Profile Picture of Sebastian

I am a post-doctoral researcher at the Security and Privacy Research Unit at TU Wien. In 2023 I received my doctoral degree (Dr.-Ing.) with summa cum laude from Saarland University/CISPA. My research is focused on system security as well as usable security for developers and is regularly published at top-tier venues (IEEE S&P, USENIX Security, ACM CCS, NDSS). You can find my papers on Google Scholar, in the ACM Digital Library, and in DBLP. To keep in touch with developers and security experts from the industry, I also regularly give talks about my research at industry conferences such as OWASP AppSec or RuhrSec.
In addition to that, I have taught other students as a tutor, teaching assistant, and lecturer in several different lectures, supervised topics in different seminars, and advised students in the process of their bachelor or master thesis or for study-related projects.
During leisure time, I regularly organize and participate in information security competitions called Capture the Flag (CTF) together with saarsec (saarsec|steg1) from Saarbrücken or with w0y from Vienna.


March 2019 – March 2023

Dr.-Ing. (with summa cum laude) @ Saarland University / CISPA
Thesis: "How to Deploy Security Mechanisms Online (Consistently)"
Supervised by: Dr.-Ing. Ben Stock

March 2017 – March 2019

Master Computer Science @ Saarland University
Thesis: "Content Security Policy – A Shapeshifter’s Tale"
Supervised by: Dr.-Ing. Ben Stock

October 2013 – March 2017

Bachelor Cybersecurity @ Saarland University
Thesis: "A Platform to Recruit GitHub Users for Developer Studies"
Supervised by: Prof. Dr. Sascha Fahl

August 2010 – June 2013

High School
Intensive Courses: Computer Science, Electrical Engineering, English
Balthasar Neumann Technical College Trier

August 2004 – June 2010

Secondary School
Erich Kästner Realschule Hermeskeil

Work Experience:

since April 2023

Post-Doctoral Researcher @ TU Wien
Hosted by: Prof. Dr. Matteo Maffei

March 2019 - March 2023

Researcher @ CISPA Helmholtz Center for Information Security
Supervised by: Dr.-Ing. Ben Stock

Summer 2020

Internship @ Hardenize Limited
Supervised by: Ivan Ristić

October 2015 – March 2019

Research Assistant @ CISPA Helmholtz Center for Information Security
Supervised by: Dr.-Ing. Ben Stock (Dec. 2017 – Mar. 2019)
Supervised by: Prof. Dr. Sascha Fahl (Oct. 2015 – Dec. 2017)

Thesis/Project Advisor:
Bridging Realms: Analyzing App-to-Web Interactions in Android IABs
Master Thesis by P. Beer (2024)
Honey, I Cached our Security Tokens – Re-usage of Security Tokens in the Wild
Research Immersion Lab by L. Trampert (2022)
Note: Resulted in a RAID 2023 Publication
Do you Trust your Types? A Qualitative Study on the Usability of Trusted Types to Mitigate Client-Side XSS Vulnerabilities
Bachelor Thesis by P. Baus (2022)
Note: 2nd CAST Bachelor Thesis Award 2023 & Prestudy for Trust Me If You Can
To hash or not to hash: A security assessment of the CSP directive unsafe-hashes
Bachelor Thesis by P. Stolz (2021)
Note: Resulted in a SecWeb 2022 Publication
RetroCSP: Retrofitting Web Security on the Client Side by Reinforcing Widespread CSP Support
Bachelor Thesis by M. Wilhelm (2021)
Note: Won CAST Bachelor Thesis Award 2021
Examining the Security of Embedded Browsers
Bachelor Thesis by B. Hollinger (2020)
CIDeR: Automatically Implementing Nonce-Based Content Security Policies
Master Thesis by A. Rassier (2020)
Bytewarden & SaarsecVV Service for the 2022 SaarCTF
Cybersecurity Project by P. Decker & L. Seyler
Program Committee:
> The Web Conference 2024 (WWW '24)
> IEEE Symposium on Security & Privacy 2024 (S&P '24)
> SecWeb Workshop co-located with IEEE S&P 2024 (SecWeb '24)
> SecWeb Workshop co-located with IEEE S&P 2023 (SecWeb '23)
> SecWeb Workshop co-located with IEEE S&P 2022 (SecWeb '22)
> SecWeb Workshop co-located with IEEE Euro S&P 2021 (SecWeb '21)

Artifact Evaluation Committee:
> Annual Computer Security Applications Conference 2020 (ACSAC '20)

> The Web Conference 2022 (WWW '22)
> Network and Distributed System Security Symposium 2021 (NDSS '21)
> Annual Computer Security Applications Conference 2019 (ACSAC '19)

> Member of the CISPA Hiring Comitee 2022
> Member of the CISPA Works Council 2019-2023
> Member in the CISPA CoronaWarnApp Team 2019-2020