Security and Privacy

Focus

The group's research is organized into the following key areas, which are reflected in our projects and publications.

Software Protection

Our research focus lies on advancing the methodological foundations of software protection, particularly against Man-at-the-End (MATE) attacks, in which adversaries have full control over the execution environment of the software they target, including disassemblers, decompilers, debuggers, emulators, and instrumentation frameworks. In this threat model, classic perimeter defenses no longer apply: the binary itself must resist analysis, tampering, and unauthorized re-distribution. Our research develops verifiable protection methodologies for binary code and integrates them seamlessly into existing software development processes, so that protection becomes a measurable engineering discipline rather than a collection of ad-hoc tricks.

To move beyond intuition-driven security claims, we work on protection strength quantification. We research and adapt information-theoretic complexity metrics for obfuscated code and study, through supervised machine-learning experiments, to what extent an attacker can recover original functionality, identify the obfuscation method used, or strip individual layers. The insights from these adversarial experiments feed back into the design of stronger transformations and into tactics that raise the cost of automated deobfuscation.

Individual transformations rarely suffice on their own; real-world strength comes from protection layering. We combine our security analyses with prior results on resilience and stealth properties of protected code to derive optimal combination strategies for transformation passes, using algebraic group logic and multidimensional clustering. The goal is to give developers reproducible recipes for layering obfuscation mechanisms.

Application domains for our research include mobile apps handling sensitive credentials, DRM and licensing systems, automotive and industrial control software, and any setting where intellectual property or cryptographic key material is shipped to an untrusted endpoint.

Researchers affiliated with this area:

unsplash.com

Machine Learning/AI and Security

Machine Learning (ML) enables innovative products and improves existing services. Recent advances, particularly in large language models (LLMs) and agentic AI systems, further extend these capabilities by supporting complex reasoning, interaction with external tools, and higher degrees of automation. To avoid negative consequences such as loss of customer data or intellectual property, it is essential to consider security and privacy when deploying ML-based systems in real-world applications.

Within the Security and Privacy Group at the University of Vienna, we conduct research at the intersection of AI and cybersecurity, with two complementary perspectives:

  1. Security and privacy of AI systems
  2. The use of AI methods to improve cybersecurity

On the one hand, we investigate the security, privacy, and reliability of ML-based systems, including both classical models and modern LLM-based and agentic systems. These systems introduce new attack surfaces and risks, such as adversarial manipulation, data leakage, and unsafe autonomous behavior. Our research focuses on identifying such threats and developing robust, privacy-preserving, and trustworthy AI systems across the entire lifecycle, from data collection and training to deployment and monitoring. On the other hand, we explore how AI can support and automate cybersecurity tasks.

Current research topics include:

  • Protection against theft of intellectual property (data and trained ML models)
  • Defense mechanisms against adversarial attacks
  • Security of LLM-based and agentic AI systems
  • Privacy-preserving machine learning, including federated learning and secure multi-party computation
  • Combining machine learning with symbolic reasoning
  • AI for cybersecurity, including agent-based approaches for threat detection, anomaly detection, and security testing
  • Monitoring, auditability, and explainability of AI systems
  • Novel methods for data anonymization, including complex data types

Researchers affiliated with this area:

Security and Privacy of Decentralized Systems and Distributed Ledger Technologies

In an interconnected world, any IT system that communicates with another system over a network to fulfill its tasks is, strictly speaking, already a distributed one. Although this is the norm rather than the exception — and therefore holds true for the vast majority of IT systems in use today — we still tend to view each system in isolation, rather than as interconnected components that influence, and often depend on, one another to function. Especially when it comes to security and privacy, a clear picture of these interactions is crucial.

Historically, this awareness has been sharpest in domains that are inherently critical, such as digital payment systems and fault-tolerant distributed systems and databases. With increasing connectivity and continually improving attacks, however, the concepts developed in these domains must be carried over to a much wider range of settings: fleets of IoT devices that measure, react, and require ongoing updates; digital identity ecosystems; secure (group) messaging solutions; and agentic AI systems that need to coordinate reliably in error-prone environments.

Our group conducts both fundamental and applied research on decentralized systems and distributed ledger technologies. We develop new methods to improve their security, privacy, and performance, enabling their use in a broader range of domains and use cases.
 

Researchers affiliated with this area:

Aljosha Judmayer