Statement

Servus, I am key researcher at SBA Research, a research center for Information Security in Vienna, Austria, and leading the Networks and Critical Infrastructures Security Research Group (ERIS). I work on network security, in particular IPv6, the Internet’s transition towards IPv6 and measurement experiments. Among others, I have shown that the IPv6 Privacy Extension does not meet its goal of privacy protection. This led to the modification of a major client operating system eventually protecting millions of its users. Based on my interdisciplinary background, I also conduct research on security at the intersection of computer science and classical engineering. Recently, I worked on attacks against the power grid. In comparison to cyber-launched attacks, I aim to strike the grid at its electrical parts by increasing power demand at a high number of Internet-connected devices simultaneously.

Beyond research, I seriously care about knowledge transfer. I teach at multiple institutions, and have als been an interview partner for print and TV magazines. I am a strong supporter of equal opportunities (and in light of recent events particularly equal parenting). I am a cynophilist.

Experiences

Key Researcher

1/2020 - Present
SBA Research, Vienna

Head of the Networks and Critical Infrastructures Security Group

4/2019 - Present
SBA Research, Vienna

Post-Doctoral Researcher

5/2020 - Present
Christian Doppler Laboratory for Security and Quality
Improvement in the Production System Lifecycle (CDL-SQI), University of Vienna

Senior Researcher

12/2016 - 12/2019
SBA Research, Vienna

Post-Doctoral Researcher

03/2018 - 12/2018
Christian Doppler Laboratory for Security and Quality
Improvement in the Production System Lifecycle (CDL-SQI), TU Wien, Vienna

Researcher

11/2012 - 11/2016
SBA Research, Vienna

Prizes and Awards

Nomination for the Hedy Lamarr Prize

2019 and 2020
nominated by Austrian Research Promotion Agency (FFG)  

Scholarship of Excellence

2018
awarded by the Austrian Federal Ministry of Science, Research and Economy  

Research Prize of the Dr. Maria Schaumayer Foundation

2018
 

Promotio Sub Auspiciis Praesidentis

2017
awarded by the President of Austria Dr. Alexander van der Bellen  

Diploma Thesis Award of the City of Vienna

2013
 

Scholarship for Engineering Students

2011/12
awarded by the Fuchs Foundation  

Merit-Based Scholarships

2008, 2009 and 2010
awarded by the Faculty of Electrical Enginering  

Teaching

Network Security

2020 - Present
Guest Lecturer, Faculty of Computer Science, University of Vienna

Introduction to Security and (Advanced) Internet Security

2017 - Present
Guest Lecturer, Faculty of Informatics, TU Wien

Principles of Computer Sciences

2017 - Present
Lecturer, FH Wr. Neustadt, Curriculum Industrial Engineering

Automotive IT-Security

2017 - Present
Lecturer, FH Campus, Curriculum Green Mobility

Security Aspects of Cloud Computing

2014 - 2021
Lecturer, FH Technikum, Curriculum Information Mngt. and Security

Control Engineering and Electric Drivetrains

2013 - 2017
Engineering Educator instructing Teenagers, HTL Wien 10

Object-Oriented Programming and Software Engineering 1

2010 - 2011
Teaching Assistant, Faculty of Electrical Engineering, TU Wien

Research Projects

Semantic and Cryptographic Foundations of Security and Privacy
by Compositional Design (SPyCoDe)

2023-2026
Author & Principal Investigator of Subproject 10 (in total 14 subprojects)
funded by Special Research Programmes (SFB), Austrian Science Fund (FWF)

Integration von nationalen und regionalen Modellen für die Zukunft
der elektrischen Energieversorgung in Österreich (NurZu!)

2023-2025
Lead Author & Project Manager
funded by BRIDGE 1, Austrian Research Promotion Agency (FFG)

Security and Resilience for P2P Energy Trading

2022
Co-Author & Co-Investigator
funded by Austrian-Japanese Joint Seminars, Austrian Science Fund (FWF)

Adaptive AI/ML for Dynamic Cybersecurity Systems (DynAISEC)

2022 - 2023
Author & Project Manager
funded by ICT of the Future, Austrian Research Promotion Agency (FFG)

Gesamtstaatliche Erfassung der Resilienz im Kontext komplexer
Krisenszenarien (G-Star)

2021 - 2022
Project Manager
funded by KIRAS, Austrian Research Promotion Agency (FFG)

Area 1 Networked System Security, SBA Research K1

2021 - 2025
Lead Author and Key Researcher
funded by COMET K1, Austrian Research Promotion Agency (FFG)

Identification and Disintegration of
Single Points of Failure on the Internet (2big2fail)

2020 - 2022
Lead Author & Project Manager
funded by BRIDGE 1, Austrian Research Promotion Agency (FFG)

Handling Data from IPv6 Scanning

2020
Lead Author & Project Manager
funded by European Commission's Next Geneneration Internet (NGI) Programme Zero

Cyber Security Competence for Research and Innovation (CONCORDIA)

2019 - 2023
Project Member
funded by Horizon 2020 (Cybersecurity Pilot Project)

Secure Connected Trustable Things (SCOTT)

2017 - 2020
Project Member
funded by Electronic Component Systems for European Leadership (ECSEL) Joint Undertaking

Area 1 Networked System Security, SBA Research K1

2017 - 2021
Co-Author
funded by COMET K1, Austrian Research Promotion Agency (FFG)

Framework to Cyber-Physical System Security (CyPhySec)

2013 - 2017
Lead Author & Project Manager
funded by BRIDGE Frühphase, Austrian Research Promotion Agency (FFG)

Media

Discussion on blackouts by Austrian Broadcasting.
Report on information event on blackouts in Tyrol.
Press Release on Acceptance of Special Research Programm (SFB).
Press Release ranking Documentary on Blackouts (Dok1) no.8 in the 2021 ORF video-on-demand ranking.
Documentary by Austrian Radio on Recent Cyber Security Incident.
Interview on Cybersecurity by Austrian Business Magazin.
Documentary by Austrian Broadcasting Corp. on Blackouts.
Discussion with Audience Participation by Austrian Radio
Press Release on Digital Skill Training for Members of the Austrian Parliament
Press Release on Nomination for Hedy Lamarr Prize

ORF Wien heute: Hackerangriffe auf Büchereien

2019
News Magazine on Attack against Vienna Library

ORF Eco: Risiko Blackout - Der teure Schutz der Stromnetze

Economic Magazine by Austrian Broadcasting Corp. on Blackouts

Austrian Business Woman: Wir brauchen Role Models

Austrian Female Business Magazine on Women in Research and Technology

ORF Eco: Intelligente Stromzähler - Wie sicher sind sie, was bringen sie

Economic Magazine by Austrian Broadcasting Corp. on Smart Meter Security and Privacy
Report on my Power Grid Research

ORF Newton: Die Tricks der Motorenbauer

2015
Science Magazine by Austrian Broadcasting Corp. on Diesel Emissions scandal

Publications

Gegenhuber G., Maier, M., Holzbauer, F., Mayer, W., Merzdovnik, G., Weippl, E., Ullrich, J.
An Extended View on Measuring Tor AS-level adversaries
Computers & Security, 2023.
Maier, M., Ullrich, J.
In the loop: A measurement study of persistent routing loops on the IPv4/IPv6 Internet
Computer Networks, 2023.
Nowak, V., Ullrich, J., Weippl, E.
Cybersecurity is more than a Technological Matter - Towards Considering Critical Infrastructures as Socio-Technical Systems
Applied Cybersecurity & Internet Governance, 2022.
Casas, P., Vaneria, J., Ullrich, J., Findrik, M., Barlet-Ros, P.
GRAPHSEC - Advancing the Application of AI/ML to Network Security through Graph Neural Networks
International Conference on Machine Learning for Networking (MLN), 2022.
Holzbauer, F., Ullrich, J., Lindorfer, M., Fiebig, T.
Not that Simple: Email Delivery in the 21st Century
USENIX Annual Technical Conference (ATC), 2022.
Wenzl, M., Merzdovnik, G., Ullrich, J., Weippl, E.
From hack to elaborate technique - A survey on binary rewriting
ACM Computing Surveys, 2019.
Dabrowski, A., Merzdovnik, G., Ullrich, J., Sendera, G., Weippl, E.
Measuring Cookies and Web Privacy in a Post-GDPR World
Passive and Active Measurement Conference (PAM), 2019.
Ullrich, J., Stifter, N., Judmayer, A., Dabrowski, A., Weippl, E.
Proof-of-Blackouts? How Proof-of-Work Cryptocurrencies Could Affect Power Grids
International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2018.
Dabrowski, A., Ullrich, J., Weippl, E.
Botnets causing blackouts: how coordinated load attacks can destabilize the power grid
e&i Elektrotechnik und Informationstechnik, 2018.
Dabrowski, A., Ullrich, J., Weippl, E.
Grid Shock: Coordinated Load-Change Attacks on Power Grids
Annual Computer Security Applications Conference (ACSAC), 2017.
Ullrich, J., Zseby, T., Fabini,T., Weippl, E.
Network-Based Secret Communication in Clouds: A Survey
IEEE Communications Surveys & Tutorials, 2017.
Khan, Z., Ullrich, J., Voyiatzis, A., Herrmann, P.
A Trust-based Resilient Routing Mechanism for the Internet of Things
International Conference on Availability, Reliability and Security (ARES), 2017.
Judmayer, A., Ullrich, J., Merzdovnik, G., Voyiatzis, A., Weippl, E.
Lightweight Address Hopping for Defending the IPv6 IoT
International Conference on Availability, Reliability and Security (ARES), 2017.
Ullrich, J., Weippl, E.
The Beauty or The Beast? Attacking Rate Limits of the Xen Hypervisor
European Symposium on Research in Computer Security (ESORICS), 2016.
Ullrich, J., Cropper, J., Frühwirt, P., Weippl, E.
The Role and Security of Firewalls in Cyber-Physical Cloud Computing
EURASIP Journal on Information Security, 2016.
Ullrich, J., Voyiatzis, A., Weippl, E.
Secure Cyber-Physical Production Systems: Solid Steps towards Realization
International Workshop on Cyber-Physical Production Systems (CPPS), 2016.
Ullrich, J., Voyiatzis, A., Weippl, E.
The Quest for Privacy in Consumer IoT
International Workshop on Consumers and the Internet of Things (ConsIoT), 2016.
Ullrich, J., Weippl, E.
Privacy Is Not an Option: Attacking the IPv6 Privacy Extension
International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2015.
Cropper, J., Ullrich, J., Frühwirt, P., Weippl, E.
The Role and Security of Firewalls in IaaS Cloud Computing
International Conference on Availability, Reliability and Security (ARES), 2015.
Ullrich, J., Kieseberg, P., Krombholz, K., Weippl, E.
On Reconnaissance with IPv6: A Pattern-Based Scanning Approach
International Conference on Availability, Reliability and Security (ARES), 2015.
Krombholz, K., Frühwirt, P., Rieder, T., Kapsalis, I., Ullrich, J., Weippl, E.
QR Code Security - How Secure and Usable Apps Can Protect Users Against Malicious QR Codes
International Conference on Availability, Reliability and Security (ARES), 2015.
Dabrowski A., Krombholz K., Ullrich J., Weippl, E.
QR Inception: Barcode-in-Barcode Attacks
ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, 2014.
Ullrich, J., Krombholz, K., Hobel, H., Dabrowski, A., Weippl, E.
IPv6 Security: Attacks and Countermeasures in a Nutshell
USENIX Workshop on Offensive Technologies (WOOT), 2014.
Herzberg, A., Shulman, H., Ullrich, J., Weippl, E.
Cloudoscopy: Services Discovery and Topology Mapping
ACM Workshop on Cloud Computing Security (CCSW), 2013.

Community Service

Reviewer for Applied Mathematical Modeling (Journal)
Reviewer for Transactions on Network Science and Engineering (Journal)
Reviewer for Computer Networks (Journal)
Reviewer for Computers & Security (Journal)
Reviewer for Computers Science Review (Journal)
Reviewer for IEEE Transactions on Cloud Computing (Journal)
External Reviewer for Usenix Security 2021
External Reviewer for Conference on Computer and Communication Security (CCS) 2016
External Reviewer for European Symposium on
Research in Computer Security (ESORICS) 2015, 2019
External Reviewer for International Workshop on Security and Trust Management (STM) 2019
External Reviewer for IFIP Sec 2020
Technical Programm Chair of Network Traffic Measurement and Analysis Conference (TMA) 2023
Program Comittee Member of European Workshop on System Security (EuroSys) 2023
Program Comittee Member of
International Conference on Availability, Reliability and Security (ARES) 2020-2023
Program Comittee Member of International Workshop on Cyber-Physical Security for Critical Infrastructure Protection (CPS4CIP) 2021-2022
Program Comittee Member of IEEE Euro S&P Poster Session 2021
Program Comittee Member of ACM Cyber-Physical System Security Workshop (CPSS) 2021-2023
Program Comittee Member of GI Sicherheit 2020
Program Comittee Member of International Workshop on Security of Mobile Applications (IWSMA) 2014-2019
Member of Study Conference for Doctorate of Informatics and Business Informatics (University of Vienna) 2020 - Present
Substitute Member of Working Group on Study Curriculum (University of Vienna) 2021 - Present