Empirical and Applied Research in Information Security
Over the last years, two trends have been visible in top research publications: There is an increasing number of descriptive works observing and describing complex phenomena, e.g., the efficiency of different spam campaigns, the distribution of bots, or the likelihood of users to accept false identities as friends in social networks. These studies are characterized by large sets of samples.
Future research will focus on networks and cloud systems; the research methodology will be empirical systems security: (1) passively observing large systems and (2) active probing that stimulates revealing behavior of the systems. The research contribution lies in observing, describing and inferring the behavior of complex systems that cannot be directly observed and have a large impact on users.
Edgar R. Weippl
Speaker: Prof. Edgar R. Weippl
Edgar R. Weippl (CISSP, CISA, CISM, CRISC, CSSLP, CMC)is Research Director of SBA Research and associate professor (Privatdozent) at the Vienna University of Technology and several universities of applied sciences (Fachhochschulen). His research focuses on applied concepts of IT-security; he organizes the ARES conference and is on the editorial board of Elsevier’s Computers & Security journal (COSE). After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He spent one year teaching as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO in New York, NY and Albany, NY, and for the financial industry in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded together with A Min Tjoa and Markus Klemen the research center SBA Research.