Statement

Servus, I am senior researcher at SBA Research, a research center for Information Security in Vienna, Austria. Based on my interdisciplinary background, my research focuses on security at the intersection of computer science and classical engineering. Recently, I worked on attacks against the power grid. In comparison to cyber-launched attacks, I aim to strike the grid at its electrical parts by increasing power demand at a high number of devices simultaneously. I also work on network security, in particular measuring experiments and IPv6.

Beyond research, I seriously care about knowledge transfer. I teach at multiple institutions, and have als been an interview partner for print and TV magazines. I am a strong supporter of equal opportunities (and in light of recent events particularly equal parenting). I am a cynophilist.

Experiences

Senior Researcher

12/2016 - Present
SBA Research, Vienna

Senior Researcher

03/2018 - 06/2018
Christian Doppler Laboratory for Security and Quality
Improvement in the Production System Lifecycle (CDL-SQI), TU Wien, Vienna

Researcher

11/2012 - 11/2016
SBA Research, Vienna

Prizes and Awards

Research Prize of the Dr. Maria Schaumayer Foundation

2018
 

Promotio Sub Auspiciis Praesidentis

2017
awarded by the President of Austria Dr. Alexander van der Bellen  

Diploma Thesis Award of the City of Vienna

2013
 

Scholarship for Engineering Students

2011/12
awarded by the Fuchs Foundation  

Merit-Based Scholarships

2008, 2009 and 2010
awarded by the Faculty of Electrical Enginering  

Teaching

Internet Security

2017 - Present
Lecturer, Faculty of Informatics, TU Wien

Principles of Computer Sciences

2017 - Present
Lecturer, FH Wr. Neustadt, Curriculum Industrial Engineering

Automotive IT-Security

2017 - Present
Lecturer, FH Campus, Curriculum Green Mobility

Security Aspects of Cloud Computing

2014 - Present
Lecturer, FH Technikum, Curriculum Information Mngt. and Security

Control Engineering and Electric Drivetrains

2013 - 2017
Engineering Educator instructing Teenagers, HTL Wien 10

Object-Oriented Programming and Software Engineering 1

2010 - 2011
Teaching Assistant, Faculty of Electrical Engineering, TU Wien

Research Projects

Secure Connected Trustable Things (SCOTT)

2017 - 2020
Project Member
funded by Electronic Component Systems for European Leadership (ECSEL) Joint Undertaking

Area 1 Networked System Security, SBA Research K1

2017 - 2021
Co-Author
funded by COMET K1, Austrian Research Promotion Agency (FFG)

Framework to Cyber-Physical System Security (CyPhySec)

2013 - 2017
Lead Author & Project Manager
funded by BRIDGE Frühphase, Austrian Research Promotion Agency (FFG)

Media

ORF Wien heute: Hackerangriffe auf Büchereien

2019
News Magazine on Attack against Vienna Library

ORF Eco: Risiko Blackout - Der teure Schutz der Stromnetze

Economic Magazine by Austrian Broadcasting Corp. on Blackouts

Austrian Business Woman: Wir brauchen Role Models

Austrian Female Business Magazine on Women in Research and Technology

ORF Eco: Intelligente Stromzähler - Wie sicher sind sie, was bringen sie

Economic Magazine by Austrian Broadcasting Corp. on Smart Meter Security and Privacy
Report on my Power Grid Research

ORF Newton: Die Tricks der Motorenbauer

2015
Science Magazine by Austrian Broadcasting Corp. on Diesel Emissions scandal

Publications

Wenzl, M., Merzdovnik, G., Ullrich, J., Weippl, E.
From hack to elaborate technique - A survey on binary rewriting
ACM Computing Surveys, 2019.
Dabrowski, A., Merzdovnik, G., Ullrich, J., Sendera, G., Weippl, E.
Measuring Cookies and Web Privacy in a Post-GDPR World
Passive and Active Measurement Conference (PAM), 2019.
Ullrich, J., Stifter, N., Judmayer, A., Dabrowski, A., Weippl, E.
Proof-of-Blackouts? How Proof-of-Work Cryptocurrencies Could Affect Power Grids
International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2018.
Dabrowski, A., Ullrich, J., Weippl, E.
Botnets causing blackouts: how coordinated load attacks can destabilize the power grid
e&i Elektrotechnik und Informationstechnik, 2018.
Dabrowski, A., Ullrich, J., Weippl, E.
Grid Shock: Coordinated Load-Change Attacks on Power Grids
Annual Computer Security Applications Conference (ACSAC), 2017.
Ullrich, J., Zseby, T., Fabini,T., Weippl, E.
Network-Based Secret Communication in Clouds: A Survey
IEEE Communications Surveys & Tutorials, 2017.
Khan, Z., Ullrich, J., Voyiatzis, A., Herrmann, P.
A Trust-based Resilient Routing Mechanism for the Internet of Things
International Conference on Availability, Reliability and Security (ARES), 2017.
Judmayer, A., Ullrich, J., Merzdovnik, G., Voyiatzis, A., Weippl, E.
Lightweight Address Hopping for Defending the IPv6 IoT
International Conference on Availability, Reliability and Security (ARES), 2017.
Ullrich, J., Weippl, E.
The Beauty or The Beast? Attacking Rate Limits of the Xen Hypervisor
European Symposium on Research in Computer Security (ESORICS), 2016.
Ullrich, J., Cropper, J., Frühwirt, P., Weippl, E.
The Role and Security of Firewalls in Cyber-Physical Cloud Computing
EURASIP Journal on Information Security, 2016.
Ullrich, J., Voyiatzis, A., Weippl, E.
Secure Cyber-Physical Production Systems: Solid Steps towards Realization
International Workshop on Cyber-Physical Production Systems (CPPS), 2016.
Ullrich, J., Voyiatzis, A., Weippl, E.
The Quest for Privacy in Consumer IoT
International Workshop on Consumers and the Internet of Things (ConsIoT), 2016.
Ullrich, J., Weippl, E.
Privacy Is Not an Option: Attacking the IPv6 Privacy Extension
International Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2015.
Cropper, J., Ullrich, J., Frühwirt, P., Weippl, E.
The Role and Security of Firewalls in IaaS Cloud Computing
International Conference on Availability, Reliability and Security (ARES), 2015.
Ullrich, J., Kieseberg, P., Krombholz, K., Weippl, E.
On Reconnaissance with IPv6: A Pattern-Based Scanning Approach
International Conference on Availability, Reliability and Security (ARES), 2015.
Krombholz, K., Frühwirt, P., Rieder, T., Kapsalis, I., Ullrich, J., Weippl, E.
QR Code Security - How Secure and Usable Apps Can Protect Users Against Malicious QR Codes
International Conference on Availability, Reliability and Security (ARES), 2015.
Dabrowski A., Krombholz K., Ullrich J., Weippl, E.
QR Inception: Barcode-in-Barcode Attacks
ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, 2014.
Ullrich, J., Krombholz, K., Hobel, H., Dabrowski, A., Weippl, E.
IPv6 Security: Attacks and Countermeasures in a Nutshell
USENIX Workshop on Offensive Technologies (WOOT), 2014.
Herzberg, A., Shulman, H., Ullrich, J., Weippl, E.
Cloudoscopy: Services Discovery and Topology Mapping
ACM Workshop on Cloud Computing Security (CCSW), 2013.

Community Service

Reviewer for Applied Mathematical Modeling (Journal)
Reviewer for Transactions on Network Science and Engineering (Journal)
Reviewer for Computer Networks (Journal)
Reviewer for Computers & Security (Journal)
Reviewer for IEEE Transactions on Cloud Computing (Journal)
External Reviewer for Conference on Computer and Communication Security (CCS) 2016
External Reviewer for European Symposium on Research in Computer Security (ESORICS) 2015, 2019
External Reviewer for International Workshop on Security and Trust Management (STM) 2019
Program Comittee Member of GI Sicherheit 2020
Program Comittee Member of International Workshop on Security of Mobile Applications (IWSMA) 2014-2019