David Schmidt

My name is David Schmidt. I am a PhD student in the Security and Privacy Research Group at the University of Vienna. Working with Sebastian Schrittwieser in the CD-Lab AsTra on the assurance and transparency in software protection. Formerly, at the Security and Privacy Research Unit at TU Wien.
My research interest is system security, particularly mobile security and privacy.

Contact

d.schmidt@univie.ac.at
LinkedIn
Google Scholar
Portrait of David Schmidt

Publications

  • Context Matters: Repository-Aware Security Analysis of the Agent Skill Ecosystem

    Florian Holzbauer, David Schmidt, Gabriel K. Gegenhuber, Sebastian Schrittwieser, Johanna Ullrich
    ACM CAIS 2026 Workshop AgentSkills, 2026
    Best Paper Award
    Paper Link Slides Poster Artifact
    @inproceedings{holzbauer:2026:context, title = {{Context Matters: Repository-Aware Security Analysis of the Agent Skill Ecosystem}}, author = {Florian Holzbauer and David Schmidt and Gabriel K. Gegenhuber and Sebastian Schrittwieser and Johanna Ullrich}, booktitle = {ACM CAIS 2026 Workshop AgentSkills}, year = {2026}, }

  • SaMBA: Increasing Mixed Boolean-Arithmetic Complexity Through Equality Saturation

    Caroline König, David Schmidt, Philip König, Patrick Felbauer, Sebastian Schrittwieser
    ACM Asia Conference on Computer and Communications Security (ASIACCS), 2026
    Paper Slides Artifact
    @inproceedings{koenig:2026:samba, title = {{SaMBA: Increasing Mixed Boolean-Arithmetic Complexity Through Equality Saturation}}, author = {König, Caroline and Schmidt, David and König, Philip and Felbauer, Patrick and Schrittwieser, Sebastian}, booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS)}, year = {2026}, }

  • Replay - Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps

    David Schmidt, Sebastian Schrittwieser
    Workshop on Research on Offensive and Defensive Techniques in the Context of Man At The End (MATE) Attacks (CheckMATE), 2025
    Paper Slides Artifact
    @inproceedings{schmidt:2025:replay, title = {{Replay - Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps}}, author = {Schmidt, David and Schrittwieser, Sebastian}, booktitle = {Proceedings of the 2025 Workshop on Research on Offensive and Defensive Techniques in the Context of Man At The End (MATE) Attacks (CheckMATE)}, doi = {10.1145/3733817.3765609}, year = {2025}, }

  • Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps

    David Schmidt, Sebastian Schrittwieser, Edgar Weippl
    ACM Conference on Computer and Communications Security (CCS), 2025
    Distinguished Paper Award
    Paper Slides Artifact
    @inproceedings{schmidt:2025:app_secrets, title = {{Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps}}, author = {Schmidt, David and Schrittwieser, Sebastian and Weippl, Edgar}, booktitle = {Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, doi = {10.1145/3719027.3765033}, year = {2025}, }

  • Analyzing the iOS Local Network Permission from a Technical and User Perspective

    David Schmidt, Alexander Ponticello, Magdalena Steinböck, Katharina Krombholz, Martina Lindorfer
    IEEE Symposium on Security and Privacy (S&P), 2025
    Paper Link Slides Poster Artifact
    @inproceedings{schmidt:2025:local_network, title = {{Analyzing the iOS Local Network Permission from a Technical and User Perspective}}, author = {Schmidt, David and Ponticello, Alexander and Steinböck, Magdalena and Krombholz, Katharina and Lindorfer, Martina}, booktitle = {Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P)}, year = {2025}, doi = {10.1109/SP61157.2025.00045} }

  • IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis

    David Schmidt, Carlotta Tagliaro, Kevin Borgolte, Martina Lindorfer
    ACM Conference on Computer and Communications Security (CCS), 2023
    Paper Link Slides Artifact
    @inproceedings{schmidt:ccs2023:iotflow, title={{IoTFlow: Inferring IoT Device Behavior at Scalre through Static Mobile Companion App Analysis}}, author={Schmidt, David and Tagliaro, Carlotta and Borgolte, Kevind and Lindorfer, Martina}, year={2023}, booktitle={Proceedings of the ACM Conference on Computer and Communications Security (CCS)}, doi = {10.1145/3576915.3623211} }

Awards

  • Best Paper Award, 2026
    Context Matters: Repository-Aware Security Analysis of the Agent Skill Ecosystem
  • netidee Stipendium, 2025
    For my dissertation: Hidden Dangers: Uncovering Security and Privacy Risks through Large-scale Mobile App Analysis
  • Distinguished Paper Award, 2025
    Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps