Recent Publications

More Publications

(2019). The Android Platform Security Model. arXiv:1904.05572 [cs].


(2019). Insider Attack Resistance in the Android Ecosystem. Enigma 2019.

(2018). Android Pie à la mode: Security & Privacy.


(2018). Investigating the impact of network security on the line current differential protection system. The Journal of Engineering.


(2018). Design, Implementation, and Evaluation of Secure Communication for Line Current Differential Protection Systems over Packet Switched Networks. International Journal of Critical Infrastructure Protection.


(2018). Mobile Match-on-Card Authentication Using Offline-Simplified Models with Gait and Face Biometrics. IEEE Transactions on Mobile Computing.


(2018). Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems.


(2018). Wie sicher ist die schöne, neue und vernetzte Welt?. Automatisierung: Wechselwirkung mit Kunst, Wissenschaft und Gesellschaft.

(2017). Smartphone-based Gait Recognition: From Authentication to Imitation. IEEE Transactions on Mobile Computing (IEEE TMC).


(2017). ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices. IEEE Transactions on Mobile Computing (IEEE TMC).


Presentations & Talks

Recent Posts

More Posts

Android security trade-offs: Rooting “Rooting” has been part of the Android ecosystem pretty much since its creation. Within the context of this blog post, I define rooting as a method to disable standard sandboxing mechanisms for particular processes, which is a superset of Nick Kralevich’s earlier definition because many posts mix up the intentional, user-driven root access with exploitation of vulnerabilities. In this post I mean granting select apps and their processes the “root” privilege, which entitles them to ignore access control mechanisms on the system and kernel levels.


Android security trade-offs The Android ecosystem is highly diverse, complex, and has many different stakeholders typically not visible in the limelight. Consequently, making decisions about features in the platform itself — what we call AOSP (Android Open Source Project) — is hard, and often in surprising ways. Over a year and a half ago, I came to Google as the new Director of Android Platform Security. Even though my research group had been working on Android security for over 7 years, many of those complexities were completely new to me.


Why Tor allows to anonymize Internet traffic through onion routing, typically via 3 separate hops. At INS, we run one of the fastest Tor exit nodes in Austria, and provide statistical data on its usage. For more details, please check those project websites. On my personal home network, I use Tor - among other reasons - to test various devices such as mobile phones, tablets, etc. with apps I do not necessarily trust, “smart home” / IoT style devices, or wearables.


Disclaimer This web page is written primarily in English, but uses German words originating from the Austrian law. There seems to be little point in artificially translating these terms when they are special definitions of a law written in German. I have tried to explain the terms when I first use them - if something is unclear, feel free to send me an email. Introduction Since the beginning of 2000, the Austrian government has begun introducing its digital signature scheme in form for the so called “Bürgerkarte”.


Creating X.509 certificates programmatically in Java My probem statement was simple: create a X.509 certificate with only a few fields being configurable, sign it with an already existing CA private key/certificate combination, and write the new certificate in PKCS12 format. Then it became complicated: I needed to it with Java, on a PDA. I spent about 2 days to get this seemingly simple task to work, so I thought it might be good to share my findings in the hope that they will serve others with similar problems.



A selection of personal research and development projects I worked on either alone or as the main contributor. Larger academic projects I managed are linked to their respective web sites.


Context authentication

[Finished Jan. 2008] Research into context-based device-to-device authentication.

Context prediction

[Finished Nov. 2004] PhD project on predicting mobile user context


[Finished Sept. 2014] Open source Ubiquitous Authentication Toolkit


[Finished Jan. 2008] Relative spatial positioning


[Finished] Enabling IPv6 address privacy on Android devices.

Gibraltar firewall

[Finished/closed] A Linux firewall/UTM distribution with read-only root file system.

JKU Tor exit node

[Running] High-bandwidth Tor exit node at JKU/INS for research on use of anonymization

Josef Ressel Center u'smile

[Finished Sept. 2017] Research Center for User-friendly Secure Mobile Environments

Android Exploit Framework

[Finished] Android on-device permanent root exploit framework


[Finished/stopped] A personal Dropbox replacement based on Git

Private Notes

[Finished] Cross-platform end-to-end encrypted note-taking app


[Finished] Package to support building Linux live-booting CDs

Squid filter patches

[Finished] Filtering patches for Squid proxy