Research

The successful operation, maintenance, and further development of critical infrastructures like the Internet, mobile networks, or the power grid are key for life in our technology-oriented societies. The nEtwork and cRitical Infrastructure Security Group, short ERIS, focuses on the protection of complete infrastructures comprising of complex, interconnected systems. We particularly investigate (I) the Internet representing nowadays’ prime communication infrastructure, (II) mobile networks bringing the Internet anywhere, and (III) the power grids supplying the energy that is necessary for life in our technology-oriented societies.

Our research topics include:

• Network measurements
  As a consequence of its decentralized organization, no map of the Internet is available and instead measurement experiments, similar to those in natural sciences like physics, are necessary to gain insights in the Internet’s current state. We develop novel measurement methods and run large-scale Internet measurement campaigns. Among others, the gained information allows to understand currently deployed Internet technology or the prevalence of vulnerabilities, and serves as a foundation for further improvement of the Internet as a whole.
• IPv6 measurements
  Due to address scarcity, the Internet currently undergoes a major transition from Internet Protocol version 4 (IPv4) to version 6 (IPv6). This does not only vastly increase the address space for measurement campaigns, but also gives raise to new vulnerabilities. We develop new resp. adapt existing methods for IPv6, and investigate how security changes when operating IPv6 or Dualstack (simultaneous operation of both protocols).
• Measurement platforms
  We operate two permanent research platforms, namely the Austrian Internet Measurement Hub (AIM) for active Internet measurements, and MobileAtlas for measurements in mobile networks. The platforms are also made available other researchers and students, e.g., for their bachelor or master theses.
• Power grid security
  The on-going digitization of legacy infrastructures makes them vulnerable to cyber-launched attacks. In this context, we develop novel attacks against the power grid and its ecosystem facilitated by these new digital opportunities in order to strengthen the resilience of this vital infrastructure.

Our research has lasting impact. Among others, our work (I) motivated the revision of RFC4941, an IPv6 address format for privacy detection, and respective implementations in client operating systems, (II) revealed multiple misconfigurations on the Internet and lead to the improvement at national ISPs, and (III) revealed vulnerabilites that were responsibly disclosed to the vendors.

Downloads

• I Have No Idea What I'm Doing - On the Usability of Deploying HTTPS
• Mobile Atlas - A Scalable Way to Measure Cellular Networks
• Power Grid Modelling - How Open Geoinformatic Data Benefits Security Research
• Proof-of-Blackouts - How Proof-of-Work Cryptocurrencies Could Affect Power Grids
• SmartIdentification - Secure Identification through Mobile Devices
• Actively Probing Routes for Tor AS-level Adversaries with RIPE Atlas
• Exploiting ICMPv6 Error Messages for Reconnaissance
• GridShock - Coordinated Load-Changing Attacks on Power Grids

The ERIS – Networks and Critical Infrastructures Security Research Group participates in the following research projects:

SBA-K1 (FP2)

SBA Research - K1 (FP2)

COMET K1 | FFG | April 2021 - March 2025

For our second research period from 2021 – 2025, we have devised an ambitious work… Read More

DynAISEC

Adaptive AI/ML for Dynamic Cybersecurity Systems

ICT of the Future | FFG | January 2022 - July 2024

The application of AI/ML to cybersecurity (AI4SEC) is increasingly becoming a paramount need to protect… Read More

IPv6 Scanning

Handling Data from IPv6 Scanning

NGI Initiative | NGI | January 2020 - March 2024

In this project, we will develop a data storage and analysis solution for high-speed IPv6… Read More

G-STAR

Gesamtstaatliche Erfassung der Resilienz im Kontext komplexer Krisenszenarien

KIRAS | FFG | October 2021 - March 2023

The G-Star study aims to record the cooperative structures of Austrian crisis management and to… Read More

MobileAtlas

MobileAtlas

Internet Hardening Fund | NLNet | January 2021 - October 2022

MobileAtlas is an international measurement platform for cellular networks… Read More

2big2fail

Identification and Disintegration of Single Points of Failure on the Internet

BRIDGE 1 | FFG | February 2020 - July 2022

In this project, we investigate the Internet’s diversity and identify technologies that are too big… Read More

FuOnA

Future of Online Anonymity

Stand-alone Project netidee SCIENCE | FWF | March 2018 - April 2021

Core of the project on the Future of Online Anonymity (FuOnA) is to advance the technical means… Read More

SBA-K1 (FP1)

SBA Research - K1 (FP1)

COMET K1 | FFG | April 2017 - March 2021

In our increasingly connected world – where almost all aspects of daily life depend on… Read More

CyPhySec

Framework to Cyber-Physical System Security

BRIDGE Early Stage | FFG | January 2014 - June 2017

The project “Framework to Cyber-Physical System Security (CyPhySec)” aims to increase the security of cyber-physical… Read More

The following scientific partners and company partners are / have been working closely together with the Networks and Critical Infrastructures Security Research Group:

Teaching

The nEtwork and cRitical Infrastructure Security Group is also very active in teaching in subjects in their domain at multiple universities. This includes for example the following courses:

• Information Security Management, University of Vienna (Gabriel Gegenhuber)
• Operating Systems, University of Vienna (Gabriel Gegenhuber)
• Fundamentals of Networked Systems, University of Vienna (Johanna Ullrich)
• Principles of Computer Science, FH Wiener Neustadt (Johanna Ullrich)

Bachelor | Master | PhD - Thesis Supervision

The ERIS Research Group is supervising Bachelor, Master and PhD theses in the following areas.

• Network measurements
• Mobile measurements
• Internet Protocol version 6 (IPv6)
• Data analysis of network data
• Power grid security
• Power consumption of software/security

To contact the team, please reach out to the individual team members or to the team lead Johanna Ullrich.