Edgar R. Weippl

Office Hours

Thu 4pm; cancelled on:

Jun 16 (please com on Jun 15 at 3pm instead)

Please schedule an appointment with me by email prior to coming to my office hour.
NEW VENUE: Please come to my office at SBA Research (Favoritenstr. 16, 2nd floor)

Contact Information at TU Wien. Please use the TU E-Mail for all questions concerning classes, labs and thesis requests.
Contact Information at SBA Research

Seminar papers, Student Projects (Seminare, Praktika, etc.)

Guidelines (more...).

PhD - Organizational Information

A very good overview of what PhD is, what the standards are, etc.: http://spaf.cerias.purdue.edu/grads.html

What a great PhD thesis should like: Bryan Parno, Trust Extension as a Mechanism for Secure Code Execution on Commodity Computers, Dissertation Carnegie Mellon University, 2010 (2010 Doctorial Dissertation Award for Security, ACM)

Master's Thesis - Organizational Information

You will need to take some courses in IT security (at TU) and at least one 'praktikum' with me before you can do a Master's thesis with me. Your thesis needs to be written in English.
Please look at Purdue's Online Writing Lab. It is a great resource!'

Please prepare an abstract for the thesis that contains following items

Problem statement and Goal of the work
Expected outcome / results
Research methodology
Preliminary schedule and planned workpackages
State-of-the art (including at least 4 references to relevant research)

Minimum standards for a passing grade (in addition to standards set forth by the Dean):

Please use http://slimtimer.com/ or an excel sheet to record your working hours. This will give you (and me) a better overview whether you work efficiently on your thesis...
approx. 25000 words
min. working hours 750 (30 ECTS)
References. Please use ACM (http://www.acm.org/publications/latex_style/), IEEE (http://www2.computer.org/portal/web/cscps/formatting) or APA style (http://owl.english.purdue.edu/owl/resource/560/05/). Personally I prefer ACM but all three are fine.
Please look at Prof. Werthner's checklist (http://www.ec.tuwien.ac.at/ec/teaching/master_topics/guide)

Articles you should read:

http://dl.dropbox.com/u/407569/Web/TU/ResearchMethodology.pdf
http://dl.dropbox.com/u/407569/Web/TU/how_to_review_smith-advice.pdf
http://dl.dropbox.com/u/407569/Web/TU/APSObserver-12TipsRorReviewers.pdf
http://dl.dropbox.com/u/407569/Web/TU/comparativeLiteratureReview.pdf
http://dl.dropbox.com/u/407569/Web/TU/ding_popular_vs_prestige.pdf
Patricia Beatty, Ian Reay, Scott Dick, and James Miller. 2011. Consumer trust in e-commerce web sites: A meta-study. ACM Comput. Surv. 43, 3, Article 14 (April 2011), 46 pages. DOI=10.1145/1922649.1922651 http://doi.acm.org/10.1145/1922649.1922651
http://dl.dropbox.com/u/407569/Web/TU/HowToReview.pdf

Links of the Dean's office that you should look at:

http://www.informatik.tuwien.ac.at/studium/richtlinien/

Open Research Topics

Bidding strategies and fraud
Cost calculation and risk analysis (break even, etc) for cloud storage, energy efficiency (encryption) (starting points http://dx.doi.org/10.1109/MC.2010.115 http://dx.doi.org/10.1109/MC.2010.98)
e-commerce protocols in practice (fairness, ttp, ...)
Recovery of distributed transactions from malicious attacks (internal note: review IFS-2009-0264)
Information Integration Personal Computer + Cloud Systems (AC, Search, etc.)
Database Forensics (Oracle Flashback Queries, System tables, Oracle Label Extensions)
Studies / Questionnaires: e.g. E2E auditable e-voting protocols
Virtualization: Security issues of memory separation
Role Engineering / role mining
Attacks on Social Networks, Privacy in Social Networks
Compare vulnerabilities of different types of open source software (Moodle vs. Bulleting boards)

Text books I like

William Stallings, Computer Security, Pearson International Edition. Very good book. Required reading for all serious master's students.
Matt Bishop, Computer Security: Art and Science (Do not by mistake get 'Introduction to Computer Security'). The most comprehensive book. Required Reading for PhD candidates. Unfortunately there are many errors in the book, making parts almost unreadable without the errata (http://nob.cs.ucdavis.edu/book/book-aands/index.html)
Gary McGraw, Software Security: Building Security In. Excellent book for all software developers
Dieter Gollmann, Computer Security. Short but good depth.
Michael Howard, The Security Development Lifecycle. Excellent book. Get this one or Gary McGraw's.
Julia Allen, Software Security Engineering. Nice if you have enough budget.
Charles E. Pfleeger, Security in Computing. A classic and excellent textbook, many parts are very easy and should be general knowledge of CS students.