Open Position: Postdoctoral Research in Cybersecurity

The Cybersecurity research group (https://cybersecurityresearch.at/), headed by Prof. Elisabeth Oswald, is a relatively new group established in Austria’s sunny south. The group currently features a diverse range of members (from France, Iran, India, and China).

Current members work on topics such as leakage profiling, advanced leakage simulators, attacks (utilizing deep learning), statistical foundations, and hardware aspects of side channels. The group receives funding from the ERC, as well as local funding, and thus offers a supportive research environment (both financially as well as from a human perspective).

The group is looking to grow by one post-doctoral researcher and is particularly keen to expand their existing coverage of topics and  seeks researchers with an interest in (any of the following areas)

  • compilers/languages to support the secure implementation of cryptographic primitives
  • machine/deep learning
  • secure implementations (in particular in the context of RISC-V)

A good candidate for this position will have a background in either computer science, maths, or statistics (an MSc level degree with above-average grades is required), will have some relevant publications in any of these subjects in international conferences or journals, enjoy working with people in an international context, and love water, sun, and mountains.

The position is available immediately, applications will be considered on a rolling basis and we will fill the vacancy as soon as a suitable candidate is identified. To apply please send a brief
motivation letter, your CV, and transcripts of records of your MSc and BSc to the contact below.

The position has funding until 31.08.2023 at € 3.945,90 per month.

Please contact Elisabeth [dot] Oswald [at] aau [dot] at for informal inquiries

Luftbild

Luftbild | Foto: LakesideLabs

and to submit your application.

Open Position: Student Researchers / Developers in Cybersecurity

The Cybersecurity research group (https://cybersecurityresearch.at/), headed by Prof. Elisabeth Oswald, is a relatively new group established in Austria’s sunny south. The group currently features a diverse range of members (from France, Iran, India, and China).

Current members work on topics such as leakage profiling, advanced leakage simulators, attacks (utilizing deep learning), statistical foundations, and hardware aspects of side channels. The group receives funding from the ERC, as well as local funding, and thus offers a supportive research environment (both financially as well as from a human perspective).

The group is looking for support with its ongoing projects via paid student researchers. You could work for us some months, e.g. during the summer (via an internship), or join us for longer (only part-time). We consider students both on bachelor and master courses,provided they are in the areas of computer science, computer engineering, mathematics (if it includes some programming), or statistics/data science (provided you can at least do some scripting).

You do not need to be based in Klagenfurt, working from home is possible.

The projects that we are looking to support require skills in (either)

  • compilers/languages to support the secure implementation of cryptographic primitives, including the use of formal verification tools,
  • machine/deep learning
  • secure implementations (low-level programming, e.g. ARM assembly, RISC-V assembly)
  • software development (C++)

You will work with young scientists from across the globe (the current group members are from France, Iran, India and China), so good English language skills are vital too.

We will appoint multiple researchers, and the starting date is flexible.  Applications will be considered on a rolling basis. To apply please send a brief motivation letter, your CV, and transcripts of records of your MSc/BSc to the contact below.

The rates will depend on your highest level of education: they are at € 1.073,10 per month for a part-time employment.

Please contact Elisabeth [dot] Oswald [at] aau [dot] at for informal inquiries and to submit your application.

Digitalisierung

Digitalisierung | Foto: Freepik

PhD Students in Cybersecurity wanted!

The Cybersecurity Research Group – hosted at the university’s Digital Age Research Center (D!ARC) – is seeking to fill the post of a Phd-student within the area of Side Channel Resistent Embedded Systems.

The Cybersecurity Research group has been established with a clear interest in finding and eliminating information leaks in the context of embedded devices (they often exhibit a number of so called side channels). In this particular setting, the research team – led by Prof. Elisabeth Oswald – has developed a range of techniques that integrate well in a typical software flow and make leakage information transparent to a developer.

Currently, the group consists of one further lecturer, three postdocs, and two further PhD students who work in the areas of cryptography, statistical machine learning, embedded security, artificial intelligence and deep learning as well as crypto engineering.

The purpose of this studentship is to build on the existing work and add novel ideas including the automated tracing of leaks from lower-level code representations to the description in a higher-level language, the development of code transformation techniques to mitigate leaks automatically, etc. The successful applicant will work closely with Prof. Oswald and will develop into a researcher/engineer with a profound understanding of the challenges of leakage resilient development.

Requirements:

✓ Master’s level qualification in informatics, mathematics or other technical sciences
✓ strong background in embedded systems
✓ some background in low level programming and embedded systems
✓ Very good language skills in English (German optional)
✓ Willingness to work within an international team

The vacancy shall be filled as soon as possible.
If you are interested in this opportunity please consider applying with your CV and a motivational letter to elisabeth [dot] oswald [at] aau [dot] at

Studienassistenz (7h/Woche) gesucht !!!!

Die AAU Klagenfurt / TeWi – Abteilung Artificial Intelligence und Cybersecurity – sucht ab März 2021 eine Studienassistentin (7 h/Woche).

Aufgaben:

Umstellung der PPTX-Folien von Systemsicherheit auf LaTeX und Erweiterung und Pflege der SPU-Fragen für “Algorithmen und Datenstrukturen”, “Einführung in die theoretische Informatik” und “Systemsicherheit”

Erwünscht sind:

– Deutschkenntnisse

– Genauigkeit

– Verlässlichkeit

– Organisationstalent und die Bereitschaft zur raschen Einarbeitung.

Formlose Bewerbungen an Peter Schartner erbeten.

16th Austrian IT Security Day | 16 October 2019 | Messe Klagenfurt

On 16 October 2019, the 16th Austrian IT Security Day took place at Messe Klagenfurt in cooperation with “Kärntner Messen”.

There were 9 lectures on the following topics:

  • The challenge of decentralised digitisation for SMEs
  • Risk perception and human (ir)rationality
  • What to do in case of a cyber emergency? Hotline, cyber insurance or solve it yourself?
  • Smartcards in Multi-Devices and Multi-Usecase Environments
  • From network analysis to application protection
  • IT security of production systems
  • Current case law on e-commerce
  • Online trading: Typical risks and their distribution
  • Network and Information Security

Two hacking demos:

  • Networks are dangerous and funny too 😉
  • Digitalization madness – view into the digital divide

10 Exhibitors:

  • Alpen-Adria-Universität Klagenfurt | TEWI
  • Anexia
  • Attingo Datenrettung GmbH
  • CERTGATE
  • Industrial Automation GmbH
  • Joanneum Research
  • NTS Netzwerk Telekom Service AG
  • RGE GmbH
  • Stadtwerke Klagenfurt AG
  • Technikon Forschungs- und Planungsgesellschaft mbH

130 satisfied participants are already looking forward to the next IT Security Day in autumn 2020 at FH Salzburg at the Urstein campus in Puch/Salzburg.

StudienassistentIn gesucht !!!!

Die Informatikwerkstatt der AAU Klagenfurt sucht eine Studienassistentin bzw. einen Studienassistenten zur Erstellung von Security-Lehrinhalten für Sekundarstufe I und II.

Bearbeitung im Rahmen einer BA- bzw. MA-Arbeit (UF Informatik, ggf. auch Angewandte Informatik) möglich.

Bei Interesse bitte Kontakt mit Andreas Bollin (andreas [dot] bollin [at] aau [dot] at) oder Peter Schartner (peter [dot] schartner [at] aau [dot] at) aufnehmen.

15th Austrian IT Security Day

On 14 November 2018, the 15th Austrian IT Security Day took place in cooperation with the FH Salzburg at the Urstein campus in Puch/Salzburg.

  • The risk sits BEFORE the screen
  • Risks in the Cloud
  • Mobile e-ID – Secure Identity Management in the Mobile Age
  • Safety aspects with regard to IoT
  • Selected questions on the DSGVO and the DSG
  • Liability of the Data Protection Officer
  • Attack scenarios for “Pl4yB00k_101”
  • Car Hacking – Target Auto

There were 120 satisfied participants who are already looking forward to the next Safety Day in autumn 2019 at Klagenfurt Messe!

Tutors searched!

Tutors searched!

The “System Safety Laboratory” is looking for a Tutor for the academic year 2018/2019.

Requirements:

  • Laboratory completed
  • No worries about JavaCard (and the students’ problems)
  • English language skills

Tasks:

  • Assistance with programming tasks (in particular at the JavCard- and Smartphone-exercise)

If you are interested, please send your job application to Peter Schartner.

Master Thesis Detection of alpine activities using Smartphones

Student: Christoph Lagger

Supervisor: Peter Schartner

Unfortunately accidents in alpine environments happen on a  daily basis, often during mountain hikes in summer or ski tours in winter. Besides  standardized security beacons (e.g. avalanche beep) everybody carries a smartphone with multiple sensors (such as Accelerometers and Gyroscopes among others) with them.  In emergency situations, time is crucial and an accurate and robust recognition system in form of a mobile application could trigger the chain of survival automatically and support rescue missions. In this thesis machine learning is used to determine current movement patterns or activities based on sensor data such as walking up/down, skiing down, pause, or in the worst case an emergency situation. We recorded a large dataset of actual movement patterns (7 days, 19 hours, 21 minutes and 22 seconds) from all available smartphone sensors during actual alpine activities. Movement data was analyzed and a comprehensive training dataset was created for further usage. The goal was to determine the best combination of sensors, algorithms, features and window size parameters to accurately detect said movement patterns. A framework was implemented to perform a series of experiments using 10-fold cross validation, evaluate its outcome and visualize movement data as well as simulate results. Evaluation results as well as simulation results showed that the Random Forest algorithm using data from the Gyroscope and Magnetometer sensor in combination with a 4-second sliding window and an overlap of 20%, utilizing the Root Mean Square, Mean, Signal Vector Magnitude, Energy, Variance, and Standard Deviation as features, achieved a promising F-Measure of 0.975.

Figure 1: Key activities and corresponding result of a simulation run using the most promising combination of algorithm, sensors, features and sliding window parameters. 

Master Thesis scan.net – Interactive Learning Platform for IT Security

Student: Andreas Schorn

Supervisor: Peter Schartner

 

Cyber security training is about training IT security experts and end users in the field of information security. Traditional teaching and learning methods, such as lectures and literature research, however, have been proven inadequate in the field of cyber security. Implementing basic security concepts in real-world environments is difficult for many people as they usually lack knowledge about the specific procedures. With the help of interactive exercises, an attempt is made in a practical way to implement these basic concepts in a realistic environment, and therefore facilitate better understanding of information security.

In this thesis an overview of different variants of cyber security training and cyber security exercises is given. Structure as well as implementation of such exercises, consisting of a secure exercise environment and hacking instructions, is explained in detail. The thesis contains approaches on how cyber security trainings can be implemented in higher education organisations and describes the development and evaluation of a cyber security training platform (scan.net) for lectures at the Alpen-Adria-Universität Klagenfurt.