Adrian Dabrowski

Adrian Dabrowski


You can reach me at atrox (åṱ) seclab (ḑooooọoooọọt) tuwien (ḑọṫ) ac (dọṫ) at.

My other page at SBA Research. My Google Scholar Profile and my Twitter page.

General Information

I recieved my PhD from the University of Technology in Vienna (TU Wien) and are employed as PostDoc at SBA Research, an inter-university research center partly owned by TU Wien. My PhD thesis focused on security and privacy issues in large-scale infrastructure, such as cellular networks (e.g., fake base stations, IMSI caatchers), power grids, botnets, and side channels in browsers. In my Master's thesis written at SecLab, I focused on several RFID systems ranging from an electronic purse to a metropolitan size locking system. I had the opportunity to be on the winning iCTF team in 2006 and 2011, where I co-organized the team in 2011-2013. From March to June 2013 and September 2014 to January 2015, I visited the Echizen Group at the National Institute of Informatics (NII) in Tokyo. I'm holder of the IEEE Austria Diploma Thesis Award and was nominated for the Distinguished Young Alumnus Award of the Faculty of Informatics, UT Vienna. My ACSAC 2014 paper won the Best Student Paper Award.

In 2013, I was speaker at the European Forum Alpbach during the technology symposium days.

Before that and during my studies, I was a teacher at HTL Spengergasse, a secondary technical high school in Vienna. I'm also founding member of Innoc ('Happylab' Hackerspace), Robotchallenge and Funkfeuer Wien. Furthermore I was involved in Roboat, an autonoumous self steering sailing vessel. Other robots of mine where on display at Roboexotica and at Deutsche Technik Museum in Berlin during an IETF congress. I was speaker at several CCC and a SIGINT congresses as well as on B-Sides and appeared in several national and international media reports after describing how to intercept wireless police cameras on Schwedenplatz in Vienna. I lectured at several BEST Summer Courses in Vienna and Bratislava on various robotic topics. Additionally, I held talks at 20c3, 21c3, 22c3, 23c3, 25c3, 30c3, SigInt, B-Sides Vienna, Troopers 2014, CCS2014, ACSAC2014, DayCon 2015, Troopers 2016, DeepSec 2016 and 2017, and others. Occasionally, I make humoristic t-shirts for conferences or just for fun.

Internships / Master's theses

I'm teaching at the Institutes for Automation (e183) and for Software Technology and Interactive Systems (e188) at the University of Technology in Vienna. There, I'm constantly looking for motivated students who want to do an internship ("Praktikum") or a thesis at our group. If you are interested, just send me an email. We have our own topic suggestions, but we are also keen on hearing your ideas.

Current Lecture(s)

  • 2018W: Advanced Internet Security 183.222 (Inetsec2)
  • 2018W: FH Technikum Wien - ILV Cyber Crime Defense

    Past Lecture(s)

  • 2013W: Advanced Internet Security 183.222 (Inetsec2)
  • 2014S: Internet Security 188.366 (Inetsec1)
  • 2014W: Advanced Internet Security 183.222 (Inetsec2) (Canceled due insufficent funding from University)
  • 2015S: Internet Security 188.366 (Inetsec1)
  • 2015W: Advanced Internet Security 183.222 (Inetsec2)
  • 2016S: Internet Security 188.366 (Inetsec1)
  • 2016S: FH Technikum Wien - ILV Cyber Security
  • 2016W: Advanced Internet Security 183.222 (Inetsec2)
  • 2016W: FH Technikum Wien - ILV Cyber Crime Defense
  • 2017S: Internet Security 188.366 (Inetsec1)
  • 2017S: FH Technikum Wien - ILV Cyber Security
  • 2017W: Advanced Internet Security 183.222 (Inetsec2)
  • 2017S: FH Technikum Wien - ILV Cyber Crime Defense
  • 2018S: Internet Security 188.366 (Inetsec1)
  • 2018S: FH Technikum Wien - ILV Cyber Security


      Measuring Cookies and Web Privacy in a Post-GDPR World.
      Adrian Dabrowski, Georg Merzdovnik, Johanna Ullrich, Gerald Sendera, Edgar Weippl
      In proceedings of Passive and Active Measurement (PAM) 2019.
      [ To appear at Springerlink ] [ local PDF (preprint) ]
      Proof-of-Blackouts? How Proof-of-Work Cryptocurrencies Could Affect Power Grids
      Johanna Ullrich, Nicholas Stifter, Aljosha Judmayer, Adrian Dabrowski, Edgar Weippl
      In proceedings of 21st International Symposium on Research in Attacks, Intrusions, and Defenses (RAID 2018)
      [ SpringerLink ] [ SQI PDF ] [ local PDF ] [ BibTex ]
      On Security Research Towards Future Mobile Network Generations
      David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Pöpper
      IEEE Communications Surveys and Tutorials 2018. Volume: 20 , Issue: 3 , III/2018. Pages 2518-2542. DOI 10.1109/COMST.2018.2820728
      [ IEEE CST ] [ arXiv Preprint ] [ BibTex ]
      PrivacyTag: A Community-Based Method for Protecting Privacy of Photographed Subjects in Online Social Networks
      Shimon Machida, Adrian Dabrowski, Edgar Weippl and Isao Echizen
      16th IFIP Conference on e-Business, e-Services and e-Society (I3E) 2017, Best Paper Award.
      [ SpringerLink PDF ] [ BibTex ]
      Exploring Design Directions for Wearable Privacy
      Katharina Krombholz, Adrian Dabrowski, Matthew Smith, and Edgar Weippl
      s In proceedings of USEC Mini Conference 2017 co-located with NDSS Symposium 2017.
      [ Internet Society PDF ] [ local PDF ] [ BibTex ]
      The Messenger Shoots Back: Network Operator Based IMSI Catcher Detection
      Adrian Dabrowski, Georg Petzl, and Edgar R. Weippl
      In proceedings of Research in Attacks, Intrusions and Defenses (RAID 2016), Paris, DOI 10.1007/978-3-319-45719-2_13
      [ SpringerLink PDF ] [ local PDF (Paper v1.01) ] [ BibTex ]
      Browser History Stealing with Captive Wi-Fi Portals (2016)
      Adrian Dabrowski, Georg Merzdovnik, Nikolaus Kommenda and Edgar Weippl
      Mobile Security Technologies (MoST) 2016 at IEEE Security & Privacy Symposiium Workshops, San Jose
      [ IEEE CS PDF ] [ Paper (local) ] [ Poster ] [ S&P MoST2016 Slides] [ BibTex ]
      Leveraging Competitive Gamification for Sustainable Fun and Profit in Security Education (2015)
      Adrian Dabrowski, Markus Kammerstetter, Eduard Thamm, Edgar Weippl, Wolfgang Kastner
      USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE '15) co-located with USENIX Security Symposiom 2015
      [ Usenix ] [ PDF from Usenix ] [ local PDF ] [ BibTex ]
      Smart Privacy Visor: Bridging the Privacy Gap (2015)
      Adrian Dabrowski, Katharina Krombholz, Edgar Weippl and Isao Echizen
      Workshop on Privacy by Transparency in Data-Centric Services (PTDCS) at 18th International Conference on Business Information Systems (BIS2015)
      June 26th 2015, Poznan
      [ SpringerLink PDF ] [ local preprint PDF ] [ BibTex ]
      Error-Correcting Codes as Source for Decoding Ambiguity (2015)
      Adrian Dabrowski, Isao Echizen, Edgar Weippl
      Workshop on Language-Theoretic Security Workshop at IEEE Security & Privacy Symposium "Oakland", San Jose
      DOI 10.1109/SPW.2015.28
      [ local PDF ] [ PDF from LangSec site ] [ IEEE Xexplore (PDF) ] [ Slides ] [ BibTex ]
      Ok Glass, Leave me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing (2015)
      Katharina Krombholz, Adrian Dabrowski, Matt Smith, Edgar R. Weippl
      Proceedings of Workshop on Wearable Security and Privacy co-located with Financial Cryptography and Data Security 2015
      [ PDF ] [ BibTex ]
      IMSI-Catch Me If You Can: IMSI-Catcher-Catchers (2014)
      Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani, Edgar Weippl
      Annual Computer Security Applications Conference (ACSAC) 2014, Best Student Paper Award.
      [ PDF from ACM Digital Library ] [ local PDF ] [ BibTex ] [ Sources ]
      QR Inception: Barcode-in-Barcode Attacks (2014)
      Adrian Dabrowski, Katharina Krombholz, Johanna Ullrich, Edgar Weippl
      4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM) in conjunction with the 21st ACM Conference on Computer and Communications Security (CCS)
      [ PDF via ACM Digital Library ] [ local PDF ] [ Slides ] [ BibTex ]
      Tag Detection for Preventing Unauthorized Face Image Processing (2014)
      Alberto Escalada Jimenez, Adrian Dabrowski, Juan M Montero Martinez, Isao Echizen
      The 13th International Workshop on Digital-forensics and Watermarking (IWDW 2014)
      [ Springer ] [ pre-print PDF ] [ BibTex ]
      (SoK) IPv6 Security: Attacks and Countermeasures in a Nutshell (2014)
      Johanna Ullrich, Katharina Krombholz, Heidelinde Hobel, Adrian Dabrowski, Edgar Weippl
      Usenix WOOT'14, to be published in August
      [ PDF from USENIX (free) ] [ BibTex ]
      Towards a Hardware Trojan Detection Cycle (2014)
      Adrian Dabrowski, Heidelinde Hobel, Johanna Ullrich, Katharina Krombholz, Edgar Weippl
      Second International Workshop on Emerging Cyberthreats and Countermeasures, ECTCM at ARES2014, DOI 10.1109/ARES.2014.45
      [ PDF via IEEE Xplore ] [ local PDF ] [ BibTex ]
      (Poster) Hardware Trojans - Detect and React? (2014)
      Adrian Dabrowski, Peter Fejes, Johanna Ullrich, Katharina Krombholz, Heidelinde Hobel, and Edgar Weippl
      Network and Distributed System Security (NDSS) Symposium, 2014, Extended Abstract and Poster Session. Internet Society.
      [ Two page abstract ] [ Poster ] [ BibTex ] [ Source codes on request ]
      Hardware Malware (2013)
      Christian Krieg, Adrian Dabrowski, Heidelinde Hobel, Katharina Krombholz, and Edgar Weippl
      Synthesis Lectures on Information Security, Privacy, and Trust,
      DOI 10.2200/S00530ED1V01Y201308SPT006, ISBN paperback 978-1627052511, ISBN ebook 978-1627052528
      [ PDF via Morgan & Claypool Publishers ] [ IEEE Xplore ] [ BibTex ]
      Framework based on Privacy Policy Hiding for Preventing Unauthorized Face Image Processing (2013)
      Adrian Dabrowski, Edgar R. Weippl, Isao Echizen
      Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (SMC2013), DOI 10.1109/SMC.2013.83
      [ IEEE Xplore PDF ] [ preprint PDF ] [ BibTex ]
      A Digital Interface for Imagery and Control of a Navico/Lowrance Broadband Radar (2011)
      Adrian Dabrowski, Sebastian Busch, Roland Stelzer
      Robotic Sailing - Proceedings of the 4th International Robotic Sailing Conference (IRSC), pp. 169-181, Springer, ISBN 978-3-642-22835-3
      [ Springerlink PDF ] [ preprint PDF ] [ BibTex ] [ reference implementation ] [ Also cited in: 1, 2 ]
      Centrobot Portal for Robotics Educational Course Material (2010)
      Balogh, R., Dabrowski, A., Hammerl, W., Hofmann, A., Petrovič, P. & Rajníček, J.
      In Proceedings of the 1st international conference on Robotics in Education, RiE2010. September 2010., pp. 17-22. FEI STU, Slovakia, ISBN 987-80-227-3353-3
      [ PDF ] [ BibTex ]

    Earlier Appearances

    Some of my very early high-school or pre-studies projects also showed some impact. My Nokia data cable reverse engineering project from 2000 was featured in the book Hardware Hacking: Have Fun while Voiding your Warranty. The original site of my project has been down for years, but I still get requests and questions about it.

    Also in 2000, my robotics group won the Austrian competition for the European Physics on Stage festival. That enabled me to visit CERN for over a week, including the LEP collider.


    My Erdős number currently is 5 (that's bad!). My Kevin Bacon number is 3. What does that tell about me? :-)

    Last Modified: Prickle-Prickle, the 35th day of Bureaucracy in the YOLD 3184
    otherwise known as: Tue Sep 11 16:15:25 CEST 2018

  • International Secure Systems Lab