital divide

10 Exhibitors:

  • Alpen-Adria-Universität Klagenfurt | TEWI
  • Anexia
  • Attingo Datenrettung GmbH
  • CERTGATE
  • Industrial Automation GmbH
  • Joanneum Research
  • NTS Netzwerk Telekom Service AG
  • RGE GmbH
  • Stadtwerke Klagenfurt AG
  • Technikon Forschungs- und Planungsgesellschaft mbH

130 satisfied participants are already looking forward to the next IT Security Day in autumn 2020 at FH Salzburg at the Urstein campus in Puch/Salzburg.

StudienassistentIn gesucht !!!!

Die Informatikwerkstatt der AAU Klagenfurt sucht eine Studienassistentin bzw. einen Studienassistenten zur Erstellung von Security-Lehrinhalten für Sekundarstufe I und II.

Bearbeitung im Rahmen einer BA- bzw. MA-Arbeit (UF Informatik, ggf. auch Angewandte Informatik) möglich.

Bei Interesse bitte Kontakt mit Andreas Bollin (andreas [dot] bollin [at] aau [dot] at) oder Peter Schartner (peter [dot] schartner [at] aau [dot] at) aufnehmen.

15th Austrian IT Security Day

On 14 November 2018, the 15th Austrian IT Security Day took place in cooperation with the FH Salzburg at the Urstein campus in Puch/Salzburg.

  • The risk sits BEFORE the screen
  • Risks in the Cloud
  • Mobile e-ID – Secure Identity Management in the Mobile Age
  • Safety aspects with regard to IoT
  • Selected questions on the DSGVO and the DSG
  • Liability of the Data Protection Officer
  • Attack scenarios for “Pl4yB00k_101”
  • Car Hacking – Target Auto

There were 120 satisfied participants who are already looking forward to the next Safety Day in autumn 2019 at Klagenfurt Messe!

Tutors searched!

Tutors searched!

The “System Safety Laboratory” is looking for a Tutor for the academic year 2018/2019.

Requirements:

  • Laboratory completed
  • No worries about JavaCard (and the students’ problems)
  • English language skills

Tasks:

  • Assistance with programming tasks (in particular at the JavCard- and Smartphone-exercise)

If you are interested, please send your job application to Peter Schartner.

Master Thesis Detection of alpine activities using Smartphones

Student: Christoph Lagger

Supervisor: Peter Schartner

Unfortunately accidents in alpine environments happen on a  daily basis, often during mountain hikes in summer or ski tours in winter. Besides  standardized security beacons (e.g. avalanche beep) everybody carries a smartphone with multiple sensors (such as Accelerometers and Gyroscopes among others) with them.  In emergency situations, time is crucial and an accurate and robust recognition system in form of a mobile application could trigger the chain of survival automatically and support rescue missions. In this thesis machine learning is used to determine current movement patterns or activities based on sensor data such as walking up/down, skiing down, pause, or in the worst case an emergency situation. We recorded a large dataset of actual movement patterns (7 days, 19 hours, 21 minutes and 22 seconds) from all available smartphone sensors during actual alpine activities. Movement data was analyzed and a comprehensive training dataset was created for further usage. The goal was to determine the best combination of sensors, algorithms, features and window size parameters to accurately detect said movement patterns. A framework was implemented to perform a series of experiments using 10-fold cross validation, evaluate its outcome and visualize movement data as well as simulate results. Evaluation results as well as simulation results showed that the Random Forest algorithm using data from the Gyroscope and Magnetometer sensor in combination with a 4-second sliding window and an overlap of 20%, utilizing the Root Mean Square, Mean, Signal Vector Magnitude, Energy, Variance, and Standard Deviation as features, achieved a promising F-Measure of 0.975.

Figure 1: Key activities and corresponding result of a simulation run using the most promising combination of algorithm, sensors, features and sliding window parameters. 

Master Thesis scan.net – Interactive Learning Platform for IT Security

Student: Andreas Schorn

Supervisor: Peter Schartner

 

Cyber security training is about training IT security experts and end users in the field of information security. Traditional teaching and learning methods, such as lectures and literature research, however, have been proven inadequate in the field of cyber security. Implementing basic security concepts in real-world environments is difficult for many people as they usually lack knowledge about the specific procedures. With the help of interactive exercises, an attempt is made in a practical way to implement these basic concepts in a realistic environment, and therefore facilitate better understanding of information security.

In this thesis an overview of different variants of cyber security training and cyber security exercises is given. Structure as well as implementation of such exercises, consisting of a secure exercise environment and hacking instructions, is explained in detail. The thesis contains approaches on how cyber security trainings can be implemented in higher education organisations and describes the development and evaluation of a cyber security training platform (scan.net) for lectures at the Alpen-Adria-Universität Klagenfurt.

 

 

 

 

 

 

 

Master Thesis TLS Security: Concept for Manipulation Protection of a Certificate Store

Student: Simon Weger

Supervisor: Peter Schartner

Transport Layer Security (TLS) uses a Public Key Infrastructure (PKI) to verify the authenticity of the communication partner. This infrastructure is based on a hierarchical construct of certification authorities, which certify the authenticity of the other user by means of certificates. An important component in the verification of certificates is the local certificate stores on the users’ systems. Through targeted manipulation of the certificate store, attackers can actively intervene in the authentication process and use these manipulations in various ways for further attacks. This thesis deals with the development of a concept for monitoring a non-manipulation-protected certificate store. Digital signatures are created from the contents of the memory (see figure), so that the memory contents prevailing at later points in time can be verified again and again. Modifications of the certificate store content are displayed to the users and they are offered various reaction options. 

 

 

MASTER THESIS STUDENTS

MASTER THESIS STUDENTS

ATTENTION to all interested students,

we would like to draw your attention to the following vacancies at Joanneum Research ROBOTICS: Ausschreibung_Masters Theses Student_ROS

Austria Cyber Security Challenge 2018 – National Open Championship

The Research Group System Security would like to inform you about the Austria Cyber Security Challenge 2018

  • have a look
  • register
  • do it !!!!

Please visit the website: https://verbotengut.at

 

How much you can find out about a person with an email address

Peter Schartner, data protection expert at the Department of Applied Informatics, shows how much you can find out about a person using an e-mail address.

Find out more here!