The Project

This project is part of doctoral research being conducted at TU Wien in collaboration with the University College London, Universidad Politécnica de Madrid and Tufts University. Our primary focus is exploring the methodologies and challenges of analyzing malware artifacts, particularly those linked to sophisticated cyberattacks.

We are seeking your participation in a personal interview (conducted remotely) that will last approximately one hour. Your knowledge and experience will help us develop advanced research prototypes and detection tools.

We assure you that we will treat your information with the utmost confidentiality. We are not seeking any sensitive information during the interviews. We will protect the privacy of any information you share to the utmost of our abilities. All gathered data will be encrypted and securely stored without any personally identifiable information (PII). Only the research team will have access to this anonymized data. We are also happy to share the interview questionnaire with you in advance if you would like to review it.

**Interested? Please fill out the survey to get started: https://survey.secpriv.wien/adapt **

This page answers some of the follow-up questions regarding our research. Additionally, more details about the paper will be provided here once it is published.

FAQs

Am I eligible to participate in the study?

You qualify for participation if you are 18 years or older and have experience working in cybersecurity, such as a threat analyst or a reverse engineer. Ideal participants are those with decision-making, strategy development, or technical implementation roles within the Security Operations Center (SOC). Interested participants can find the contact details below.

Is participation mandatory?

Participating in this study is entirely voluntary. You may stop participating at any time and withdraw from the study without giving any reason. Please note that we will not analyze partial data and any personal data provided up to that point will be deleted. You will receive a copy of a participant information sheet for your reference if you choose to participate. Additionally, you will be requested to sign a consent form before proceeding with the study.

What will my participation entail?

Your participation will involve taking a short initial survey (~5 min) and engaging in a semi-structured one-on-one interview conducted remotely or in person (whichever you prefer). Based on your preferences and availability, this interview will be scheduled in consultation with you and will last approximately 60 minutes. As a participant, you will be required to answer questions related to your role, expertise, and job experience. Throughout the interview, participants will be encouraged to share their knowledge and insights, contributing to a comprehensive understanding of advanced cybersecurity practices and challenges.

It is crucial to emphasize that any reports or publications stemming from this study will uphold your anonymity by excluding your name and any potentially identifying details. We will securely retain your email address for potential follow-up communications and results sharing, and this data will not be shared beyond the project team.

Will I be recorded, and how will the recorded media be used?

Your participation in this study will involve an online interview using TU Wien’s dedicated Zoom conferencing platform. Audio recordings and written notes will be taken to capture your feedback and insights for the research study. Participants may opt out of being video or audio recorded. They can also choose the video conferencing service of their choice.

The recordings and notes will solely be used for analyzing and categorizing your responses for a conference publication. The data will be securely stored on password-protected computers with restricted access to authorized research personnel. Data will be retained for the duration of the study and raw data will be deleted securely upon transcription and validation.

What are the potential disadvantages or risks of participating in this study?

The potential risks associated with your participation involve concerns related to disclosure rights governed by NDAs. It is important to note that we do not seek any personal sensitive information and we will only publish information that participants willingly share, strictly adhering to the explicit written and verbal consent granted before the interview.

What are the advantages of participating in this study?

While there are no immediate tangible rewards for participants, your involvement contributes to both personal learning experiences and the development of improved research prototypes. These prototypes will be made open-source, with the aim of potential adoption by the industry. By participating, you become part of a collaborative effort to advance scientific knowledge and address critical cybersecurity challenges. Your insights and expertise can contribute to the development of innovative solutions that can safeguard organizations and individuals from cyber threats.

Will my participation in this project remain confidential?

Yes, we are committed to protecting the confidentiality of participants and their data. Your answers and personal details will be anonymized and aggregated before being included in reports or conference papers. We do not share data with any third parties. Participants will have the opportunity to verify responses before publication.

Further, we adhere to the Data Protection Act (DSG) and the General Data Protection Regulation (GDPR), complying with Article 6, Paragraph 1(a), which provides the legal basis for data collection and processing. The research study is also conducted under the guidance of the TU Wien Research Ethics Committee (https://www.tuwien.at/en/research/rti-support/responsible-research-practices/research-ethics-committee), ensuring adherence to ethical principles and data privacy standards.

What will happen to the results of the research project?

Your participation in this research study will contribute to significant advancements in cybersecurity practices. We plan to publish the findings from our study at a prestigious security conference such as USENIX, IEEE S&P, or ACM. The study is expected to take 4-6 months, depending on the number of participants. We aim to publish the results in 2024. As a participant, you will receive an email notification upon successful publication.

Contact for further information

The research study and interview will be facilitated by one principal Ph.D. researcher. Please find below the contact details of the researcher and the Supervisors.

Principal Researcher

Aakanksha Saha : aakanksha.saha@seclab.wien

Supervisors

Martina Lindorfer: martina.lindorfer@tuwien.ac.at

Daniel Votipka: dvotipka@cs.tufts.edu

Lorenzo Cavallaro: l.cavallaro@ucl.ac.uk

Jorge Blasco : jorge.blasco.alis@upm.es