Universitätsprofessor (W3) / Lehrstuhlinhaber

Technische Universität Darmstadt, Fachbereich Informatik,
Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Pankratiusstraße 2, 64289 Darmstadt, Raum 108

E-Mail: reuter(at)peasec.tu-darmstadt.de | Web: www.chreu.de
Telefon:
+49 (0) 6151 / 1620941 | Sekretariat: +49 (0) 6151 / 162094-0/-8

Online-Profile: Google Scholar | dblp | ORCID

CV (de)

Prof. Dr. Dr. Christian Reuter ist Universitätsprofessor und Dekan am Fachbereich Informatik der Technischen Universität Darmstadt. Sein Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) verbindet Informatik mit Friedens- und Sicherheitsforschung. Er hält Doktorgrade in Wirtschaftsinformatik (Siegen) sowie in Sicherheitspolitik (Nijmegen). Mit einem Fokus auf Cybersicherheit und -Privatheit, Friedens- und Konfliktforschung sowie Mensch-Computer-Interaktion adressiert er und sein Team die Themenfelder Friedensinformatik, Kriseninformatik und Informationskrieg sowie Benutzbare Sicherheit und Privatheit.

Christian Reuter studierte an der Universität Siegen und der École Supérieure de Commerce de Dijon (Dipl.-Wirt.Inf.; M.Sc.) und arbeitete anschließend als IT-Consultant. Er promovierte in Wirtschaftsinformatik an der Universität Siegen (Technologiedesign für (inter-)organisationales Krisenmanagement) sowie in Sicherheitspolitik an der Radboud Universiteit Nijmegen (Soziale Medien für die Öffentliche Sicherheit). Nach Rufen mehrerer Universitäten wurde er 2017 zum Universitätsprofessor an der Technischen Universität Darmstadt ernannt. Er ist Mitglied des Fachbereichs Informatik, dem er seit 2021 als Dekan/Prodekan vorsteht, und Zweitmitglied des Fachbereichs Gesellschafts- und Geschichtswissenschaften.

Seine oft interdisziplinäre Forschung wird regelmäßig ausgezeichnet, hat mehr als 350 wissenschaftlichen Publikationen hervorgebracht und fand Erwähnung in verschiedensten Medien (u.a. ARD, FAZ, ZEIT). Zusammen mit seinem Team koordiniert er Forschungsprojekte (z.B. BMBF, DFG, EU). Er engagiert sich in der Universität (z.B. als Dekan, als Profilthemensprecher, in Fachbereichsrat, Prüfungskommission, in Berufungs- und Promotionskommissionen, in der Ethikkommission), in Großprojekten (z.B. als ATHENE-Forschungsbereichsleiter oder DFG-SFB-Direktoriumsmitglied), in Fachgesellschaften (z.B. Gesellschaft für Informatik, verschiedene Beiräte) sowie als Hauptorganisator wissenschaftlicher Konferenzen (z.B. Mensch und Computer ‘22, Science Peace Security ’19 und ’23) und in wissenschaftlichen Herausgebergremien (z.B. Behaviour & Information Technology). Als IT-Unternehmer realisiert er seit 2002 Web-Projekte.

CV (en)

Prof. Dr. Dr. Christian Reuter is Full Professor and Dean of the Department of Computer Science at Technical University of Darmstadt. His chair of Science and Technology for Peace and Security (PEASEC) combines computer science with peace and security research. He holds a Ph.D. in Information Systems (University of Siegen) and another Ph.D. in the Politics of Safety and Security (Radboud University Nijmegen). On the intersection of (A) Cyber Security and Privacy, (B) Peace and Conflict Studies as well as (C) Human-Computer Interaction, he and his team specifically address (1) Peace Informatics and technical Peace Research, (2) Crisis Informatics and Information Warfare as well as (3) Usable Safety, Security and Privacy.

Christian Reuter studied Information Systems at the University of Siegen, Germany and the École Supérieure de Commerce de Dijon, France (Dipl.-Wirt.Inf.; M.Sc.) and worked as an IT consultant. He holds a Ph.D. in Information Systems from University of Siegen (Technology Design for Inter-Organizational Crisis Management) and a Ph.D. in Public Administration and Political Science, esp. Security Policy from Radboud University Nijmegen (Social Media for Public Safety and Security). After receiving offers from several universities, he was appointed as professor at Technical University of Darmstadt in 2017. He is a member of the Department of Computer Science, which he has headed as dean/vice-dean since 2021 and secondary member of the Department of History and Social Sciences.

His often interdisciplinary research is regularly awarded, has resulted in more than 350 scientific publications and is mentioned in various media (e.g. ARD, FAZ, ZEIT). He and his team manage national and international research projects. He engages at the university (e.g., as dean, as profile area coordinator, in faculty council, examination committee, numerous appointment and doctoral committees, ethics committee), in major projects (e.g. als board member of a DFG Collaborative Research Center or ATHENE research coordinator), in scientific societies (e.g. German Informatics Society, several boards) as well as general chair of scientific conferences (e.g. Mensch und Computer ‘22, Science Peace Security ’19 and ’23) and in editorial boards (e.g., Behaviour & Information Technology). As a web entrepreneur, he realizes web projects since 2002.

Fotos

Profilfoto: mittel | groß | PEASEC-Logo: klein | mittel | groß | Vektor

Alternativen:

Positionen

Fachbereiche:

Großprojekte:

Kommissionen:

  • Fachbereichsrat (Mitglied, 2021-2025, Vorsitzender, 2023-2025)
  • Ethikkommission (stv. Vorsitzender, 2017-2021, komm. Vorsitzender 2020-2021)
  • Prüfungskommission Informatik (Mitglied, 2019-2022)
  • Promotionsausschuss (Vorsitzender, 2022-2025)
  • div. Promotionskommissionen (Mitglied und Vorsitzender, 2018-)
  • div. Habilitationskommission (Mitglied, 2017-)
  • div. TU-Berufungskomissionen (z.B. W3 Digital Humanities, W3 Friedens- und Konfliktforschung, W3 Computernetze und Verteilte Systeme, W2 Naturwissenschaftliche Friedensforschung, W3 Friedens- und Konfliktforschung: transnationale Akteure) (Mitglied)
  • div. TU-Berufungskomissionen (z.B. W2TT Mensch-Computer-Interaktion, IRG Natural Language Processing, W1 Mobile Mensch-Computer-Interaktion) (Vorsitzender)
  • div. externe Berufungskommissionen (z.B. Hamburg, Lübeck, Münster, Wuppertal) (Mitglied und Gutachter)

Weitere TU-interne Mitgliedschaften:

Weitere externe Mitgliedschaften:

Publikationen

Auswahl

Bücher / Books

  • Christian Reuter (2024)
    Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{reuter_information_2024,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2024},
    keywords = {Selected, Security, Peace, Infrastructure, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-TraCe},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    Nijmegen: The Radboud University Thesis Repository.
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022-1,
    address = {Nijmegen},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    url = {https://repository.ubn.ru.nl/handle/2066/253000},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    publisher = {The Radboud University Thesis Repository},
    author = {Reuter, Christian},
    year = {2022},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Christian Reuter (2021)
    Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage)
    2 ed. Wiesbaden: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

    @book{reuter_sicherheitskritische_2021,
    address = {Wiesbaden},
    edition = {2},
    title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    isbn = {978-3-658-32795-8},
    url = {https://www.springer.com/de/book/9783658327941},
    abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, HCI, Selected, SocialMedia, UsableSec, Security, Projekt-KontiKat, Peace, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Christian Reuter (2019)
    Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg. doi:10.1007/978-3-658-25652-4
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.

    @book{reuter_information_2019-1,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4},
    keywords = {Crisis, Selected, Security, Peace, Infrastructure, Projekt-CRISP, Projekt-DualUse, RSF, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-MAKI},
    }

  • Christian Reuter (2014)
    Emergent Collaboration Infrastructures: Technology Design for Inter-Organizational Crisis Management (Ph.D. Thesis)
    University of Siegen, Institute for Information Systems, Germany: Springer Gabler. doi:10.1007/978-3-658-08586-5
    [BibTeX] [Abstract] [Download PDF]

    Using the domain of crisis management, Christian Reuter explores challenges and opportunities for technology design in emergent environments. He therefore empirically analyzes collaborative work in inter-organizational crisis – such as the police, fire departments, energy network operators and citizens – in order to identify collaboration practices that reveal work infrastructure limitations. He also designs, implements and evaluates novel concepts and ICT artifacts towards the support of emergent collaboration. Besides the discovery of potential organizational effects on the ability to deal with emergence he presents methodological implications for technology design.

    @book{reuter_emergent_2014,
    address = {University of Siegen, Institute for Information Systems, Germany},
    title = {Emergent {Collaboration} {Infrastructures}: {Technology} {Design} for {Inter}-{Organizational} {Crisis} {Management} ({Ph}.{D}. {Thesis})},
    isbn = {978-3-658-08585-8},
    url = {http://www.springer.com/springer+gabler/bwl/wirtschaftsinformatik/book/978-3-658-08585-8},
    abstract = {Using the domain of crisis management, Christian Reuter explores challenges and opportunities for technology design in emergent environments. He therefore empirically analyzes collaborative work in inter-organizational crisis – such as the police, fire departments, energy network operators and citizens – in order to identify collaboration practices that reveal work infrastructure limitations. He also designs, implements and evaluates novel concepts and ICT artifacts towards the support of emergent collaboration. Besides the discovery of potential organizational effects on the ability to deal with emergence he presents methodological implications for technology design.},
    publisher = {Springer Gabler},
    author = {Reuter, Christian},
    year = {2014},
    doi = {10.1007/978-3-658-08586-5},
    note = {Backup Publisher: University of Siegen},
    keywords = {HCI, Projekt-InfoStrom, Selected, SocialMedia, Projekt-EmerGent, UsableSec, Infrastructure, AuswahlUsableSec, Dissertation},
    }

    Begutachtete Zeitschriften / Peer-reviewed Journals

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2023)
    A Survey on Data Augmentation for Text Classification
    ACM Computing Surveys (CSUR) ;55(7):1–39. doi:10.1145/3544558
    [BibTeX] [Abstract] [Download PDF]

    Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.

    @article{bayer_survey_2023,
    title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
    volume = {55},
    url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
    doi = {10.1145/3544558},
    abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
    number = {7},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--39},
    }

  • Tom Biselli, Enno Steinbrink, Franziska Herbert, Gina Maria Schmidbauer-Wolf, Christian Reuter (2022)
    On the Challenges of Developing a Concise Questionnaire to Identify Privacy Personas
    Proceedings on Privacy Enhancing Technologies (PoPETs) (4):645–669. doi:10.56553/popets-2022-0126
    [BibTeX] [Abstract] [Download PDF]

    Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.

    @article{biselli_challenges_2022,
    title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
    url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
    doi = {10.56553/popets-2022-0126},
    abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
    number = {4},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec, Projekt-GRKPrivacy},
    pages = {645--669},
    }

  • Tom Biselli, Laura Utz, Christian Reuter (2024)
    Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners
    Proceedings on Privacy Enhancing Technologies (PoPETs) (1):171–191. doi:https://doi.org/10.56553/popets-2024-0011
    [BibTeX] [Abstract] [Download PDF]

    Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.

    @article{biselli_supporting_2024,
    title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
    url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
    doi = {https://doi.org/10.56553/popets-2024-0011},
    abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
    number = {1},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, Student, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, AuswahlUsableSec},
    pages = {171--191},
    }

  • Jonas Franken, Thomas Reinhold, Lilian Reichert, Christian Reuter (2022)
    The Digital Divide in State Vulnerability to Submarine Communications Cable Failure
    International Journal of Critical Infrastructure Protection (IJCIP) ;38(100522):1–15. doi:10.1016/j.ijcip.2022.100522
    [BibTeX] [Abstract] [Download PDF]

    The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.

    @article{franken_digital_2022,
    title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
    volume = {38},
    url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
    doi = {10.1016/j.ijcip.2022.100522},
    abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
    number = {100522},
    journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
    author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Selected, Student, Security, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio},
    pages = {1--15},
    }

  • Steffen Haesler, Stefka Schmid, Annemike Sophia Vierneisel, Christian Reuter (2021)
    Stronger Together: How Neighborhood Groups Build up a Virtual Network during the COVID-19 Pandemic
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2).
    [BibTeX] [Abstract] [Download PDF]

    During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.

    @article{haesler_stronger_2021,
    title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
    volume = {5},
    url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
    abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Katrin Hartwig, Christian Reuter (2022)
    Nudging Users Towards Better Security Decisions in Password Creation Using Whitebox-based Multidimensional Visualizations
    Behaviour & Information Technology (BIT) ;41(7):1357–1380. doi:10.1080/0144929X.2021.1876167
    [BibTeX] [Abstract] [Download PDF]

    Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.

    @article{hartwig_nudging_2022,
    title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
    volume = {41},
    url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
    doi = {10.1080/0144929X.2021.1876167},
    abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
    number = {7},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec},
    pages = {1357--1380},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2023)
    Preparedness Nudging for Warning Apps? A Mixed-Method Study Investigating Popularity and Effects of Preparedness Alerts in Warning Apps
    International Journal on Human-Computer Studies (IJHCS) ;172:102995. doi:https://doi.org/10.1016/j.ijhcs.2023.102995
    [BibTeX] [Abstract] [Download PDF]

    Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.

    @article{haunschild_preparedness_2023,
    title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
    volume = {172},
    issn = {1071-5819},
    url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
    doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
    abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, Student, A-Paper, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {102995},
    }

  • Marc-André Kaufhold, Nicola Rupp, Christian Reuter, Matthias Habdank (2020)
    Mitigating Information Overload in Social Media during Conflicts and Crises: Design and Evaluation of a Cross-Platform Alerting System
    Behaviour & Information Technology (BIT) ;39(3):319–342. doi:10.1080/0144929X.2019.1620334
    [BibTeX] [Abstract] [Download PDF]

    The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.

    @article{kaufhold_mitigating_2020,
    title = {Mitigating {Information} {Overload} in {Social} {Media} during {Conflicts} and {Crises}: {Design} and {Evaluation} of a {Cross}-{Platform} {Alerting} {System}},
    volume = {39},
    url = {https://www.tandfonline.com/doi/full/10.1080/0144929X.2019.1620334},
    doi = {10.1080/0144929X.2019.1620334},
    abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.},
    number = {3},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Kaufhold, Marc-André and Rupp, Nicola and Reuter, Christian and Habdank, Matthias},
    year = {2020},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-KontiKat, Projekt-ATHENE-FANCY, AuswahlKaufhold},
    pages = {319--342},
    }

  • Jan Kirchner, Christian Reuter (2020)
    Countering Fake News: A Comparison of Possible Solutions Regarding User Acceptance and Effectiveness
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;4(CSCW2):140:1–140:28. doi:10.1145/3415211
    [BibTeX] [Abstract] [Download PDF]

    Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users‘ needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users‘ preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook’s current approaches (reduced post size and fact-checks in related articles).

    @article{kirchner_countering_2020,
    title = {Countering {Fake} {News}: {A} {Comparison} of {Possible} {Solutions} {Regarding} {User} {Acceptance} and {Effectiveness}},
    volume = {4},
    url = {https://dl.acm.org/doi/10.1145/3415211},
    doi = {10.1145/3415211},
    abstract = {Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users' needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users' preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook's current approaches (reduced post size and fact-checks in related articles).},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Kirchner, Jan and Reuter, Christian},
    year = {2020},
    note = {Place: Austin, USA
    Publisher: ACM},
    keywords = {AuswahlCrisis, Cooperation, Crisis, HCI, Selected, Student, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A},
    pages = {140:1--140:28},
    }

  • Franz Kuntke, Sebastian Linsner, Enno Steinbrink, Jonas Franken, Christian Reuter (2022)
    Resilience in Agriculture: Communication and Energy Infrastructure Dependencies of German Farmers
    International Journal of Disaster Risk Science (IJDRS) ;13(2):214–229. doi:10.1007/s13753-022-00404-7
    [BibTeX] [Abstract] [Download PDF]

    Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.

    @article{kuntke_resilience_2022,
    title = {Resilience in {Agriculture}: {Communication} and {Energy} {Infrastructure} {Dependencies} of {German} {Farmers}},
    volume = {13},
    issn = {2192-6395},
    url = {https://link.springer.com/article/10.1007/s13753-022-00404-7},
    doi = {10.1007/s13753-022-00404-7},
    abstract = {Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.},
    number = {2},
    journal = {International Journal of Disaster Risk Science (IJDRS)},
    author = {Kuntke, Franz and Linsner, Sebastian and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
    month = apr,
    year = {2022},
    keywords = {Selected, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, RSF, Projekt-GeoBox, Projekt-GRKPrivacy, Projekt-HyServ, Projekt-AgriRegio},
    pages = {214--229},
    }

  • Sebastian Linsner, Franz Kuntke, Enno Steinbrink, Jonas Franken, Christian Reuter (2021)
    The Role of Privacy in Digitalization – Analysing the German Farmers‘ Perspective
    Proceedings on Privacy Enhancing Technologies (PoPETs) ;2021(3):334–350. doi:10.2478/popets-2021-0050
    [BibTeX] [Abstract] [Download PDF]

    Technological progress can disrupt domains and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk. Having insight into the business data of others along the supply chain provides an advantage in terms of market position. This is particularly true in agriculture, where there is already a significant imbalance of power between actors. A multitude of small and medium-sized farming businesses are opposed by large upstream and downstream players that drive technological innovation. Further weakening the market position of farmers could lead to severe consequences for the entire sector. We found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other hand, privacy itself influences adoption of digital tools. Our study sheds light on the emerging challenges for farmers and the role of privacy in the process of digitalization in agriculture.

    @article{linsner_role_2021,
    title = {The {Role} of {Privacy} in {Digitalization} – {Analysing} the {German} {Farmers}' {Perspective}},
    volume = {2021},
    url = {https://www.petsymposium.org/2021/files/papers/issue3/popets-2021-0050.pdf},
    doi = {10.2478/popets-2021-0050},
    abstract = {Technological progress can disrupt domains
    and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers
    that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data
    itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and
    consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk.
    Having insight into the business data of others along the
    supply chain provides an advantage in terms of market
    position. This is particularly true in agriculture, where
    there is already a significant imbalance of power between actors. A multitude of small and medium-sized
    farming businesses are opposed by large upstream and
    downstream players that drive technological innovation.
    Further weakening the market position of farmers could
    lead to severe consequences for the entire sector. We
    found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other
    hand, privacy itself influences adoption of digital tools.
    Our study sheds light on the emerging challenges for
    farmers and the role of privacy in the process of digitalization in agriculture.},
    number = {3},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Linsner, Sebastian and Kuntke, Franz and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, AuswahlUsableSec, Projekt-GeoBox, Projekt-GRKPrivacy, Projekt-HyServ},
    pages = {334--350},
    }

  • Thomas Reinhold, Philipp Kuehn, Daniel Günther, Thomas Schneider, Christian Reuter (2023)
    ExTRUST: Reducing Exploit Stockpiles With a Privacy-Preserving Depletion Systems for Inter-State Relationships
    IEEE Transactions on Technology and Society ;4(2):158–170. doi:10.1109/TTS.2023.3280356
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.

    @article{reinhold_extrust_2023,
    title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
    volume = {4},
    url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
    doi = {10.1109/TTS.2023.3280356},
    abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
    number = {2},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Selected, Student, A-Paper, Peace, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    pages = {158--170},
    }

  • Christian Reuter, Amanda Lee Hughes, Marc-André Kaufhold (2018)
    Social Media in Crisis Management: An Evaluation and Analysis of Crisis Informatics Research
    International Journal on Human-Computer Interaction (IJHCI) ;34(4):280–294. doi:10.1080/10447318.2018.1427832
    [BibTeX] [Abstract] [Download PDF]

    Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.

    @article{reuter_social_2018,
    title = {Social {Media} in {Crisis} {Management}: {An} {Evaluation} and {Analysis} of {Crisis} {Informatics} {Research}},
    volume = {34},
    url = {http://www.peasec.de/paper/2018/2018_ReuterHughesKaufhold_SocialMediaCrisisManagementEvaluation_IJHCI.pdf},
    doi = {10.1080/10447318.2018.1427832},
    abstract = {Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.},
    number = {4},
    journal = {International Journal on Human-Computer Interaction (IJHCI)},
    author = {Reuter, Christian and Hughes, Amanda Lee and Kaufhold, Marc-André},
    year = {2018},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-WKWI-B, Projekt-KontiKat, Peace, Ranking-CORE-B},
    pages = {280--294},
    }

  • Christian Reuter, Thomas Ludwig, Volkmar Pipek (2014)
    Ad Hoc Participation in Situation Assessment: Supporting Mobile Collaboration in Emergencies
    ACM Transactions on Computer-Human Interaction (TOCHI) ;21(5):1–26. doi:10.1145/2651365
    [BibTeX] [Abstract] [Download PDF]

    Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs‘ in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.

    @article{reuter_ad_2014,
    title = {Ad {Hoc} {Participation} in {Situation} {Assessment}: {Supporting} {Mobile} {Collaboration} in {Emergencies}},
    volume = {21},
    url = {http://www.wineme.uni-siegen.de/paper/2014/2014_reuterludwigpipek_adhocparticipation_tochi.pdf},
    doi = {10.1145/2651365},
    abstract = {Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs' in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.},
    number = {5},
    journal = {ACM Transactions on Computer-Human Interaction (TOCHI)},
    author = {Reuter, Christian and Ludwig, Thomas and Pipek, Volkmar},
    month = nov,
    year = {2014},
    note = {Publisher: ACM},
    keywords = {Cooperation, Crisis, HCI, Projekt-InfoStrom, Selected, UsableSec, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Ranking-VHB-B, Ranking-WKWI-A, AuswahlUsableSec},
    pages = {1--26},
    }

  • Christian Reuter, Alexandra Marx, Volkmar Pipek (2012)
    Crisis Management 2.0: Towards a Systematization of Social Software Use in Crisis Situations
    International Journal of Information Systems for Crisis Response and Management (IJISCRAM) ;4(1):1–16. doi:10.4018/jiscrm.2012010101
    [BibTeX] [Abstract] [Download PDF]

    The contribution of this paper is to propose a systematization of social software use in crisis situations pointing out different types of cooperation and its challenges. We will discuss how the organizational actors involved in crisis management (police, fire-fighters, organizations etc.) and the affected citizens are communicating and can communicate and collaborate through the use of social software. After defining the term ‘social software‘ we will outline the state-of-the-art about its use in crisis management. Drawing from this, we will present two case studies where we have examined the use of social software in 2010: first during the disruption of air travel caused by the eruptions of the volcano Eyjafjallajökull in Iceland and second during the mass panic at the Love Parade music festival in Germany. Based on both previous work and case studies we will discuss potentials and weaknesses and propose a classification matrix for different types of cooperation as a step towards a systematization of social software use in crisis situations.

    @article{reuter_crisis_2012,
    title = {Crisis {Management} 2.0: {Towards} a {Systematization} of {Social} {Software} {Use} in {Crisis} {Situations}},
    volume = {4},
    url = {http://www.peasec.de/paper/2012/2012_ReuterMarxPipek_CrisisManagement20-SystematizationSocialSoftware_IJISCRAM.pdf},
    doi = {10.4018/jiscrm.2012010101},
    abstract = {The contribution of this paper is to propose a systematization of social software use in crisis situations pointing out different types of cooperation and its challenges. We will discuss how the organizational actors involved in crisis management (police, fire-fighters, organizations etc.) and the affected citizens are communicating and can communicate and collaborate through the use of social software. After defining the term ‘social software' we will outline the state-of-the-art about its use in crisis management. Drawing from this, we will present two case studies where we have examined the use of social software in 2010: first during the disruption of air travel caused by the eruptions of the volcano Eyjafjallajökull in Iceland and second during the mass panic at the Love Parade music festival in Germany. Based on both previous work and case studies we will discuss potentials and weaknesses and propose a classification matrix for different types of cooperation as a step towards a systematization of social software use in crisis situations.},
    number = {1},
    journal = {International Journal of Information Systems for Crisis Response and Management (IJISCRAM)},
    author = {Reuter, Christian and Marx, Alexandra and Pipek, Volkmar},
    year = {2012},
    keywords = {AuswahlCrisis, Cooperation, Crisis, HCI, Projekt-InfoStrom, Selected, SocialMedia, Student, Projekt-RSBE},
    pages = {1--16},
    }

  • Christian Reuter, Marc-André Kaufhold, Thomas Spielhofer, Anna Sophie Hahne (2017)
    Social Media in Emergencies: A Representative Study on Citizens‘ Perception in Germany
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;1(2):1–19. doi:10.1145/3134725
    [BibTeX] [Abstract] [Download PDF]

    The value of social media in crises, disasters, and emergencies across different events (e.g. floods, storms, terroristic attacks), countries, and for heterogeneous participants (e.g. citizens, emergency services) is now well-attested. Existing work has examined the potentials and weaknesses of its use during specific events. Fewer studies, however, have focused on citizens‘ perceptions of social media in emergencies, and none have deployed a representative sample to examine this. We present the results of the first representative study on citizens‘ perception of social media in emergencies that we have conducted in Germany. Our study highlights, for example, that around half (45\%) of people have used social media during an emergency to share and / or look for information. In contrast, false rumours on social media (74\%) are perceived as a threat. Moreover, only a minority of people have downloaded a smartphone app for emergencies (16\%), with the most popular ones‘ weather and first aid apps.

    @article{reuter_social_2017-1,
    title = {Social {Media} in {Emergencies}: {A} {Representative} {Study} on {Citizens}' {Perception} in {Germany}},
    volume = {1},
    url = {http://www.peasec.de/paper/2017/2017_ReuterKaufholdSpielhoferHahne_SocialMediaEmergenciesGermany_CSCW.pdf},
    doi = {10.1145/3134725},
    abstract = {The value of social media in crises, disasters, and emergencies across different events (e.g. floods, storms, terroristic attacks), countries, and for heterogeneous participants (e.g. citizens, emergency services) is now well-attested. Existing work has examined the potentials and weaknesses of its use during specific events. Fewer studies, however, have focused on citizens' perceptions of social media in emergencies, and none have deployed a representative sample to examine this. We present the results of the first representative study on citizens' perception of social media in emergencies that we have conducted in Germany. Our study highlights, for example, that around half (45\%) of people have used social media during an emergency to share and / or look for information. In contrast, false rumours on social media (74\%) are perceived as a threat. Moreover, only a minority of people have downloaded a smartphone app for emergencies (16\%), with the most popular ones' weather and first aid apps.},
    number = {2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Reuter, Christian and Kaufhold, Marc-André and Spielhofer, Thomas and Hahne, Anna Sophie},
    year = {2017},
    note = {Place: New York, USA},
    keywords = {Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, A-Paper, Ranking-CORE-A, Ranking-WKWI-B, Projekt-KontiKat},
    pages = {1--19},
    }

  • Christian Reuter, Marc-André Kaufhold, Stefka Schmid, Thomas Spielhofer, Anna Sophie Hahne (2019)
    The Impact of Risk Cultures: Citizens‘ Perception of Social Media Use in Emergencies across Europe
    Technological Forecasting and Social Change (TFSC) ;148(119724):1–17. doi:10.1016/j.techfore.2019.119724
    [BibTeX] [Abstract] [Download PDF]

    Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants‘ frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.

    @article{reuter_impact_2019,
    title = {The {Impact} of {Risk} {Cultures}: {Citizens}' {Perception} of {Social} {Media} {Use} in {Emergencies} across {Europe}},
    volume = {148},
    url = {http://www.peasec.de/paper/2019/2019_ReuterKaufholdSchmidSpielhoferHahne_TheImpactofRiskCultures_TFSC.pdf},
    doi = {10.1016/j.techfore.2019.119724},
    abstract = {Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants' frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.},
    number = {119724},
    journal = {Technological Forecasting and Social Change (TFSC)},
    author = {Reuter, Christian and Kaufhold, Marc-André and Schmid, Stefka and Spielhofer, Thomas and Hahne, Anna Sophie},
    year = {2019},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, A-Paper, Ranking-ImpactFactor, Ranking-VHB-B},
    pages = {1--17},
    }

  • Christian Reuter, Thomas Ludwig, Marc-André Kaufhold, Thomas Spielhofer (2016)
    Emergency Services Attitudes towards Social Media: A Quantitative and Qualitative Survey across Europe
    International Journal on Human-Computer Studies (IJHCS) ;95:96–111. doi:10.1016/j.ijhcs.2016.03.005
    [BibTeX] [Abstract] [Download PDF]

    Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent‘ with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.

    @article{reuter_emergency_2016,
    title = {Emergency {Services} {Attitudes} towards {Social} {Media}: {A} {Quantitative} and {Qualitative} {Survey} across {Europe}},
    volume = {95},
    url = {https://peasec.de/paper/2016/2016_ReuterLudwigKaufholdSpielhofer_EmergencyServicesAttiudesSurveySocialMedia_IJHCS.pdf},
    doi = {10.1016/j.ijhcs.2016.03.005},
    abstract = {Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent' with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Spielhofer, Thomas},
    year = {2016},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Ranking-WKWI-B, AuswahlKaufhold},
    pages = {96--111},
    }

  • Christian Reuter, Marc-André Kaufhold (2018)
    Fifteen Years of Social Media in Emergencies: A Retrospective Review and Future Directions for Crisis Informatics
    Journal of Contingencies and Crisis Management (JCCM) ;26(1):41–57. doi:10.1111/1468-5973.12196
    [BibTeX] [Abstract] [Download PDF]

    Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.

    @article{reuter_fifteen_2018,
    title = {Fifteen {Years} of {Social} {Media} in {Emergencies}: {A} {Retrospective} {Review} and {Future} {Directions} for {Crisis} {Informatics}},
    volume = {26},
    url = {http://www.peasec.de/paper/2018/2018_ReuterKaufhold_FifteenYearsSocialMediaEmergencies_JCCM.pdf},
    doi = {10.1111/1468-5973.12196},
    abstract = {Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.},
    number = {1},
    journal = {Journal of Contingencies and Crisis Management (JCCM)},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    year = {2018},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, A-Paper, Ranking-ImpactFactor, Peace, Projekt-KOKOS, AuswahlKaufhold},
    pages = {41--57},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn
    Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.1755787
    [BibTeX] [Abstract] [Download PDF]

    Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.

    @article{riebe_measuring_2021,
    title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
    volume = {32},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
    doi = {10.1080/10242694.2020.1755787},
    abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
    number = {7},
    journal = {Defence and Peace Economics},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {773--785},
    }

  • Sebastian Schwartz, Laura Guntrum, Christian Reuter (2022)
    Vision or Threat – Awareness for Dual-Use in the Development of Autonomous Driving
    IEEE Transactions on Technology and Society ;3(3):163–174. doi:10.1109/TTS.2022.3182310
    [BibTeX] [Abstract] [Download PDF]

    In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.

    @article{schwartz_vision_2022,
    title = {Vision or {Threat} – {Awareness} for {Dual}-{Use} in the {Development} of {Autonomous} {Driving}},
    volume = {3},
    issn = {2637-6415},
    url = {https://www.peasec.de/paper/2022/2022_SchwartzGuntrumReuter_VisionorThreatAwarenessDualUseAutonomousDriving_IEEE-TTS.pdf},
    doi = {10.1109/TTS.2022.3182310},
    abstract = {In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.},
    language = {en},
    number = {3},
    journal = {IEEE Transactions on Technology and Society},
    author = {Schwartz, Sebastian and Guntrum, Laura and Reuter, Christian},
    year = {2022},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Projekt-ATHENE-FANCY, Projekt-TraCe},
    pages = {163--174},
    }

    Publikationen in Konferenzbänden / Peer-reviewed Conference Papers

  • Laura Guntrum (2024)
    Keyboard Fighters: The Use of ICTs by Activists in Times of Military Coup in Myanmar
    Proceedings of the CHI Conference on Human Factors in Computing Systems New York, NY, USA. doi:10.1145/3613904.3642279
    [BibTeX] [Abstract] [Download PDF]

    Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.

    @inproceedings{guntrum_keyboard_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {Keyboard {Fighters}: {The} {Use} of {ICTs} by {Activists} in {Times} of {Military} {Coup} in {Myanmar}},
    isbn = {9798400703300},
    url = {https://doi.org/10.1145/3613904.3642279},
    doi = {10.1145/3613904.3642279},
    abstract = {Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.},
    booktitle = {Proceedings of the {CHI} {Conference} on {Human} {Factors} in {Computing} {Systems}},
    publisher = {Association for Computing Machinery},
    author = {Guntrum, Laura},
    year = {2024},
    keywords = {HCI, Selected, A-Paper, Ranking-CORE-A*, Peace, Projekt-TraCe, Projekt-ATHENE},
    }

  • Katrin Hartwig, Tom Biselli, Franziska Schneider, Christian Reuter (2024)
    From Adolescents‘ Eyes: Assessing an Indicator-Based Intervention to Combat Misinformation on TikTok
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) New York, NY, USA. doi:10.1145/3613904.3642264
    [BibTeX] [Abstract] [Download PDF]

    Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.

    @inproceedings{hartwig_adolescents_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
    isbn = {9798400703300},
    url = {https://doi.org/10.1145/3613904.3642264},
    doi = {10.1145/3613904.3642264},
    abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
    engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
    teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {Association for Computing Machinery},
    author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
    year = {2024},
    keywords = {AuswahlCrisis, HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-NEBULA, Projekt-ATHENE-PriVis},
    }

  • Marc-André Kaufhold, Thea Riebe, Markus Bayer, Christian Reuter (2024)
    ‚We Do Not Have the Capacity to Monitor All Media‘: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response Teams
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) (Best Paper Award) New York, NY, USA. doi:10.1145/3613904.3642368
    [BibTeX] [Abstract] [Download PDF]

    Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.

    @inproceedings{kaufhold_we_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
    isbn = {9798400703300},
    url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
    doi = {10.1145/3613904.3642368},
    abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
    publisher = {Association for Computing Machinery},
    author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

  • Christian Reuter, Oliver Heger, Volkmar Pipek (2013)
    Combining Real and Virtual Volunteers through Social Media
    Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) Baden-Baden, Germany.
    [BibTeX] [Abstract] [Download PDF]

    Recent studies have called attention to the improvement of “collaborative resilience” by fostering the collaboration potentials of public and private stakeholders during disasters. With our research we consider real and virtual volunteers in order to detect conditions for cooperation among those citizen groups through social media. Therefore we analysed the usage of Twitter during a tornado crisis to look for role patterns and aspects that helped volunteer groups in the virtual to emerge, and matched the data with an interview study on experiences, attitudes, concerns and potentials professional emergency services recounted in the emergence of volunteer groups in the real. While virtual groups seem to easily form and collaborate, the engagement of real volunteers is decreasing according to the perception of professionals. We discuss the dynamics in both tendencies and suggest design implications (use of existing social networks, promotion and awareness, connection among volunteers, connection to emergency services and systems) to support both types of volunteer groups, which lead to a software prototype.

    @inproceedings{reuter_combining_2013,
    address = {Baden-Baden, Germany},
    title = {Combining {Real} and {Virtual} {Volunteers} through {Social} {Media}},
    url = {http://www.peasec.de/paper/2013/2013_ReuterHegerPipek_RealVirtualVolunteersSocialMedia_ISCRAM.pdf},
    abstract = {Recent studies have called attention to the improvement of “collaborative resilience” by fostering the collaboration potentials of public and private stakeholders during disasters. With our research we consider real and virtual volunteers in order to detect conditions for cooperation among those citizen groups through social media. Therefore we analysed the usage of Twitter during a tornado crisis to look for role patterns and aspects that helped volunteer groups in the virtual to emerge, and matched the data with an interview study on experiences, attitudes, concerns and potentials professional emergency services recounted in the emergence of volunteer groups in the real. While virtual groups seem to easily form and collaborate, the engagement of real volunteers is decreasing according to the perception of professionals. We discuss the dynamics in both tendencies and suggest design implications (use of existing social networks, promotion and awareness, connection among volunteers, connection to emergency services and systems) to support both types of volunteer groups, which lead to a software prototype.},
    booktitle = {Proceedings of the {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    publisher = {ISCRAM},
    author = {Reuter, Christian and Heger, Oliver and Pipek, Volkmar},
    editor = {Comes, T. and Fiedrich, F. and Fortier, S. and Geldermann, J. and Müller, Tim},
    year = {2013},
    keywords = {AuswahlCrisis, Cooperation, Crisis, HCI, Projekt-InfoStrom, Selected, SocialMedia, Student},
    pages = {780--790},
    }

  • Christian Reuter, Thomas Ludwig, Marc-André Kaufhold, Volkmar Pipek (2015)
    XHELP: Design of a Cross-Platform Social-Media Application to Support Volunteer Moderators in Disasters
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) Seoul, Korea. doi:10.1145/2702123.2702171
    [BibTeX] [Abstract] [Download PDF]

    Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with „digital volunteers“ such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application „XHELP“, which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.

    @inproceedings{reuter_xhelp_2015,
    address = {Seoul, Korea},
    title = {{XHELP}: {Design} of a {Cross}-{Platform} {Social}-{Media} {Application} to {Support} {Volunteer} {Moderators} in {Disasters}},
    url = {http://www.peasec.de/paper/2015/2015_ReuterLudwigKaufholdPipek_XHELP_CHI.pdf},
    doi = {10.1145/2702123.2702171},
    abstract = {Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with "digital volunteers" such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application "XHELP", which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {ACM Press},
    author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Pipek, Volkmar},
    year = {2015},
    keywords = {AuswahlCrisis, Cooperation, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, A-Paper, Ranking-CORE-A*, Ranking-WKWI-A, AuswahlKaufhold},
    pages = {4093--4102},
    }

    nach Jahr

    2024

  • Markus Bayer, Philipp Kuehn, Ramin Shanehsaz, Christian Reuter (2024)
    CySecBERT: A Domain-Adapted Language Model for the Cybersecurity Domain
    ACM Transactions on Privacy and Security (TOPS) ;27(2). doi:10.1145/3652594
    [BibTeX] [Abstract] [Download PDF]

    The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and – ideally – on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.

    @article{bayer_cysecbert_2024,
    title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
    volume = {27},
    issn = {2471-2566},
    url = {https://doi.org/10.1145/3652594},
    doi = {10.1145/3652594},
    abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
    number = {2},
    journal = {ACM Transactions on Privacy and Security (TOPS)},
    author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
    month = apr,
    year = {2024},
    note = {Place: New York, NY, USA
    Publisher: Association for Computing Machinery},
    keywords = {Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CYWARN, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

  • Markus Bayer, Markus Neiczer, Maximilian Samsinger, Björn Buchhold, Christian Reuter (2024)
    XAI-Attack: Utilizing Explainable AI to Find Incorrectly Learned Patterns for Black-Box Adversarial Example Creation
    Proceedings of the 2024 Joint International Conference on Computational Linguistics, Language Resources and Evaluation (LREC-COLING) Torino, Italia.
    [BibTeX] [Abstract] [Download PDF]

    Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method’s potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.

    @inproceedings{bayer_xai-attack_2024,
    address = {Torino, Italia},
    title = {{XAI}-{Attack}: {Utilizing} {Explainable} {AI} to {Find} {Incorrectly} {Learned} {Patterns} for {Black}-{Box} {Adversarial} {Example} {Creation}},
    url = {https://aclanthology.org/2024.lrec-main.1542},
    abstract = {Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method's potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.},
    booktitle = {Proceedings of the 2024 {Joint} {International} {Conference} on {Computational} {Linguistics}, {Language} {Resources} and {Evaluation} ({LREC}-{COLING})},
    publisher = {ELRA and ICCL},
    author = {Bayer, Markus and Neiczer, Markus and Samsinger, Maximilian and Buchhold, Björn and Reuter, Christian},
    month = may,
    year = {2024},
    keywords = {UsableSec, Security, Ranking-CORE-B, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    pages = {17725--17738},
    }

  • Markus Bayer, Christian Reuter (2024)
    ActiveLLM: Large Language Model-based Active Learning for Textual Few-Shot Scenarios
    arXiv .
    [BibTeX] [Abstract] [Download PDF]

    Active learning is designed to minimize annotation efforts by prioritizing instances that most enhance learning. However, many active learning strategies struggle with a ‚cold start‘ problem, needing substantial initial data to be effective. This limitation often reduces their utility for pre-trained models, which already perform well in few-shot scenarios. To address this, we introduce ActiveLLM, a novel active learning approach that leverages large language models such as GPT-4, Llama 3, and Mistral Large for selecting instances. We demonstrate that ActiveLLM significantly enhances the classification performance of BERT classifiers in few-shot scenarios, outperforming both traditional active learning methods and the few-shot learning method SetFit. Additionally, ActiveLLM can be extended to non-few-shot scenarios, allowing for iterative selections. In this way, ActiveLLM can even help other active learning strategies to overcome their cold start problem. Our results suggest that ActiveLLM offers a promising solution for improving model performance across various learning setups.

    @article{bayer_activellm_2024,
    title = {{ActiveLLM}: {Large} {Language} {Model}-based {Active} {Learning} for {Textual} {Few}-{Shot} {Scenarios}},
    url = {https://arxiv.org/pdf/2405.10808},
    abstract = {Active learning is designed to minimize annotation efforts by prioritizing instances that most enhance learning. However, many active learning strategies struggle with a 'cold start' problem, needing substantial initial data to be effective. This limitation often reduces their utility for pre-trained models, which already perform well in few-shot scenarios. To address this, we introduce ActiveLLM, a novel active learning approach that leverages large language models such as GPT-4, Llama 3, and Mistral Large for selecting instances. We demonstrate that ActiveLLM significantly enhances the classification performance of BERT classifiers in few-shot scenarios, outperforming both traditional active learning methods and the few-shot learning method SetFit. Additionally, ActiveLLM can be extended to non-few-shot scenarios, allowing for iterative selections. In this way, ActiveLLM can even help other active learning strategies to overcome their cold start problem. Our results suggest that ActiveLLM offers a promising solution for improving model performance across various learning setups.},
    journal = {arXiv},
    author = {Bayer, Markus and Reuter, Christian},
    year = {2024},
    keywords = {UsableSec, Security, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

  • Markus Bayer (2024)
    Deep Learning in Textual Low-Data Regimes for Cybersecurity
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{bayer_deep_2024,
    address = {Darmstadt, Germany},
    title = {Deep {Learning} in {Textual} {Low}-{Data} {Regimes} for {Cybersecurity}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Bayer, Markus},
    year = {2024},
    keywords = {Security, Projekt-CYWARN, Projekt-CYLENCE, Dissertation, Projekt-ATHENE-CyAware},
    }

  • Tom Biselli, Laura Utz, Christian Reuter (2024)
    Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners
    Proceedings on Privacy Enhancing Technologies (PoPETs) (1):171–191. doi:https://doi.org/10.56553/popets-2024-0011
    [BibTeX] [Abstract] [Download PDF]

    Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.

    @article{biselli_supporting_2024,
    title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
    url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
    doi = {https://doi.org/10.56553/popets-2024-0011},
    abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
    number = {1},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, Student, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, AuswahlUsableSec},
    pages = {171--191},
    }

  • Kilian Demuth, Sebastian Linsner, Tom Biselli, Marc-André Kaufhold, Christian Reuter (2024)
    Support Personas: A Concept for Tailored Support of Users of Privacy-Enhancing Technologies
    Proceedings on Privacy Enhancing Technologies (PoPETs) (4).
    [BibTeX] [Abstract]

    In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.

    @article{demuth_support_2024,
    title = {Support {Personas}: {A} {Concept} for {Tailored} {Support} of {Users} of {Privacy}-{Enhancing} {Technologies}},
    abstract = {In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.},
    number = {4},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Demuth, Kilian and Linsner, Sebastian and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
    year = {2024},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-PriVis},
    }

  • Daniel EberzEder, Franz Kuntke, Christian Reuter, Ansgar Bernardi, Ahmad Kadi, Gerwin Brill, Daniel Martini, Benno Kleinhenz (2024)
    Hybrid Cloud Infrastrukturen – Edge Computing und KI-basierte Anwendungen in der Landwirtschaft für resiliente und effektive Produktions- und Biodiversitätsmaßnahmen
    44. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft .
    [BibTeX] [Abstract] [Download PDF]

    Mobile Erhebung semantisch modellierter Daten und deren Auswertung im Feld durch Hybrid Cloud Computing sind Grundlage des Resilienten Smart Farmings im Projekt GeoBox. Eine skalierbare Architektur und semantische Datenmodellierung ermöglichen Management betrieblicher Software-Container, flexible Anpassung an neue Aufgaben, und die Realisierung einfach nutzbarer externer Services, vorgestellt am Beispiel eines Resistenz-Beratungs-Chatbots und von Blühstreifen als Biodiversitätsmaßnahme.

    @inproceedings{eberz-eder_hybrid_2024,
    title = {Hybrid {Cloud} {Infrastrukturen} - {Edge} {Computing} und {KI}-basierte {Anwendungen} in der {Landwirtschaft} für resiliente und effektive {Produktions}- und {Biodiversitätsmaßnahmen}},
    url = {https://dl.gi.de/handle/20.500.12116/43877,},
    abstract = {Mobile Erhebung semantisch modellierter Daten und deren Auswertung im Feld durch Hybrid Cloud Computing sind Grundlage des Resilienten Smart Farmings im Projekt GeoBox. Eine skalierbare Architektur und semantische Datenmodellierung ermöglichen Management betrieblicher Software-Container, flexible Anpassung an neue Aufgaben, und die Realisierung einfach nutzbarer externer Services, vorgestellt am Beispiel eines Resistenz-Beratungs-Chatbots und von Blühstreifen als Biodiversitätsmaßnahme.},
    booktitle = {44. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Eberz-Eder, Daniel and Kuntke, Franz and Reuter, Christian and Bernardi, Ansgar and Kadi, Ahmad and Brill, Gerwin and Martini, Daniel and Kleinhenz, Benno},
    year = {2024},
    keywords = {UsableSec, Security, RSF, Projekt-GeoBox, Projekt-AgriRegio},
    }

  • Jonas Franken, Christian Reuter (2024)
    Secure Critical Infrastructures
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @incollection{franken_secure_2024,
    address = {Wiesbaden, Germany},
    title = {Secure {Critical} {Infrastructures}},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Franken, Jonas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Infrastructure},
    }

  • Anja-Liisa Gonsior (2024)
    Die intersektionale Perspektive auf letale autonome Waffensysteme: Eine Analyse der Diskurse innerhalb der UN-Waffenkonvention
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) .
    [BibTeX] [Abstract]

    Die Entwicklung letaler (teil)autonomer Waffensysteme (LAWS) gewinnt zunehmend an Bedeutung. Seit 2013 wird das Thema innerhalb der UN Convention on Certain Conventional Weapons zwischen Mitgliedsstaaten, Zivilgesellschaft und Fachexpert*innen diskutiert. Während sich die Debatte zu Beginn stark mit definitorischen Fragen von LAWS auseinandersetzte, so dominieren im Forum derzeit technische und rechtliche Fragen, was sich auch im entsprechenden wissenschaftlichen Diskurs widerspiegelt. Andererseits haben auch zivilgesellschaftliche Akteure den Verhandlungsprozess wesentlich beeinflusst, nicht zuletzt die Campaign to Stop Killer Robots, welche an der Initiierung des Verhandlungsrahmens maßgeblich beteiligt war. Einer der zentralen Argumentationsstränge dieser zivilgesellschaftlichen Akteure konzentriert sich auf eine intersektionale Perspektive, die unter anderem auf Bias in Technologien und Anwendungen aufmerksam macht, und versucht, diese Perspektiven in die GGE zu LAWS einzubringen und zu stärken. Die Analyse von 51 UN-Dokumenten und Gespräche mit Expert*innen zeigen, dass – im Hinblick auf Intersektionalität – insbesondere die Konzepte Gender und Race in den GGE-Diskussionen berücksichtigt werden, wenn auch nur mit geringem Gewicht. NGOs konnten jedoch die Gesamtdebatte beeinflussen und neue Themen einbringen, indem sie an etabliertere Diskurse in der Debatte anknüpften, wie z. B. an rechtliche oder technische Diskurse.

    @article{gonsior_intersektionale_2024,
    title = {Die intersektionale {Perspektive} auf letale autonome {Waffensysteme}: {Eine} {Analyse} der {Diskurse} innerhalb der {UN}-{Waffenkonvention}},
    abstract = {Die Entwicklung letaler (teil)autonomer Waffensysteme (LAWS) gewinnt zunehmend an Bedeutung. Seit 2013 wird das Thema innerhalb der UN Convention on Certain Conventional Weapons zwischen Mitgliedsstaaten, Zivilgesellschaft und Fachexpert*innen diskutiert. Während sich die Debatte zu Beginn stark mit definitorischen Fragen von LAWS auseinandersetzte, so dominieren im Forum derzeit technische und rechtliche Fragen, was sich auch im entsprechenden wissenschaftlichen Diskurs widerspiegelt. Andererseits haben auch zivilgesellschaftliche Akteure den Verhandlungsprozess wesentlich beeinflusst, nicht zuletzt die Campaign to Stop Killer Robots, welche an der Initiierung des Verhandlungsrahmens maßgeblich beteiligt war. Einer der zentralen Argumentationsstränge dieser zivilgesellschaftlichen Akteure konzentriert sich auf eine intersektionale Perspektive, die unter anderem auf Bias in Technologien und Anwendungen aufmerksam macht, und versucht, diese Perspektiven in die GGE zu LAWS einzubringen und zu stärken. Die Analyse von 51 UN-Dokumenten und Gespräche mit Expert*innen zeigen, dass – im Hinblick auf Intersektionalität – insbesondere die Konzepte Gender und Race in den GGE-Diskussionen berücksichtigt werden, wenn auch nur mit geringem Gewicht. NGOs konnten jedoch die Gesamtdebatte beeinflussen und neue Themen einbringen, indem sie an etabliertere Diskurse in der Debatte anknüpften, wie z. B. an rechtliche oder technische Diskurse.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Gonsior, Anja-Liisa},
    year = {2024},
    keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-CyAware},
    }

  • Laura Guntrum (2024)
    Keyboard Fighters: The Use of ICTs by Activists in Times of Military Coup in Myanmar
    Proceedings of the CHI Conference on Human Factors in Computing Systems New York, NY, USA. doi:10.1145/3613904.3642279
    [BibTeX] [Abstract] [Download PDF]

    Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.

    @inproceedings{guntrum_keyboard_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {Keyboard {Fighters}: {The} {Use} of {ICTs} by {Activists} in {Times} of {Military} {Coup} in {Myanmar}},
    isbn = {9798400703300},
    url = {https://doi.org/10.1145/3613904.3642279},
    doi = {10.1145/3613904.3642279},
    abstract = {Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.},
    booktitle = {Proceedings of the {CHI} {Conference} on {Human} {Factors} in {Computing} {Systems}},
    publisher = {Association for Computing Machinery},
    author = {Guntrum, Laura},
    year = {2024},
    keywords = {HCI, Selected, A-Paper, Ranking-CORE-A*, Peace, Projekt-TraCe, Projekt-ATHENE},
    }

  • Laura Guntrum, Christian Reuter (2024)
    Between Internet Shutdowns and Doxing: Examining the Spectrum of Digital Violence Against Social Activists
    TraCe Policy Brief No. 4.
    [BibTeX]

    @misc{guntrum_between_2024,
    title = {Between {Internet} {Shutdowns} and {Doxing}: {Examining} the {Spectrum} of {Digital} {Violence} {Against} {Social} {Activists}},
    urldate = {2024-04-15},
    publisher = {TraCe Policy Brief No. 4},
    author = {Guntrum, Laura and Reuter, Christian},
    year = {2024},
    }

  • Laura Guntrum, Sofía Cerrillo, Christian Reuter (2024)
    Navigating the Pandemic through Technology: Colombian NGOs Promoting Peace during the COVID-19 era
    Peacebuilding & Development .
    [BibTeX] [Abstract]

    This article examines how Colombian NGOs use Information and Communication Technologies (ICTs) for peacebuilding attempts amid the COVID-19 pandemic. Drawing from 17 interviews with NGO members, the study underscores the pivotal role of digital peacebuilding in sustaining and expanding peace attempts, effective data management, and a broader engagement of target groups beyond in-person activities often associated with safety and financial concerns. The findings also identify prevailing challenges of incorporating ICTs in NGO’s peacebuilding activities, ranging from privacy-related concerns to connectivity issues. The article points out the potential for NGOs to enhance interactivity, knowledge transfer, and to diversify their activities, including IT-security training and awareness campaigns on hate speech and propaganda. It also emphasizes the importance of developing risk reduction strategies tailored to the specific needs of different target groups.

    @article{guntrum_navigating_2024,
    title = {Navigating the {Pandemic} through {Technology}: {Colombian} {NGOs} {Promoting} {Peace} during the {COVID}-19 era},
    abstract = {This article examines how Colombian NGOs use Information and Communication Technologies (ICTs) for peacebuilding attempts amid the COVID-19 pandemic. Drawing from 17 interviews with NGO members, the study underscores the pivotal role of digital peacebuilding in sustaining and expanding peace attempts, effective data management, and a broader engagement of target groups beyond in-person activities often associated with safety and financial concerns. The findings also identify prevailing challenges of incorporating ICTs in NGO's peacebuilding activities, ranging from privacy-related concerns to connectivity issues. The article points out the potential for NGOs to enhance interactivity, knowledge transfer, and to diversify their activities, including IT-security training and awareness campaigns on hate speech and propaganda. It also emphasizes the importance of developing risk reduction strategies tailored to the specific needs of different target groups.},
    journal = {Peacebuilding \& Development},
    author = {Guntrum, Laura and Cerrillo, Sofía and Reuter, Christian},
    year = {2024},
    keywords = {Student, Peace, Projekt-TraCe},
    }

  • Steffen Haesler, Christian Reuter (2024)
    Moderne Technologien und Resilienz
    In: Andreas H. Karsten, Stefan Voßschmidt, Uwe Becker: Resilienz und Schockereignisse. Kohlhammer.
    [BibTeX]

    @incollection{haesler_moderne_2024,
    title = {Moderne {Technologien} und {Resilienz}},
    booktitle = {Resilienz und {Schockereignisse}},
    publisher = {Kohlhammer},
    author = {Haesler, Steffen and Reuter, Christian},
    editor = {Karsten, Andreas H. and Voßschmidt, Stefan and Becker, Uwe},
    year = {2024},
    keywords = {UsableSec, Security, Projekt-emergenCITY},
    }

  • Stefen Haesler (2024)
    Citizens in Crises: Behavior, Dependencies, and Technological Support of Digital Self-Organization
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{haesler_citizens_2024,
    address = {Darmstadt, Germany},
    title = {Citizens in {Crises}: {Behavior}, {Dependencies}, and {Technological} {Support} of {Digital} {Self}-{Organization}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Haesler, Stefen},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-emergenCITY, Dissertation},
    }

  • Katrin Hartwig, Frederic Doell, Christian Reuter (2024)
    The Landscape of User-centered Misinformation Interventions – A Systematic Literature Review
    ACM Computing Surveys (CSUR) .
    [BibTeX] [Abstract] [Download PDF]

    Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.

    @article{hartwig_landscape_2024,
    title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
    url = {http://www.peasec.de/paper/2024/2024_Re_Revision_Comput_Surv__SoK_UserInterventionsMisinfo-3.pdf},
    abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Student, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Peace, Projekt-NEBULA},
    }

  • Katrin Hartwig, Tom Biselli, Franziska Schneider, Christian Reuter (2024)
    From Adolescents‘ Eyes: Assessing an Indicator-Based Intervention to Combat Misinformation on TikTok
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) New York, NY, USA. doi:10.1145/3613904.3642264
    [BibTeX] [Abstract] [Download PDF]

    Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.

    @inproceedings{hartwig_adolescents_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
    isbn = {9798400703300},
    url = {https://doi.org/10.1145/3613904.3642264},
    doi = {10.1145/3613904.3642264},
    abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
    engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
    teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {Association for Computing Machinery},
    author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
    year = {2024},
    keywords = {AuswahlCrisis, HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-NEBULA, Projekt-ATHENE-PriVis},
    }

  • Katrin Hartwig, Ruslan Sandler, Christian Reuter (2024)
    Navigating Misinformation in Voice Messages: Identification of User-Centered Features for Digital Interventions
    Risk, Hazards, & Crisis in Public Policy (RHCPP) . doi:10.1002/rhc3.12296
    [BibTeX] [Abstract] [Download PDF]

    Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.

    @article{hartwig_navigating_2024,
    title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
    issn = {1944-4079},
    url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
    doi = {10.1002/rhc3.12296},
    abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
    journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
    author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
    year = {2024},
    note = {Publisher: John Wiley \& Sons, Ltd},
    keywords = {Crisis, HCI, SocialMedia, Student, UsableSec, A-Paper, Ranking-ImpactFactor, Cyberwar, Projekt-NEBULA, Projekt-CYLENCE, Projekt-ATHENE},
    }

  • Katrin Hartwig, Stefka Schmid, Tom Biselli, Helene Pleil, Christian Reuter (2024)
    Misleading Information in Crises: Exploring Content-specific Indicators for Misleading Information on Twitter from a User Perspective
    Behaviour & Information Technology (BIT) .
    [BibTeX] [Abstract]

    Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information, emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This work investigates how content-specific user-centered indicators can contribute to an informed approach to misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm) characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in dealing with misleading information, especially during crises.

    @article{hartwig_misleading_2024,
    title = {Misleading {Information} in {Crises}: {Exploring} {Content}-specific {Indicators} for {Misleading} {Information} on {Twitter} from a {User} {Perspective}},
    abstract = {Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information,
    emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This
    work investigates how content-specific user-centered indicators can contribute to an informed approach to
    misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German
    tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm)
    characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators
    users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants
    qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While
    a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth
    and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for
    people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in
    dealing with misleading information, especially during crises.},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Hartwig, Katrin and Schmid, Stefka and Biselli, Tom and Pleil, Helene and Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-NEBULA, Projekt-ATHENE-PriVis},
    }

  • Katrin Hartwig (2024)
    Navigating Misinformation: User-Centered Design and Evaluation of Indicator-Based Digital Interventions
    Darmstadt, Germany: Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{hartwig_navigating_2024-1,
    address = {Darmstadt, Germany},
    title = {Navigating {Misinformation}: {User}-{Centered} {Design} and {Evaluation} of {Indicator}-{Based} {Digital} {Interventions}},
    publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Hartwig, Katrin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-NEBULA, Dissertation},
    }

  • Jasmin Haunschild, Laura Guntrum, Sofía Cerrillo, Franziska Bujara, Christian Reuter (2024)
    Towards a Digitally Mediated Transitional Justice Process? An Analysis of Colombian Transitional Justice Organisations’ Posting Behaviour on Facebook
    Peace and Conflict Studies ;30(2).
    [BibTeX] [Abstract]

    In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.

    @article{haunschild_towards_2024,
    title = {Towards a {Digitally} {Mediated} {Transitional} {Justice} {Process}? {An} {Analysis} of {Colombian} {Transitional} {Justice} {Organisations}’ {Posting} {Behaviour} on {Facebook}},
    volume = {30},
    abstract = {In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.},
    number = {2},
    journal = {Peace and Conflict Studies},
    author = {Haunschild, Jasmin and Guntrum, Laura and Cerrillo, Sofía and Bujara, Franziska and Reuter, Christian},
    year = {2024},
    keywords = {SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{haunschild_enhancing_2024,
    address = {Darmstadt, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{haunschild_enhancing_2024-1,
    address = {Wiesbaden, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Springer Vieweg},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild, Felix Burger, Christian Reuter (2024)
    Understanding Crisis Preparedness: Insights from Personal Values, Beliefs, Social Norms, and Personal Norms
    Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) (Best Paper Award) ;21.
    [BibTeX] [Abstract] [Download PDF]

    In disasters and crises, crisis preparation at the household level is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey in Germany on resource-oriented crisis preparedness and participants’ values, a group of more prepared and less prepared individuals was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. A quantitative analysis revealed a significant association between the value of benevolence and higher preparedness. Follow-up interviews (N=30) explored participants&\#039; beliefs and norms, showing minimal group differences. Although crisis preparedness is generally viewed positively, strong negativity exists towards perceived “hoarders”. The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing intervention that can trigger benevolence to foster preparedness and appeal to the social benefits to counter the narrative of anti-social crisis preparedness.

    @article{haunschild_understanding_2024,
    title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
    volume = {21},
    url = {https://ojs.iscram.org/index.php/Proceedings/article/view/19},
    abstract = {In disasters and crises, crisis preparation at the household level is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey in Germany on resource-oriented crisis preparedness and participants’ values, a group of more prepared and less prepared individuals was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. A quantitative analysis revealed a significant association between the value of benevolence and higher preparedness. Follow-up interviews (N=30) explored participants\&\#039; beliefs and norms, showing minimal group differences. Although crisis preparedness is generally viewed positively, strong negativity exists towards perceived “hoarders”. The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing intervention that can trigger benevolence to foster preparedness and appeal to the social benefits to counter the narrative of anti-social crisis preparedness.},
    urldate = {2024-05-27},
    journal = {Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) (Best Paper Award)},
    author = {Haunschild, Jasmin and Burger, Felix and Reuter, Christian},
    month = may,
    year = {2024},
    note = {Section: ISCRAM Proceedings},
    keywords = {Crisis, Student, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Anja P. Jakobi, Jasmin Haunschild (2024)
    Transnational organisierte Kriminalität und internationale Politik
    In: Frank Sauer, Luba von Hauff, Carlo Masala: Handbuch Internationale Beziehungen. Wiesbaden: Springer Fachmedien Wiesbaden, , 1013–1037. doi:10.1007/978-3-658-33953-1_40
    [BibTeX] [Abstract] [Download PDF]

    Der Beitrag analysiert die unterschiedlichen Formen und Voraussetzungen der Bekämpfung, Verfolgung und Prävention transnational organisierter Kriminalität in der internationalen Politik. Dazu führen wir zunächst in die Definition und die Grundlagen in diesem Bereich ein, auch im Hinblick auf eine Einordnung in Debatten der Internationalen Beziehungen, bevor einzelne Politikbereiche – Drogenhandel, Menschenhandel und -schmuggel, Waffenhandel, Geldwäsche und Terrorismusfinanzierung, Konfliktmineralien – vorgestellt werden. Die Schlussfolgerungen bieten einen Ausblick in weitere Teilbereiche und erläutern die Rolle von staatlichen und nicht-staatlichen Akteuren in der Bekämpfung transnational organisierter Kriminalität.

    @incollection{jakobi_transnational_2024,
    address = {Wiesbaden},
    title = {Transnational organisierte {Kriminalität} und internationale {Politik}},
    isbn = {978-3-658-33953-1},
    url = {https://doi.org/10.1007/978-3-658-33953-1_40},
    abstract = {Der Beitrag analysiert die unterschiedlichen Formen und Voraussetzungen der Bekämpfung, Verfolgung und Prävention transnational organisierter Kriminalität in der internationalen Politik. Dazu führen wir zunächst in die Definition und die Grundlagen in diesem Bereich ein, auch im Hinblick auf eine Einordnung in Debatten der Internationalen Beziehungen, bevor einzelne Politikbereiche – Drogenhandel, Menschenhandel und -schmuggel, Waffenhandel, Geldwäsche und Terrorismusfinanzierung, Konfliktmineralien – vorgestellt werden. Die Schlussfolgerungen bieten einen Ausblick in weitere Teilbereiche und erläutern die Rolle von staatlichen und nicht-staatlichen Akteuren in der Bekämpfung transnational organisierter Kriminalität.},
    booktitle = {Handbuch {Internationale} {Beziehungen}},
    publisher = {Springer Fachmedien Wiesbaden},
    author = {Jakobi, Anja P. and Haunschild, Jasmin},
    editor = {Sauer, Frank and von Hauff, Luba and Masala, Carlo},
    year = {2024},
    doi = {10.1007/978-3-658-33953-1_40},
    keywords = {Peace},
    pages = {1013--1037},
    }

  • Marc-André Kaufhold, Tilo Mentler, Simon Nestler, Christian Reuter (2024)
    11. Workshop Mensch-Maschine-Interaktion in sicherheitskritischen Systemen
    Mensch und Computer – Workshopband Karlsruhe, Germany.
    [BibTeX]

    @inproceedings{kaufhold_11_2024,
    address = {Karlsruhe, Germany},
    title = {11. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
    year = {2024},
    keywords = {HCI, UsableSec, Security, Projekt-CYLENCE},
    }

  • Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter (2024)
    Cultural Violence and Peace Interventions in Social Media
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.

    @incollection{kaufhold_cultural_2024,
    address = {Wiesbaden, Germany},
    title = {Cultural {Violence} and {Peace} {Interventions} in {Social} {Media}},
    abstract = {Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, SocialMedia, Peace, Projekt-CYLENCE},
    }

  • Marc-André Kaufhold, Thea Riebe, Markus Bayer, Christian Reuter (2024)
    ‚We Do Not Have the Capacity to Monitor All Media‘: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response Teams
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) (Best Paper Award) New York, NY, USA. doi:10.1145/3613904.3642368
    [BibTeX] [Abstract] [Download PDF]

    Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.

    @inproceedings{kaufhold_we_2024,
    address = {New York, NY, USA},
    series = {{CHI} '24},
    title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
    isbn = {9798400703300},
    url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
    doi = {10.1145/3613904.3642368},
    abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
    publisher = {Association for Computing Machinery},
    author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

  • Marc-André Kaufhold (2024)
    Exploring the evolving landscape of human-centred crisis informatics: current challenges and future trends
    i-com – Journal of Interactive Media . doi:10.1515/icom-2024-0002
    [BibTeX] [Abstract] [Download PDF]

    Modern Information and Communication Technology (ICT) has been used in safety-critical situations for over twenty years. Rooted in Human-Computer Interaction (HCI) and related disciplines, the field of crisis informatics made considerable efforts to investigate social media use and role patterns in crises, facilitate the collection, processing and refinement of social media data, design and evaluate supportive ICT, and provide cumulative and longitudinal research. This narrative review examines contemporary challenges of human-centred crisis informatics and envision trends for the following decade, including (I) a broadening scope of crisis informatics, (II) the professionalisation of cross-platform collaboration of citizen communities and emergency services, (III) expert interfaces for explainable and multimodal artificial intelligence for user-generated content assessment, (IV) internet of things and mobile apps for bidirectional communication and warnings in disruption-tolerant networks, as well as (V) digital twins and virtual reality for the effective training of multi-agency collaboration in hybrid hazards.

    @article{kaufhold_exploring_2024,
    title = {Exploring the evolving landscape of human-centred crisis informatics: current challenges and future trends},
    url = {https://doi.org/10.1515/icom-2024-0002},
    doi = {10.1515/icom-2024-0002},
    abstract = {Modern Information and Communication Technology (ICT) has been used in safety-critical situations for over twenty years. Rooted in Human-Computer Interaction (HCI) and related disciplines, the field of crisis informatics made considerable efforts to investigate social media use and role patterns in crises, facilitate the collection, processing and refinement of social media data, design and evaluate supportive ICT, and provide cumulative and longitudinal research. This narrative review examines contemporary challenges of human-centred crisis informatics and envision trends for the following decade, including (I) a broadening scope of crisis informatics, (II) the professionalisation of cross-platform collaboration of citizen communities and emergency services, (III) expert interfaces for explainable and multimodal artificial intelligence for user-generated content assessment, (IV) internet of things and mobile apps for bidirectional communication and warnings in disruption-tolerant networks, as well as (V) digital twins and virtual reality for the effective training of multi-agency collaboration in hybrid hazards.},
    journal = {i-com - Journal of Interactive Media},
    author = {Kaufhold, Marc-André},
    year = {2024},
    keywords = {AuswahlCrisis, Crisis, HCI, Projekt-emergenCITY, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

  • Philipp Kuehn, Dilara Nadermahmoodi, Moritz Kerk, Christian Reuter (2024)
    ThreatCluster: Threat Clustering for Information Overload Reduction in Computer Emergency Response Teams
    arXiv. doi:10.48550/arXiv.2210.14067
    [BibTeX] [Abstract] [Download PDF]

    The ever-increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). To respond to emerging threats, CERTs must gather information in a timely and comprehensive manner. But the volume of sources and information leads to information overload. This paper contributes to the question of how to reduce information overload for CERTs. We propose clustering incoming information as scanning this information is one of the most tiresome, but necessary, manual steps. Based on current studies, we establish conditions for such a framework. Different types of evaluation metrics are used and selected in relation to the framework conditions. Furthermore, different document embeddings and distance measures are evaluated and interpreted in combination with clustering methods. We use three different corpora for the evaluation, a novel ground truth corpus based on threat reports, one security bug report (SBR) corpus, and one with news articles. Our work shows, it is possible to reduce the information overload by up to 84.8\% with homogeneous clusters. A runtime analysis of the clustering methods strengthens the decision of selected clustering methods. The source code and dataset will be made publicly available after acceptance.

    @misc{kuehn_threatcluster_2024,
    title = {{ThreatCluster}: {Threat} {Clustering} for {Information} {Overload} {Reduction} in {Computer} {Emergency} {Response} {Teams}},
    shorttitle = {{ThreatCluster}},
    url = {http://arxiv.org/abs/2210.14067},
    doi = {10.48550/arXiv.2210.14067},
    abstract = {The ever-increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). To respond to emerging threats, CERTs must gather information in a timely and comprehensive manner. But the volume of sources and information leads to information overload. This paper contributes to the question of how to reduce information overload for CERTs. We propose clustering incoming information as scanning this information is one of the most tiresome, but necessary, manual steps. Based on current studies, we establish conditions for such a framework. Different types of evaluation metrics are used and selected in relation to the framework conditions. Furthermore, different document embeddings and distance measures are evaluated and interpreted in combination with clustering methods. We use three different corpora for the evaluation, a novel ground truth corpus based on threat reports, one security bug report (SBR) corpus, and one with news articles. Our work shows, it is possible to reduce the information overload by up to 84.8\% with homogeneous clusters. A runtime analysis of the clustering methods strengthens the decision of selected clustering methods. The source code and dataset will be made publicly available after acceptance.},
    urldate = {2024-03-18},
    publisher = {arXiv},
    author = {Kuehn, Philipp and Nadermahmoodi, Dilara and Kerk, Moritz and Reuter, Christian},
    month = mar,
    year = {2024},
    note = {arXiv:2210.14067 [cs]
    version: 2},
    keywords = {Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Franz Kuntke, Marc-André Kaufhold, Sebastian Linsner, Christian Reuter (2024)
    GeoBox: Design and Evaluation of a Tool for Resilient and Decentralized Data Management in Agriculture
    Behaviour & Information Technology (BIT) ;43(4):764–786. doi:10.1080/0144929X.2023.2185747
    [BibTeX] [Abstract] [Download PDF]

    Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.

    @article{kuntke_geobox_2024,
    title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
    volume = {43},
    issn = {0144-929X},
    url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
    doi = {10.1080/0144929X.2023.2185747},
    abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
    number = {4},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
    month = mar,
    year = {2024},
    note = {Publisher: Taylor \& Francis},
    keywords = {UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, AuswahlUsableSec, Projekt-GeoBox, Projekt-AgriRegio},
    pages = {764--786},
    }

  • Franz Kuntke (2024)
    Resilient Smart Farming: Crisis-Capable Information and Communication Technologies for Agriculture
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Download PDF]

    @book{kuntke_resilient_2024,
    address = {Wiesbaden, Germany},
    title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
    isbn = {978-3-658-44156-2},
    url = {https://link.springer.com/book/10.1007/978-3-658-44157-9},
    publisher = {Springer Vieweg},
    author = {Kuntke, Franz},
    year = {2024},
    note = {https://doi.org/10.1007/978-3-658-44157-9},
    keywords = {Crisis, HCI, UsableSec, Security, RSF, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Franz Kuntke (2024)
    Resilient Smart Farming: Crisis-Capable Information and Communication Technologies for Agriculture
    Darmstadt, Germany: Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{kuntke_resilient_2024-1,
    address = {Darmstadt, Germany},
    title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
    publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Kuntke, Franz},
    year = {2024},
    keywords = {Crisis, HCI, UsableSec, Security, RSF, Dissertation},
    }

  • Franz Kuntke, Christian Reuter (2024)
    Resilienz in der digitalisierten Landwirtschaft: Abhängigkeiten deutscher landwirtschaftlicher Betriebe von Kommunikations- und Energieinfrastruktur im Katastrophenschutz
    emergenCITY Policy Paper No. 4. doi:10.5281/zenodo.12209183
    [BibTeX] [Abstract] [Download PDF]

    Agriculture is experiencing continuous digitalization, with an increasing importance of data for the tools used. In contrast to other critical infrastructures, the average agricultural business has a small number of employees. The requirements for agricultural technology, its implementation and the regulations therefore differ from other critical infrastructures. The effects of current trends such as smart farming on the resilience of the sector and dependencies on other infrastructures remain unclear. But some aspects of agricultural digitalization must be viewed critically in order to avoid security risks in future: Products must have secure default settings and the need for cloud connectivity should be questioned more frequently – both for stronger security and resilience to infrastructure failures and the high need for data protection in agriculture. With the right developments, digitalization can not only be made secure, but also have a positive effect on the resilience and efficiency of farms.

    @misc{kuntke_resilienz_2024,
    title = {Resilienz in der digitalisierten {Landwirtschaft}: {Abhängigkeiten} deutscher landwirtschaftlicher {Betriebe} von {Kommunikations}- und {Energieinfrastruktur} im {Katastrophenschutz}},
    url = {https://doi.org/10.5281/zenodo.12209183},
    abstract = {Agriculture is experiencing continuous digitalization, with an increasing importance of data for the tools used.
    In contrast to other critical infrastructures, the average agricultural business has a small number of employees. The requirements for agricultural technology, its implementation and the regulations therefore differ from other critical infrastructures. The effects of current trends such as smart farming on the resilience of the sector and dependencies on other infrastructures remain unclear. But some aspects of agricultural digitalization must be viewed critically in order to avoid security risks in future: Products must have secure default settings and the need for cloud connectivity should be questioned more frequently – both for stronger security and resilience to infrastructure failures and the high need for data protection in agriculture. With the right developments, digitalization can not only be made secure, but also have a positive effect on the resilience and efficiency of farms.},
    urldate = {2024-04-15},
    publisher = {emergenCITY Policy Paper No. 4},
    author = {Kuntke, Franz and Reuter, Christian},
    year = {2024},
    doi = {10.5281/zenodo.12209183},
    keywords = {Projekt-AgriRegio, Projekt-ATHENE, Projekt-GeoBox, Projekt-HyServ},
    }

  • Sebastian Linsner, Kilian Demuth, Marc Fischlin, Christian Reuter (2024)
    Decision-based Data Distribution (D³): Enabling Users to Minimize Data Propagation in Privacy-sensitive Scenarios
    Proceedings on Privacy Enhancing Technologies (PoPETs) (4).
    [BibTeX] [Abstract]

    In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.

    @article{linsner_decision-based_2024,
    title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
    abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
    number = {4},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
    year = {2024},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-PriVis},
    }

  • Sebastian Linsner (2024)
    Privacy Preserving Data Management – Assisting Users in Data Disclosure Scenarios
    Darmstadt, Germany: Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{linsner_privacy_2024,
    address = {Darmstadt, Germany},
    title = {Privacy {Preserving} {Data} {Management} – {Assisting} {Users} in {Data} {Disclosure} {Scenarios}},
    publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Linsner, Sebastian},
    year = {2024},
    keywords = {UsableSec, Security, Projekt-CROSSING, Dissertation, Projekt-ATHENE-PriVis},
    }

  • Florentin Putz, Steffen Haesler, Matthias Hollick (2024)
    Sounds Good? Fast and Secure Contact Exchange in Groups
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;8(CSCW2).
    [BibTeX] [Abstract]

    Trustworthy digital communication requires the secure exchange of contact information, but current approaches lack usability and scalability for larger groups of users. We evaluate the usability of two secure contact exchange systems: the current state of the art, SafeSlinger, and our newly designed protocol, PairSonic, which extends trust from physical encounters to spontaneous online communication. Our lab study (N=45) demonstrates PairSonic’s superior usability, automating the tedious verification tasks from previous approaches via an acoustic out-of-band channel. Although participants significantly preferred our system, minimizing user effort surprisingly decreased the perceived security for some users, who associated security with complexity. We discuss user perceptions of the different protocol components and identify remaining usability barriers for CSCW application scenarios.

    @article{putz_sounds_2024,
    title = {Sounds {Good}? {Fast} and {Secure} {Contact} {Exchange} in {Groups}},
    volume = {8},
    abstract = {Trustworthy digital communication requires the secure exchange of contact information, but current approaches lack usability and scalability for larger groups of users. We evaluate the usability of two secure contact exchange systems: the current state of the art, SafeSlinger, and our newly designed protocol, PairSonic, which extends trust from physical encounters to spontaneous online communication. Our lab study (N=45) demonstrates PairSonic's superior usability, automating the tedious verification tasks from previous approaches via an acoustic out-of-band channel. Although participants significantly preferred our system, minimizing user effort surprisingly decreased the perceived security for some users, who associated security with complexity. We discuss user perceptions of the different protocol components and identify remaining usability barriers for CSCW application scenarios.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Putz, Florentin and Haesler, Steffen and Hollick, Matthias},
    year = {2024},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-emergenCITY},
    }

  • Thomas Reinhold, Christian Reuter (2024)
    Verification in Cyberspace
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.

    @incollection{reinhold_verification_2024,
    address = {Wiesbaden, Germany},
    title = {Verification in {Cyberspace}},
    abstract = {Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CNTR},
    }

  • Thomas Reinhold, Christian Reuter (2024)
    From Cyber War to Cyber Peace
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.

    @incollection{reinhold_cyber_2024,
    address = {Wiesbaden, Germany},
    title = {From {Cyber} {War} to {Cyber} {Peace}},
    abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING, Cyberwar, Projekt-CNTR},
    }

  • Thomas Reinhold, Christian Reuter (2024)
    Arms Control and its Applicability to Cyberspace
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden: Springer Fachmedien Wiesbaden.
    [BibTeX] [Abstract]

    Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.

    @incollection{reuter_arms_2024,
    address = {Wiesbaden},
    title = {Arms {Control} and its {Applicability} to {Cyberspace}},
    abstract = {Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.},
    language = {en},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Fachmedien Wiesbaden},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Peace, Projekt-CNTR},
    }

  • Thomas Reinhold (2024)
    Towards a Peaceful Development of Cyberspace: Challenges and Technical Measures for the De-Escalation of State-Led Cyberconflicts and Arms Control of Cyberweapons
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states‘ security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.

    @book{reinhold_towards_2024,
    address = {Wiesbaden, Germany},
    title = {Towards a {Peaceful} {Development} of {Cyberspace}: {Challenges} and {Technical} {Measures} for the {De}-{Escalation} of {State}-{Led} {Cyberconflicts} and {Arms} {Control} of {Cyberweapons}},
    isbn = {978-3-658-43950-7},
    url = {https://link.springer.com/book/10.1007/978-3-658-43951-4},
    abstract = {Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states' security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.},
    publisher = {Springer Vieweg},
    author = {Reinhold, Thomas},
    year = {2024},
    note = {https://doi.org/10.1007/978-3-658-43951-4},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE, Dissertation},
    }

  • Christian Reuter (2024)
    Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{reuter_information_2024,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2024},
    keywords = {Selected, Security, Peace, Infrastructure, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-TraCe},
    }

  • Christian Reuter, Anja-Liisa Gonsior, Thea Riebe, Marc-André Kaufhold (2024)
    Peace Informatics: Bridging Peace and Conflict Studies with Computer Science
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.

    @incollection{reuter_peace_2024,
    address = {Wiesbaden, Germany},
    title = {Peace {Informatics}: {Bridging} {Peace} and {Conflict} {Studies} with {Computer} {Science}},
    abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Gonsior, Anja-Liisa and Riebe, Thea and Kaufhold, Marc-André},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Infrastructure},
    }

  • Christian Reuter, Konstantin Aal, Jürgen Altmann, Ute Bernhardt, Kai Denker, Jonas Franken, Anja-Liisa Gonsior, Laura Guntrum, Dominik Herrmann, Matthias Hollick, Stefan Katzenbeisser, Marc-André Kaufhold, Thomas Reinhold, Thea Riebe, Ingo Ruhmann, KlausPeter Saalbach, Lisa Schirch, Stefka Schmid, Niklas Schörnig, Ali Sunyaev, Volker Wulf (2024)
    Outlook: The Future of IT in Peace and Security
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.

    @incollection{reuter_outlook_2024,
    address = {Wiesbaden, Germany},
    title = {Outlook: {The} {Future} of {IT} in {Peace} and {Security}},
    abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aal, Konstantin and Altmann, Jürgen and Bernhardt, Ute and Denker, Kai and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Reinhold, Thomas and Riebe, Thea and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schirch, Lisa and Schmid, Stefka and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING},
    }

  • Christian Reuter, Jonas Franken, Anja-Liisa Gonsior, Laura Guntrum, Stefka Schmid (2024)
    An Overview and Introduction to Information Technology for Peace and Security
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.

    @incollection{reuter_overview_2024,
    address = {Wiesbaden, Germany},
    title = {An {Overview} and {Introduction} to {Information} {Technology} for {Peace} and {Security}},
    abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Schmid, Stefka},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING},
    }

  • Christian Reuter, Thea Riebe, Laura Guntrum (2024)
    ​​Technologie und die Transformation Politischer Gewalt
    Wissenschaft und Frieden: 2024.
    [BibTeX] [Abstract] [Download PDF]

    Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS. Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.

    @techreport{reuter_technologie_2024,
    address = {Wissenschaft und Frieden},
    title = {​​{Technologie} und die {Transformation} {Politischer} {Gewalt}},
    url = {http://www.peasec.de/paper/2024/2024_ReuterRiebeGuntrum_TechnologieTransformationPolitischeGewalt_WundF.pdf},
    abstract = {Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS.
    Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.},
    author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    year = {2024},
    keywords = {Peace},
    }

  • Christian Reuter, Thea Riebe, Jasmin Haunschild, Thomas Reinhold, Stefka Schmid (2024)
    Teaching Peace Informatics: Reflections from Lectures and Exercises
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @incollection{reuter_teaching_2024,
    address = {Wiesbaden, Germany},
    title = {Teaching {Peace} {Informatics}: {Reflections} from {Lectures} and {Exercises}},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Infrastructure},
    }

  • Christian Reuter, Amanda Lee Hughes, Cody Buntain (2024)
    Combating Information Warfare: State and Trends in User-Centered Countermeasures against Fake News and Misinformation
    Behaviour & Information Technology (BIT) .
    [BibTeX]

    @article{reuter_combating_2024,
    title = {Combating {Information} {Warfare}: {State} and {Trends} in {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation}},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
    year = {2024},
    keywords = {Crisis, HCI, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Peace},
    }

  • Christian Reuter, Jonas Franken, Thomas Reinhold, Philipp Kuehn, Marc-André Kaufhold, Thea Riebe, Katrin Hartwig, Tom Biselli, Stefka Schmid, Laura Guntrum, Steffen Haesler (2024)
    Informatik für den Frieden: Perspektive von PEASEC zu 40 Jahren FIfF
    FIfF-Kommunikation .
    [BibTeX]

    @article{reuter_informatik_2024,
    title = {Informatik für den {Frieden}: {Perspektive} von {PEASEC} zu 40 {Jahren} {FIfF}},
    journal = {FIfF-Kommunikation},
    author = {Reuter, Christian and Franken, Jonas and Reinhold, Thomas and Kuehn, Philipp and Kaufhold, Marc-André and Riebe, Thea and Hartwig, Katrin and Biselli, Tom and Schmid, Stefka and Guntrum, Laura and Haesler, Steffen},
    year = {2024},
    keywords = {Security, Peace},
    }

  • Christian Reuter, Amanda Lee Hughes, Cody Buntain (2024)
    Special Issue on Combating Information Warfare: User-Centered Countermeasures against Fake News and Misinformation – Behaviour & Information Technology (BIT)
    Taylor & Francis.
    [BibTeX]

    @book{reuter_special_2024,
    title = {Special {Issue} on {Combating} {Information} {Warfare}: {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation} - {Behaviour} \& {Information} {Technology} ({BIT})},
    publisher = {Taylor \& Francis},
    author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
    year = {2024},
    note = {Publication Title: Behaviour \& Information Technology (BIT)},
    keywords = {Crisis, HCI, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Peace},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2024)
    Dual-Use Information Technology: Research, Development and Governance
    In: Christian Reuter: Information Technology for Peace and Security – IT Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @incollection{riebe_dual-use_2024,
    address = {Wiesbaden, Germany},
    title = {Dual-{Use} {Information} {Technology}: {Research}, {Development} and {Governance}},
    isbn = {978-3-658-25652-4},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Peace},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2024)
    Creative Uses of Technology: Dual Use Governance, Assessment and Design
    In: Amy Hagopian, Marion Birch: Conflict & Health Handbook. De Gruyter.
    [BibTeX]

    @incollection{riebe_creative_2024,
    title = {Creative {Uses} of {Technology}: {Dual} {Use} {Governance}, {Assessment} and {Design}},
    booktitle = {Conflict \& {Health} {Handbook}},
    publisher = {De Gruyter},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    editor = {Hagopian, Amy and Birch, Marion},
    year = {2024},
    keywords = {Peace},
    }

  • Stefka Schmid, Katrin Hartwig, Robert Cieslinski, Christian Reuter (2024)
    Digital Resilience in Dealing with Misinformation on Social Media during COVID-19: A Web Application to Assist Users in Crises
    Information Systems Frontiers (ISF) ;26(2):477–499. doi:10.1007/s10796-022-10347-5
    [BibTeX] [Abstract] [Download PDF]

    In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.

    @article{schmid_digital_2024,
    title = {Digital {Resilience} in {Dealing} with {Misinformation} on {Social} {Media} during {COVID}-19: {A} {Web} {Application} to {Assist} {Users} in {Crises}},
    volume = {26},
    issn = {1572-9419},
    url = {https://doi.org/10.1007/s10796-022-10347-5},
    doi = {10.1007/s10796-022-10347-5},
    abstract = {In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.},
    number = {2},
    journal = {Information Systems Frontiers (ISF)},
    author = {Schmid, Stefka and Hartwig, Katrin and Cieslinski, Robert and Reuter, Christian},
    month = apr,
    year = {2024},
    keywords = {Crisis, Student, A-Paper, Projekt-TraCe, Projekt-NEBULA},
    pages = {477--499},
    }

    2023

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2023)
    A Survey on Data Augmentation for Text Classification
    ACM Computing Surveys (CSUR) ;55(7):1–39. doi:10.1145/3544558
    [BibTeX] [Abstract] [Download PDF]

    Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.

    @article{bayer_survey_2023,
    title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
    volume = {55},
    url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
    doi = {10.1145/3544558},
    abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
    number = {7},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--39},
    }

  • Markus Bayer, Tobias Frey, Christian Reuter (2023)
    Multi-Level Fine-Tuning, Data Augmentation, and Few-Shot Learning for Specialized Cyber Threat Intelligence
    Computers & Security . doi:10.1016/j.cose.2023.103430
    [BibTeX] [Abstract] [Download PDF]

    A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication

    @article{bayer_multi-level_2023,
    title = {Multi-{Level} {Fine}-{Tuning}, {Data} {Augmentation}, and {Few}-{Shot} {Learning} for {Specialized} {Cyber} {Threat} {Intelligence}},
    issn = {0167-4048},
    url = {https://peasec.de/paper/2023/2023_BayerFreyReuter_MultiLevelFineTuningForCyberThreatIntelligence_CS.pdf},
    doi = {10.1016/j.cose.2023.103430},
    abstract = {A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication},
    journal = {Computers \& Security},
    author = {Bayer, Markus and Frey, Tobias and Reuter, Christian},
    year = {2023},
    keywords = {Student, Security, A-Paper, Ranking-ImpactFactor, Projekt-CROSSING, Projekt-CYWARN, Projekt-ATHENE},
    }

  • Daniel EberzEder, Franz Kuntke, Gerwin Brill, Ansgar Bernardi, Christian Wied, Philippe Nuderscher, Christian Reuter (2023)
    Prototypische Entwicklungen zur Umsetzung des Resilient Smart Farming (RSF) mittels Edge Computing
    43. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft .
    [BibTeX] [Abstract] [Download PDF]

    Landwirtschaft als essenzieller Teil der Nahrungsmittelproduktion gehört zu den kritischen Infrastrukturen (KRITIS). Dementsprechend müssen die eingesetzten Systeme für einen widerstandsfähigen Betrieb ausgelegt sein. Dies gilt auch für die auf landwirtschaftlichen Betrieben eingesetzte Software, die Sicherheits- und Resilienzkriterien genügen muss. Jedoch ist die Zunahme an Software zu beobachten, welche eine permanente Internetkonnektivität erfordert, d. h. eine stabile Verbindung zu Servern oder Cloud-Applikationen ist für deren Funktionsweise erforderlich. Dies stellt eine erhebliche Schwachstelle hinsichtlich der Resilienz dar und kann bei Ausfällen der Telekommunikationsinfrastruktur zu großen Problemen führen. Mit Entwicklungen aus dem Bereich Resilient Smart Farming (RSF) zeigen wir, wie Datenhaltung nach dem Offline-First-Prinzip gestaltet werden kann. Ein zentraler Bestandteil hierbei ist das Resilient Edge Computing (REC) und die entwickelte HofBox: ein Mini-Server, der das Datenmanagement im Betrieb übernimmt und mittels innovativer Open-Source basierender Container-Technologie (Open Horizon) umsetzt. Dadurch werden in Zukunft weitere Anwendungsfälle innerhalb der landwirtschaftlichen Produktions- und Wertschöpfungskette durch Public-Private-Partnership-Modelle realistisch und realisierbar.

    @inproceedings{eberz-eder_prototypische_2023,
    title = {Prototypische {Entwicklungen} zur {Umsetzung} des {Resilient} {Smart} {Farming} ({RSF}) mittels {Edge} {Computing}},
    url = {https://dl.gi.de/handle/20.500.12116/40264},
    abstract = {Landwirtschaft als essenzieller Teil der Nahrungsmittelproduktion gehört zu den kritischen Infrastrukturen (KRITIS). Dementsprechend müssen die eingesetzten Systeme für einen widerstandsfähigen Betrieb ausgelegt sein. Dies gilt auch für die auf landwirtschaftlichen Betrieben eingesetzte Software, die Sicherheits- und Resilienzkriterien genügen muss. Jedoch ist die Zunahme an Software zu beobachten, welche eine permanente Internetkonnektivität erfordert, d. h. eine stabile Verbindung zu Servern oder Cloud-Applikationen ist für deren Funktionsweise erforderlich. Dies stellt eine erhebliche Schwachstelle hinsichtlich der Resilienz dar und kann bei Ausfällen der Telekommunikationsinfrastruktur zu großen Problemen führen. Mit Entwicklungen aus dem Bereich Resilient Smart Farming (RSF) zeigen wir, wie Datenhaltung nach dem Offline-First-Prinzip gestaltet werden kann. Ein zentraler Bestandteil hierbei ist das Resilient Edge Computing (REC) und die entwickelte HofBox: ein Mini-Server, der das Datenmanagement im Betrieb übernimmt und mittels innovativer Open-Source basierender Container-Technologie (Open Horizon) umsetzt. Dadurch werden in Zukunft weitere Anwendungsfälle innerhalb der landwirtschaftlichen Produktions- und Wertschöpfungskette durch Public-Private-Partnership-Modelle realistisch und realisierbar.},
    booktitle = {43. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Eberz-Eder, Daniel and Kuntke, Franz and Brill, Gerwin and Bernardi, Ansgar and Wied, Christian and Nuderscher, Philippe and Reuter, Christian},
    year = {2023},
    keywords = {UsableSec, Security, RSF, Projekt-GeoBox, Projekt-AgriRegio},
    pages = {309--314},
    }

  • Jonas Franken, Christian Reuter (2023)
    Buchrezension: Stahlhut, Björn/Lammert, Martin (Hrsg.): Gesamtstaatliche Sicherheitsvorsorge – gerüstet für den Ernstfall!?, 200 S., BWV, Berlin 2022.
    Neue Politische Literatur (NPL) . doi:https://doi.org/10.1007/s42520-023-00496-5
    [BibTeX] [Download PDF]

    @article{franken_buchrezension_2023,
    title = {Buchrezension: {Stahlhut}, {Björn}/{Lammert}, {Martin} ({Hrsg}.): {Gesamtstaatliche} {Sicherheitsvorsorge} – gerüstet für den {Ernstfall}!?, 200 {S}., {BWV}, {Berlin} 2022.},
    issn = {2197-6082},
    url = {https://link.springer.com/article/10.1007/s42520-023-00496-5},
    doi = {https://doi.org/10.1007/s42520-023-00496-5},
    journal = {Neue Politische Literatur (NPL)},
    author = {Franken, Jonas and Reuter, Christian},
    year = {2023},
    keywords = {Peace},
    }

  • Jonas Franken, Marco Zivkovic, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Das Netz hat Geschichte: Historisch-technische Analyse der kritischen Infrastrukturen in der Region Rhein/Main
    In: : INFORMATIK 2023 – Designing Futures: Zukünfte gestalten. Bonn: Gesellschaft für Informatik e. V., , 1–6. doi:10.18420/inf2023_159
    [BibTeX] [Abstract] [Download PDF]

    Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.

    @incollection{franken_netz_2023,
    address = {Bonn},
    title = {Das {Netz} hat {Geschichte}: {Historisch}-technische {Analyse} der kritischen {Infrastrukturen} in der {Region} {Rhein}/{Main}},
    url = {https://peasec.de/paper/2023/2023_FrankenZivkovicThiessenEngelsReuter_NetzGeschichte_GI.pdf},
    abstract = {Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.},
    booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Franken, Jonas and Zivkovic, Marco and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_159},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--6},
    }

  • Jonas Franken, Franziska Schneider, Christian Reuter (2023)
    The Internet’s Plumbing Consists of Garden Hoses: A Critical Analysis of the Advantages and Pitfalls of Metaphors Use for Critical Maritime Infrastructures
    Dreizack 23 Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_internets_2023,
    address = {Kiel},
    title = {The {Internet}’s {Plumbing} {Consists} of {Garden} {Hoses}: {A} {Critical} {Analysis} of the {Advantages} and {Pitfalls} of {Metaphors} {Use} for {Critical} {Maritime} {Infrastructures}},
    url = {https://peasec.de/paper/2023/2023_FrankenSchneiderReuter_MetaphernMarKRITIS_Dreizack23.pdf},
    booktitle = {Dreizack 23},
    publisher = {The Kiel Seapower Series},
    author = {Franken, Jonas and Schneider, Franziska and Reuter, Christian},
    editor = {Schilling, Henrik},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio, Projekt-NetzGeschichte},
    pages = {1--8},
    }

  • Anja-Liisa Gonsior, Thea Riebe, Stefka Schmid, Thomas Reinhold, Christian Reuter (2023)
    Friedensinformatik: heute und morgen
    FIfF-Kommunikation ;2023(4):34–37.
    [BibTeX] [Download PDF]

    @article{gonsior_friedensinformatik_2023,
    title = {Friedensinformatik: heute und morgen},
    volume = {2023},
    url = {https://peasec.de/paper/2023/2023_GonsiorRiebeSchmidReinholdReuter_FriedensinformatikHeuteMorgen_WundF.pdf},
    number = {4},
    journal = {FIfF-Kommunikation},
    author = {Gonsior, Anja-Liisa and Riebe, Thea and Schmid, Stefka and Reinhold, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Peace},
    pages = {34--37},
    }

  • Laura Guntrum, Benjamin Güldenring, Franz Kuntke, Christian Reuter (2023)
    Using Digitally Mediated Methods in Sensitive Contexts: A Threat Analysis and Critical Reflection on Security, Privacy, and Ethical Concerns in the Case of Afghanistan
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;11(2):95–128. doi:10.1007/s42597-022-00088-2
    [BibTeX] [Abstract] [Download PDF]

    Given the lack of empirical examples of how research can be conducted via digital means in sensitive contexts, this paper provides a threat model using Afghanistan, where the Taliban took power in August 2021, as an example. Both technical and non-technical research-related risks are analyzed, paying attention to research ethics, data security, and privacy. We argue that any threat model and risk analysis is highly context-dependent. Our analysis reveals that in certain research processes, human security does not necessarily coincide with data security and that an ambivalence exists between privacy and usability. In addition to the concrete threat analysis, the paper identifies some general technical solutions (e.g., encryption methods, communication software) for different research steps to foster secure and ethically justifiable research.

    @article{guntrum_using_2023,
    title = {Using {Digitally} {Mediated} {Methods} in {Sensitive} {Contexts}: {A} {Threat} {Analysis} and {Critical} {Reflection} on {Security}, {Privacy}, and {Ethical} {Concerns} in the {Case} of {Afghanistan}},
    volume = {11},
    issn = {2524-6976},
    url = {https://link.springer.com/article/10.1007/s42597-022-00088-2},
    doi = {10.1007/s42597-022-00088-2},
    abstract = {Given the lack of empirical examples of how research can be conducted via digital means in sensitive contexts, this paper provides a threat model using Afghanistan, where the Taliban took power in August 2021, as an example. Both technical and non-technical research-related risks are analyzed, paying attention to research ethics, data security, and privacy. We argue that any threat model and risk analysis is highly context-dependent. Our analysis reveals that in certain research processes, human security does not necessarily coincide with data security and that an ambivalence exists between privacy and usability. In addition to the concrete threat analysis, the paper identifies some general technical solutions (e.g., encryption methods, communication software) for different research steps to foster secure and ethically justifiable research.},
    number = {2},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Guntrum, Laura and Güldenring, Benjamin and Kuntke, Franz and Reuter, Christian},
    month = oct,
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-FANCY, Projekt-TraCe},
    pages = {95--128},
    }

  • Laura Guntrum, Sebastian Schwartz, Christian Reuter (2023)
    Dual-Use Technologies in the Context of Autonomous Driving: An Empirical Case Study From Germany
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00935-3
    [BibTeX] [Abstract] [Download PDF]

    The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.

    @article{guntrum_dual-use_2023,
    title = {Dual-{Use} {Technologies} in the {Context} of {Autonomous} {Driving}: {An} {Empirical} {Case} {Study} {From} {Germany}},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-022-00935-3},
    doi = {10.1007/s12399-022-00935-3},
    abstract = {The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Guntrum, Laura and Schwartz, Sebastian and Reuter, Christian},
    month = jan,
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Steffen Haesler, Marc Wendelborn, Christian Reuter (2023)
    Getting the Residents‘ Attention: The Perception of Warning Channels in Smart Home Warning Systems
    Proceedings of the ACM Designing Interactive Systems Conference (DIS) New York, NY, USA. doi:10.1145/3563657.3596076
    [BibTeX] [Abstract] [Download PDF]

    About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.

    @inproceedings{haesler_getting_2023,
    address = {New York, NY, USA},
    series = {{DIS} '23},
    title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
    isbn = {978-1-4503-9893-0},
    url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
    doi = {10.1145/3563657.3596076},
    abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
    booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
    publisher = {Association for Computing Machinery},
    author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
    year = {2023},
    note = {event-place: Pittsburgh, PA, USA},
    keywords = {Crisis, HCI, Student, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1114--1127},
    }

  • Katrin Hartwig, Christian Reuter (2023)
    Countering Fake News Technically – Detection and Countermeasure Approaches to Support Users
    In: Peter Klimczak, Thomas Zoglauer: Truth and Fake in the Post-Factual Digital Age: Distinctions in the Humanities and IT Sciences. Wiesbaden: Springer Fachmedien Wiesbaden, , 131–147. doi:10.1007/978-3-658-40406-2_7
    [BibTeX] [Abstract] [Download PDF]

    The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.

    @incollection{hartwig_countering_2023,
    address = {Wiesbaden},
    title = {Countering {Fake} {News} {Technically} – {Detection} and {Countermeasure} {Approaches} to {Support} {Users}},
    isbn = {978-3-658-40406-2},
    url = {https://peasec.de/paper/2023/2023_HartwigReuter_CounteringFakeNews_TruthFakePostTruth.pdf},
    abstract = {The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.},
    booktitle = {Truth and {Fake} in the {Post}-{Factual} {Digital} {Age}: {Distinctions} in the {Humanities} and {IT} {Sciences}},
    publisher = {Springer Fachmedien Wiesbaden},
    author = {Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Zoglauer, Thomas},
    year = {2023},
    doi = {10.1007/978-3-658-40406-2_7},
    keywords = {Crisis, HCI, SocialMedia, Projekt-CROSSING, Projekt-ATHENE},
    pages = {131--147},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2023)
    Preparedness Nudging for Warning Apps? A Mixed-Method Study Investigating Popularity and Effects of Preparedness Alerts in Warning Apps
    International Journal on Human-Computer Studies (IJHCS) ;172:102995. doi:https://doi.org/10.1016/j.ijhcs.2023.102995
    [BibTeX] [Abstract] [Download PDF]

    Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.

    @article{haunschild_preparedness_2023,
    title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
    volume = {172},
    issn = {1071-5819},
    url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
    doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
    abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, Student, A-Paper, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {102995},
    }

  • Jasmin Haunschild, Leon Jung, Christian Reuter (2023)
    Dual-use in volunteer operations? Attitudes of computer science students regarding the establishment of a cyber security volunteer force
    In: Gerber Nina, Verena Zimmermann: International Symposium on Technikpsychologie (TecPsy). Sciendo, , 66–81.
    [BibTeX] [Abstract] [Download PDF]

    The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers are discussed.

    @incollection{haunschild_dual-use_2023,
    title = {Dual-use in volunteer operations? {Attitudes} of computer science students regarding the establishment of a cyber security volunteer force},
    isbn = {978-83-66675-89-6},
    url = {https://sciendo.com/chapter/9788366675896/10.2478/9788366675896-006},
    abstract = {The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative
    content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers
    are discussed.},
    booktitle = {International {Symposium} on {Technikpsychologie} ({TecPsy})},
    publisher = {Sciendo},
    author = {Haunschild, Jasmin and Jung, Leon and Reuter, Christian},
    editor = {Nina, Gerber and Zimmermann, Verena},
    year = {2023},
    keywords = {Crisis, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {66--81},
    }

  • Jonas Höchst, Lars Baumgärtner, Franz Kuntke, Alvar Penning, Artur Sterz, Markus Sommer, Bernd Freisleben (2023)
    Mobile Device-to-Device Communication for Crisis Scenarios Using Low-Cost LoRa Modems
    In: Hans Jochen Scholl, Eric E. Holdeman, Kees F. Boersma: Disaster Management and Information Technology: Professional Response and Recovery Management in the Age of Disasters. Cham: Springer International Publishing, , 235–268. doi:10.1007/978-3-031-20939-0_12
    [BibTeX] [Abstract] [Download PDF]

    We present an approach to enable long-range device-to-device communication between smartphones in crisis situations. Our approach is based on inexpensive and readily available microcontrollers with integrated LoRa hardware that we empower to receive and forward messages via Bluetooth, Wi-Fi, or a serial connection by means of a dedicated firmware, called rf95modem. The developed firmware cannot only be used in crisis scenarios but also in a variety of other applications, such as providing a communication fallback during outdoor activities, geolocation-based games or broadcasting of local information. We present two applications to show the benefits of our approach. First, we introduce a novel device-to-device LoRa chat application that works on both Android and iOS as well as on traditional computers like notebooks using a console-based interface. Second, we demonstrate how other infrastructure-less technology can benefit from our approach by integrating it into the DTN7 delay-tolerant networking software. Furthermore, we present the results of an in-depth experimental evaluation of approach consisting of (i) real-world device-to-device LoRa transmissions in urban and rural areas and (ii) scalability tests based on simulations of LoRa device-to-device usage in a medium-sized city with up to 1000 active users. The firmware, our device-to-device chat application, our integration into DTN7, as well as our code fragments of the experimental evaluation and the experimental results are available under permissive open-source licenses.

    @incollection{hochst_mobile_2023,
    address = {Cham},
    title = {Mobile {Device}-to-{Device} {Communication} for {Crisis} {Scenarios} {Using} {Low}-{Cost} {LoRa} {Modems}},
    isbn = {978-3-031-20939-0},
    url = {https://peasec.de/paper/2023/2023_HoechstBaumgaertnerKuntkePenningSterzSommerFreisleben_MobileD2DCommunication_DMaIT.pdf},
    abstract = {We present an approach to enable long-range device-to-device communication between smartphones in crisis situations. Our approach is based on inexpensive and readily available microcontrollers with integrated LoRa hardware that we empower to receive and forward messages via Bluetooth, Wi-Fi, or a serial connection by means of a dedicated firmware, called rf95modem. The developed firmware cannot only be used in crisis scenarios but also in a variety of other applications, such as providing a communication fallback during outdoor activities, geolocation-based games or broadcasting of local information. We present two applications to show the benefits of our approach. First, we introduce a novel device-to-device LoRa chat application that works on both Android and iOS as well as on traditional computers like notebooks using a console-based interface. Second, we demonstrate how other infrastructure-less technology can benefit from our approach by integrating it into the DTN7 delay-tolerant networking software. Furthermore, we present the results of an in-depth experimental evaluation of approach consisting of (i) real-world device-to-device LoRa transmissions in urban and rural areas and (ii) scalability tests based on simulations of LoRa device-to-device usage in a medium-sized city with up to 1000 active users. The firmware, our device-to-device chat application, our integration into DTN7, as well as our code fragments of the experimental evaluation and the experimental results are available under permissive open-source licenses.},
    booktitle = {Disaster {Management} and {Information} {Technology}: {Professional} {Response} and {Recovery} {Management} in the {Age} of {Disasters}},
    publisher = {Springer International Publishing},
    author = {Höchst, Jonas and Baumgärtner, Lars and Kuntke, Franz and Penning, Alvar and Sterz, Artur and Sommer, Markus and Freisleben, Bernd},
    editor = {Scholl, Hans Jochen and Holdeman, Eric E. and Boersma, F. Kees},
    year = {2023},
    doi = {10.1007/978-3-031-20939-0_12},
    keywords = {Crisis, Security, RSF, Projekt-emergenCITY, Projekt-ATHENE},
    pages = {235--268},
    }

  • Marc-André Kaufhold, Christian Reuter, Thomas Ludwig (2023)
    Big Data and Multi-platform Social Media Services in Disaster Management
    In: Amita Singh: International Handbook of Disaster Research. Singapore: Springer Nature Singapore, , 1–21.
    [BibTeX] [Abstract] [Download PDF]

    The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.

    @incollection{kaufhold_big_2023,
    address = {Singapore},
    title = {Big {Data} and {Multi}-platform {Social} {Media} {Services} in {Disaster} {Management}},
    isbn = {978-981-16-8800-3},
    url = {https://peasec.de/paper/2023/2023_KaufholdReuterLudwig_BigDataMultiPlatformSocialMediaDisaster_HandbookDisaster.pdf},
    abstract = {The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.},
    booktitle = {International {Handbook} of {Disaster} {Research}},
    publisher = {Springer Nature Singapore},
    author = {Kaufhold, Marc-André and Reuter, Christian and Ludwig, Thomas},
    editor = {Singh, Amita},
    year = {2023},
    keywords = {Crisis, HCI, Projekt-KOKOS, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {1--21},
    }

  • Marc-André Kaufhold, Markus Bayer, Julian Bäumler, Christian Reuter, Stefan Stieglitz, Ali Sercan Basyurt, Milad Mirabaie, Christoph Fuchß, Kaan Eyilmez (2023)
    CYLENCE: Strategies and Tools for Cross-Media Reporting, Detection, and Treatment of Cyberbullying and Hatespeech in Law Enforcement Agencies
    Mensch und Computer – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-211
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.

    @inproceedings{kaufhold_cylence_2023,
    address = {Rapperswil, Switzerland},
    title = {{CYLENCE}: {Strategies} and {Tools} for {Cross}-{Media} {Reporting}, {Detection}, and {Treatment} of {Cyberbullying} and {Hatespeech} in {Law} {Enforcement} {Agencies}},
    url = {https://dl.gi.de/items/0e0efe8f-64bf-400c-85f7-02b65f83189d},
    doi = {10.18420/muc2023-mci-ws01-211},
    abstract = {Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Bayer, Markus and Bäumler, Julian and Reuter, Christian and Stieglitz, Stefan and Basyurt, Ali Sercan and Mirabaie, Milad and Fuchß, Christoph and Eyilmez, Kaan},
    year = {2023},
    keywords = {HCI, UsableSec, Projekt-CYLENCE},
    }

  • Marc-André Kaufhold, Tilo Mentler, Simon Nestler, Christian Reuter (2023)
    10. Workshop Mensch-Maschine-Interaktion in sicherheitskritischen Systemen
    Mensch und Computer – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-102
    [BibTeX] [Abstract] [Download PDF]

    Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.

    @inproceedings{kaufhold_10_2023,
    address = {Rapperswil, Switzerland},
    title = {10. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
    url = {https://dl.gi.de/items/d907ac5d-4c73-467d-adfc-4bafdb8b4cf0},
    doi = {10.18420/muc2023-mci-ws01-102},
    abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
    year = {2023},
    keywords = {HCI, UsableSec, Security},
    }

  • Philipp Kuehn, Mike Schmidt, Markus Bayer, Christian Reuter (2023)
    ThreatCrawl: A BERT-based Focused Crawler for the Cybersecurity Domain
    2023.
    [BibTeX] [Abstract] [Download PDF]

    Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.

    @techreport{kuehn_threatcrawl_2023,
    title = {{ThreatCrawl}: {A} {BERT}-based {Focused} {Crawler} for the {Cybersecurity} {Domain}},
    shorttitle = {{ThreatCrawl}},
    url = {http://arxiv.org/abs/2304.11960},
    abstract = {Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.},
    number = {arXiv:2304.11960},
    urldate = {2023-04-27},
    institution = {arXiv},
    author = {Kuehn, Philipp and Schmidt, Mike and Bayer, Markus and Reuter, Christian},
    month = apr,
    year = {2023},
    note = {arXiv:2304.11960 [cs]},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Philipp Kuehn, David N. Relke, Christian Reuter (2023)
    Common vulnerability scoring system prediction based on open source intelligence information sources
    Computers & Security . doi:10.1016/j.cose.2023.103286
    [BibTeX] [Abstract] [Download PDF]

    The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.

    @article{kuehn_common_2023,
    title = {Common vulnerability scoring system prediction based on open source intelligence information sources},
    url = {https://peasec.de/paper/2023/2023_KuehnRelkeReuter_CommonVulnerabilityScoringSystemOSINT_CompSec.pdf},
    doi = {10.1016/j.cose.2023.103286},
    abstract = {The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.},
    journal = {Computers \& Security},
    author = {Kuehn, Philipp and Relke, David N. and Reuter, Christian},
    year = {2023},
    keywords = {Student, UsableSec, Security, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Franz Kuntke, Lars Baumgärtner, Christian Reuter (2023)
    Rural Communication in Outage Scenarios: Disruption-Tolerant Networking via LoRaWAN Setups
    Proceedings of Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract] [Download PDF]

    Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.

    @inproceedings{kuntke_rural_2023,
    title = {Rural {Communication} in {Outage} {Scenarios}: {Disruption}-{Tolerant} {Networking} via {LoRaWAN} {Setups}},
    url = {https://idl.iscram.org/files/kuntke/2023/2581_Kuntke_etal2023.pdf},
    abstract = {Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.},
    booktitle = {Proceedings of {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Kuntke, Franz and Baumgärtner, Lars and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, RSF, Projekt-MAKI, Projekt-GeoBox, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--13},
    }

  • Franz Kuntke, Merve Bektas, Laura Buhleier, Ella Pohl, Rebekka Schiller, Christian Reuter (2023)
    How Would Emergency Communication Based on LoRaWAN Perform? Empirical Findings of Signal Propagation in Rural Areas
    Proceedings of Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract] [Download PDF]

    Low Power Wide Area Network (LPWAN) technologies are typically promoted for Internet-of-Things (IoT) applications, but are also of interest for emergency communications systems when regular fixed and mobile networks break down. Although LoRaWAN is a frequently used representative here, there are sometimes large differences between the proposed range and the results of some practical evaluations. Since previous work has focused on urban environments or has conducted simulations, this work aims to gather concrete knowledge on the transmission characteristics in rural environments. Extensive field studies with varying geographic conditions and comparative tests in urban environments were performed using two different hardware implementations. Overall, it was found that the collected values in rural areas are significantly lower than the theoretical values. Nevertheless, the results certify that LoRaWAN technology has a high range that cannot be achieved with other common technologies for emergency communications.

    @inproceedings{kuntke_how_2023,
    title = {How {Would} {Emergency} {Communication} {Based} on {LoRaWAN} {Perform}? {Empirical} {Findings} of {Signal} {Propagation} in {Rural} {Areas}},
    url = {https://idl.iscram.org/files/kuntke/2023/2586_Kuntke_etal2023.pdf},
    abstract = {Low Power Wide Area Network (LPWAN) technologies are typically promoted for Internet-of-Things (IoT) applications, but are also of interest for emergency communications systems when regular fixed and mobile networks break down. Although LoRaWAN is a frequently used representative here, there are sometimes large differences between the proposed range and the results of some practical evaluations. Since previous work has focused on urban environments or has conducted simulations, this work aims to gather concrete knowledge on the transmission characteristics in rural environments. Extensive field studies with varying geographic conditions and comparative tests in urban environments were performed using two different hardware implementations. Overall, it was found that the collected values in rural areas are significantly lower than the theoretical values. Nevertheless, the results certify that LoRaWAN technology has a high range that cannot be achieved with other common technologies for emergency communications.},
    booktitle = {Proceedings of {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Kuntke, Franz and Bektas, Merve and Buhleier, Laura and Pohl, Ella and Schiller, Rebekka and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Student, RSF, Projekt-GeoBox, Projekt-AgriRegio},
    pages = {1--8},
    }

  • Franz Kuntke, Daniel EberzEder, Matthias Trapp, Christian Reuter (2023)
    RSF-Lab’23: Konzepte und Anwendungen zur resilienten digitalen Landwirtschaft
    In: : INFORMATIK 2023 – Designing Futures: Zukünfte gestalten. Bonn: Gesellschaft für Informatik e. V., , 1529–1533. doi:10.18420/inf2023_156
    [BibTeX] [Abstract] [Download PDF]

    Neben positiven Aspekten wie der Produktivitätssteigerung bringt die Digitalisierung auch neue Gefahren mit sich. Entsprechend muss der Prozess gerade in Bereichen von gesellschaftlich enormer Bedeutung kritisch begleitet werden, um eine fundierte Entscheidung bei Auswahl und Entwicklung neuer Technologien zu treffen. Die Vision ist hierbei ein resilientes Smart Farming (RSF), bei dem die Fortschritte der Digitalisierung in der Landwirtschaft genutzt werden, ohne dabei die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und somit die Lebensmittelversorgung der Verbraucher zu gefährden. Dieser Workshop konzentriert sich auf die Bewältigung dieser Forschungsherausforderungen und liefert Beiträge zu verschiedenen Themenbereichen. Dazu gehören (1) ein Hofbox-Ansatz basierend auf etablierten Open-Source Werkzeugen, (2) ein mobiles Assistenzsystem für den Transport von künstlichen Besamungsportionen, (3) die historische Perspektive auf kritische Infrastrukturen in der Region Rhein/Main, und (4) eine Messenger-Applikation zur Notfallkommunikation mittels LoRaWAN-basierten IoT-Setups.

    @incollection{kuntke_rsf-lab23_2023,
    address = {Bonn},
    title = {{RSF}-{Lab}'23: {Konzepte} und {Anwendungen} zur resilienten digitalen {Landwirtschaft}},
    isbn = {978-3-88579-731-9},
    url = {https://peasec.de/paper/2023/2023_KuntkeEberzEderTrappReuter_KonzepteAnwendungen_GI.pdf},
    abstract = {Neben positiven Aspekten wie der Produktivitätssteigerung bringt die Digitalisierung auch neue Gefahren mit sich. Entsprechend muss der Prozess gerade in Bereichen von gesellschaftlich enormer Bedeutung kritisch begleitet werden, um eine fundierte Entscheidung bei Auswahl und Entwicklung neuer Technologien zu treffen. Die Vision ist hierbei ein resilientes Smart Farming (RSF), bei dem die Fortschritte der Digitalisierung in der Landwirtschaft genutzt werden, ohne dabei die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und somit die Lebensmittelversorgung der Verbraucher zu gefährden. Dieser Workshop konzentriert sich auf die Bewältigung dieser Forschungsherausforderungen und liefert Beiträge zu verschiedenen Themenbereichen. Dazu gehören (1) ein Hofbox-Ansatz basierend auf etablierten Open-Source Werkzeugen, (2) ein mobiles Assistenzsystem für den Transport von künstlichen Besamungsportionen, (3) die historische Perspektive auf kritische Infrastrukturen in der Region Rhein/Main, und (4) eine Messenger-Applikation zur Notfallkommunikation mittels LoRaWAN-basierten IoT-Setups.},
    booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Kuntke, Franz and Eberz-Eder, Daniel and Trapp, Matthias and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_156},
    keywords = {Security, RSF, Projekt-AgriRegio},
    pages = {1529--1533},
    }

  • Denis Orlov, Franz Kuntke, Christian Reuter (2023)
    Optimierte Messenger-Applikation zur Notfallkommunikation via LoRaWAN-DTN
    In: : INFORMATIK 2023 – Designing Futures: Zukünfte gestalten. Gesellschaft für Informatik e. V., , 1–6. doi:10.18420/inf2023_160
    [BibTeX] [Abstract] [Download PDF]

    Die vorliegende Arbeit präsentiert die Entwicklung einer Messenger-App mit Schwerpunkt auf Benutzerfreundlichkeit, für die Nutzung mit einem bestehenden LoRaWAN-DTN-Backend. Die App ermöglicht den Austausch von Nachrichten mit anderen Personen über ein vorhandenes Kommunikationssystem auf LoRaWAN-Basis. Das grundlegende Softwaregerüst wurde mithilfe agiler Softwareentwicklungsmethoden als Progressive-Web-App entwickelt und iterativ verbessert. Das Ergebnis ist eine plattformübergreifende App für Desktop-PCs und Android-Smartphones. Die App bietet grundlegende Messenger-Funktionen wie Kontaktverwaltung, Chatverlauf-Speicher und Benachrichtigungen. Zusätzlich enthält die App erweiterte Funktionen wie einen leicht zugänglichen SOS-Button, um Notfallnachrichten schnell absetzen zu können. Ziel der Entwicklung war es, die Gebrauchstauglichkeit gegenüber einem ersten Prototyp zu verbessern. Die App soll effektive Kommunikation zwischen Helfern und Betroffenen ermöglichen, während und nach Krisenereignissen wie beispielsweise der europäischen Flutkatastrophe 2021. In folgenden Arbeiten soll das System unter Nutzung dieser App im Einsatz getestet werden.

    @incollection{orlov_optimierte_2023,
    title = {Optimierte {Messenger}-{Applikation} zur {Notfallkommunikation} via {LoRaWAN}-{DTN}},
    url = {https://peasec.de/paper/2023/2023_OrlovKuntkeReuter_OptimierteMessengerApplikation_GI.pdf},
    abstract = {Die vorliegende Arbeit präsentiert die Entwicklung einer Messenger-App mit Schwerpunkt auf Benutzerfreundlichkeit, für die Nutzung mit einem bestehenden LoRaWAN-DTN-Backend. Die App ermöglicht den Austausch von Nachrichten mit anderen Personen über ein vorhandenes Kommunikationssystem auf LoRaWAN-Basis. Das grundlegende Softwaregerüst wurde mithilfe agiler Softwareentwicklungsmethoden als Progressive-Web-App entwickelt und iterativ verbessert. Das Ergebnis ist eine plattformübergreifende App für Desktop-PCs und Android-Smartphones. Die App bietet grundlegende Messenger-Funktionen wie Kontaktverwaltung, Chatverlauf-Speicher und Benachrichtigungen. Zusätzlich enthält die App erweiterte Funktionen wie einen leicht zugänglichen SOS-Button, um Notfallnachrichten schnell absetzen zu können. Ziel der Entwicklung war es, die Gebrauchstauglichkeit gegenüber einem ersten Prototyp zu verbessern. Die App soll effektive Kommunikation zwischen Helfern und Betroffenen ermöglichen, während und nach Krisenereignissen wie beispielsweise der europäischen Flutkatastrophe 2021. In folgenden Arbeiten soll das System unter Nutzung dieser App im Einsatz getestet werden.},
    booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Orlov, Denis and Kuntke, Franz and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_160},
    keywords = {Crisis, Student, RSF, Projekt-AgriRegio},
    pages = {1--6},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Zur Debatte über die Einhegung eines Cyberwars: Analyse militärischer Cyberaktivitäten im Krieg Russlands gegen die Ukraine
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) . doi:10.1007/s42597-023-00094-y
    [BibTeX] [Abstract] [Download PDF]

    Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.

    @article{reinhold_zur_2023,
    title = {Zur {Debatte} über die {Einhegung} eines {Cyberwars}: {Analyse} militärischer {Cyberaktivitäten} im {Krieg} {Russlands} gegen die {Ukraine}},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00094-y},
    doi = {10.1007/s42597-023-00094-y},
    abstract = {Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = mar,
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Thomas Reinhold, Helene Pleil, Christian Reuter (2023)
    Challenges for Cyber Arms Control: A Qualitative Expert Interview Study
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) ;16(3):289–310. doi:10.1007/s12399-023-00960-w
    [BibTeX] [Abstract] [Download PDF]

    The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.

    @article{reinhold_challenges_2023,
    title = {Challenges for {Cyber} {Arms} {Control}: {A} {Qualitative} {Expert} {Interview} {Study}},
    volume = {16},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-023-00960-w},
    doi = {10.1007/s12399-023-00960-w},
    abstract = {The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.},
    number = {3},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Pleil, Helene and Reuter, Christian},
    month = aug,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {289--310},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;12(1):31–58. doi:10.1007/s42597-023-00099-7
    [BibTeX] [Abstract] [Download PDF]

    While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.

    @article{reinhold_preventing_2023,
    title = {Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack},
    volume = {12},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00099-7},
    doi = {10.1007/s42597-023-00099-7},
    abstract = {While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = apr,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {31--58},
    }

  • Thomas Reinhold, Philipp Kuehn, Daniel Günther, Thomas Schneider, Christian Reuter (2023)
    ExTRUST: Reducing Exploit Stockpiles With a Privacy-Preserving Depletion Systems for Inter-State Relationships
    IEEE Transactions on Technology and Society ;4(2):158–170. doi:10.1109/TTS.2023.3280356
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.

    @article{reinhold_extrust_2023,
    title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
    volume = {4},
    url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
    doi = {10.1109/TTS.2023.3280356},
    abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
    number = {2},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Selected, Student, A-Paper, Peace, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    pages = {158--170},
    }

  • Thomas Reinhold (2023)
    Towards a Peaceful Development of Cyberspace: Challenges and Technical Measures for the De-Escalation of State-Led Cyberconflicts and Arms Control of Cyberweapons
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt. doi:10.26083/tuprints-00024559
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states‘ security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.

    @book{reinhold_towards_2023,
    address = {Darmstadt, Germany},
    title = {Towards a {Peaceful} {Development} of {Cyberspace}: {Challenges} and {Technical} {Measures} for the {De}-{Escalation} of {State}-{Led} {Cyberconflicts} and {Arms} {Control} of {Cyberweapons}},
    url = {https://tuprints.ulb.tu-darmstadt.de/24559/},
    abstract = {Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states' security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Reinhold, Thomas},
    year = {2023},
    doi = {10.26083/tuprints-00024559},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE, Dissertation},
    }

  • Christian Reuter, Marc-André Kaufhold (2023)
    Crisis Informatics
    In: Zheng Yan: Cambridge Handbook of Cyber Behavior. Cambridge University Press.
    [BibTeX] [Abstract] [Download PDF]

    In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.

    @incollection{reuter_crisis_2023,
    title = {Crisis {Informatics}},
    isbn = {978-1-00-905708-0},
    url = {https://www.cambridge.org/de/universitypress/subjects/psychology/applied-psychology/cambridge-handbook-cyber-behavior?format=WX&isbn=9781316616956},
    abstract = {In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.},
    booktitle = {Cambridge {Handbook} of {Cyber} {Behavior}},
    publisher = {Cambridge University Press},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    editor = {Yan, Zheng},
    year = {2023},
    keywords = {Crisis, HCI, Peace, Projekt-CYWARN, Projekt-ATHENE-FANCY, Projekt-emergenCITY},
    }

  • Christian Reuter, Marc-André Kaufhold, Tom Biselli, Helene Pleil (2023)
    Increasing Adoption Despite Perceived Limitations of Social Media in Emergencies: Representative Insights on German Citizens’ Perception and Trends from 2017 to 2021
    International Journal of Disaster Risk Reduction (IJDRR) ;96. doi:https://doi.org/10.1016/j.ijdrr.2023.103880
    [BibTeX] [Abstract] [Download PDF]

    The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.

    @article{reuter_increasing_2023,
    title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
    volume = {96},
    issn = {2212-4209},
    url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
    doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
    abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
    journal = {International Journal of Disaster Risk Reduction (IJDRR)},
    author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, SocialMedia, Student, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY, Projekt-NEBULA, Projekt-CYLENCE},
    }

  • Christian Reuter, Thea Riebe, Laura Guntrum (2023)
    Science Peace Security ‘23 – Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research
    Darmstadt, Germany: TUprints. doi:10.26083/tuprints-00024777
    [BibTeX] [Abstract] [Download PDF]

    The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.

    @book{reuter_science_2023,
    address = {Darmstadt, Germany},
    title = {Science {Peace} {Security} ‘23 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
    abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
    publisher = {TUprints},
    author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    year = {2023},
    doi = {10.26083/tuprints-00024777},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
    }

  • Christian Reuter, Thea Riebe, Laura Guntrum (2023)
    Science Peace Security ’23: Editorial of the Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research
    In: Christian Reuter, Thea Riebe, Laura Guntrum: Science Peace Security ’23: Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research. Darmstadt, Germany: TUprints, , 9–13. doi:10.26083/tuprints-00024777
    [BibTeX] [Abstract] [Download PDF]

    The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.

    @incollection{reuter_science_2023-1,
    address = {Darmstadt, Germany},
    title = {Science {Peace} {Security} ’23: {Editorial} of the {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
    abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
    booktitle = {Science {Peace} {Security} ’23: {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    publisher = {TUprints},
    author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    editor = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    year = {2023},
    doi = {10.26083/tuprints-00024777},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
    pages = {9--13},
    }

  • Thea Riebe (2023)
    Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt. doi:10.26083/tuprints-00022849
    [BibTeX] [Abstract] [Download PDF]

    Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks. Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies. In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.

    @book{riebe_technology_2023,
    address = {Darmstadt, Germany},
    title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
    url = {https://tuprints.ulb.tu-darmstadt.de/22849/},
    abstract = {Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks.
    Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies.
    In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Riebe, Thea},
    year = {2023},
    doi = {10.26083/tuprints-00022849},
    keywords = {HCI, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-CYWARN, Dissertation},
    }

  • Thea Riebe, Julian Bäumler, Marc-André Kaufhold, Christian Reuter (2023)
    Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design Perspective
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) . doi:10.1007/s10606-022-09453-4
    [BibTeX] [Abstract] [Download PDF]

    The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.

    @article{riebe_values_2023,
    title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
    url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
    doi = {10.1007/s10606-022-09453-4},
    abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Thea Riebe, Tom Biselli, Marc-André Kaufhold, Christian Reuter (2023)
    Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey
    Proceedings on Privacy Enhancing Technologies (PoPETs) (1):477–493. doi:https://doi.org/10.56553/popets-2023-0028
    [BibTeX] [Abstract] [Download PDF]

    The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.

    @article{riebe_privacy_2023,
    title = {Privacy {Concerns} and {Acceptance} {Factors} of {OSINT} for {Cybersecurity}: {A} {Representative} {Survey}},
    url = {https://petsymposium.org/popets/2023/popets-2023-0028.pdf},
    doi = {https://doi.org/10.56553/popets-2023-0028},
    abstract = {The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.},
    number = {1},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Riebe, Thea and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CYWARN, Projekt-ATHENE-FANCY, AuswahlUsableSec},
    pages = {477--493},
    }

  • Thea Riebe (2023)
    Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks. Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies. In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.

    @book{riebe_technology_2023-1,
    address = {Wiesbaden, Germany},
    title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
    isbn = {978-3-658-41666-9},
    url = {https://link.springer.com/book/10.1007/978-3-658-41667-6},
    abstract = {Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks.
    Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies.
    In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.},
    publisher = {Springer Vieweg},
    author = {Riebe, Thea},
    year = {2023},
    note = {https://doi.org/10.1007/978-3-658-41667-6},
    keywords = {HCI, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-CYWARN, Dissertation},
    }

  • Stefka Schmid, Laura Guntrum, Steffen Haesler, Lisa Schultheiß, Christian Reuter (2023)
    Digital Volunteers During the COVID-19 Pandemic: Care Work on Social Media for Socio-technical Resilience
    Weizenbaum Journal of the Digital Society ;3(1). doi:10.34669/WI.WJDS/3.3.6
    [BibTeX] [Abstract] [Download PDF]

    Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.

    @article{schmid_digital_2023,
    title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
    volume = {3},
    issn = {2748-5625},
    url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
    doi = {10.34669/WI.WJDS/3.3.6},
    abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.},
    number = {1},
    journal = {Weizenbaum Journal of the Digital Society},
    author = {Schmid, Stefka and Guntrum, Laura and Haesler, Steffen and Schultheiß, Lisa and Reuter, Christian},
    month = may,
    year = {2023},
    keywords = {Crisis, HCI, SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-TraCe},
    }

  • Stefka Schmid (2023)
    Safe and Secure? Visions of Military Human-Computer Interaction
    Mensch und Computer – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-365
    [BibTeX] [Abstract] [Download PDF]

    Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.

    @inproceedings{schmid_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe and {Secure}? {Visions} of {Military} {Human}-{Computer} {Interaction}},
    url = {https://dl.gi.de/items/841cc5bd-8e25-40de-804f-8fb4fedddf11},
    doi = {10.18420/muc2023-mci-ws01-365},
    abstract = {Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Schmid, Stefka},
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Daniel Schmidt, Franz Kuntke, Maximilian Bauer, Lars Baumgärtner (2023)
    BPoL: A Disruption-Tolerant LoRa Network for Disaster Communication
    IEEE Global Humanitarian Technology Conference (GHTC) . doi:10.1109/GHTC56179.2023.10354717
    [BibTeX] [Abstract] [Download PDF]

    Information and Communication Technology (ICT) is vital for everyday life and especially during times of disaster.Relying on existing infrastructure is problematic as maintenance is expensive, and they can be disrupted in emergency scenarios. Cost is a major factor which limits the technologies that can be used in rural areas or for emergency response, as satellite uplinks or private cellular networks are very expensive and complex. LoRa is commonly used for IoT infrastructure worldwide in the form of LoRaWAN to cover larger distances with low costs. But it can also be used in a Device-to-Device (D2D) mode for direct communication. By combining LoRa with Disruption-tolerant Networking (DTN), we present an affordable and practical solution that can cope with challenging conditions and be used for a large variety of applications. In our evaluation, we show how adaptable our solution is and how it outperforms similar mesh-based applications for disaster communication.

    @inproceedings{schmidt_bpol_2023,
    title = {{BPoL}: {A} {Disruption}-{Tolerant} {LoRa} {Network} for {Disaster} {Communication}},
    url = {https://peasec.de/paper/2023/2023_SchmidtKuntkeBauerBaumgaertner_BPOL_GHTC.pdf},
    doi = {10.1109/GHTC56179.2023.10354717},
    abstract = {Information and Communication Technology (ICT) is vital for everyday life and especially during times of disaster.Relying on existing infrastructure is problematic as maintenance is expensive, and they can be disrupted in emergency scenarios. Cost is a major factor which limits the technologies that can be used in rural areas or for emergency response, as satellite uplinks or private cellular networks are very expensive and complex. LoRa is commonly used for IoT infrastructure worldwide in the form of LoRaWAN to cover larger distances with low costs. But it can also be used in a Device-to-Device (D2D) mode for direct communication. By combining LoRa with Disruption-tolerant Networking (DTN), we present an affordable and practical solution that can cope with challenging conditions and be used for a large variety of applications. In our evaluation, we show how adaptable our solution is and how it outperforms similar mesh-based applications for disaster communication.},
    booktitle = {{IEEE} {Global} {Humanitarian} {Technology} {Conference} ({GHTC})},
    author = {Schmidt, Daniel and Kuntke, Franz and Bauer, Maximilian and Baumgärtner, Lars},
    year = {2023},
    keywords = {UsableSec, Security, Projekt-GeoBox, Projekt-AgriRegio},
    pages = {440--447},
    }

  • Enno Steinbrink, Tom Biselli, Sebastian Linsner, Franziska Herbert, Christian Reuter (2023)
    Privacy Perception and Behaviour in Safety-Critical Environments
    In: Nina Gerber, Alina Stöver, Karola Marky: Human Factors in Privacy Research. Cham: Springer International Publishing, , 237–251.
    [BibTeX] [Abstract] [Download PDF]

    When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.

    @incollection{steinbrink_privacy_2023,
    address = {Cham},
    title = {Privacy {Perception} and {Behaviour} in {Safety}-{Critical} {Environments}},
    isbn = {978-3-031-28643-8},
    url = {https://doi.org/10.1007/978-3-031-28643-8_12},
    abstract = {When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.},
    booktitle = {Human {Factors} in {Privacy} {Research}},
    publisher = {Springer International Publishing},
    author = {Steinbrink, Enno and Biselli, Tom and Linsner, Sebastian and Herbert, Franziska and Reuter, Christian},
    editor = {Gerber, Nina and Stöver, Alina and Marky, Karola},
    year = {2023},
    keywords = {HCI, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-FANCY, Projekt-GRKPrivacy},
    pages = {237--251},
    }

  • Sebastian Surminski, Christian Niesler, Sebastian Linsner, Lucas Davi, Christian Reuter (2023)
    SCAtt-man: Side-Channel-Based Remote Attestation for Embedded Devices that Users Understand
    Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy New York, NY, USA. doi:10.1145/3577923.3583652
    [BibTeX] [Abstract] [Download PDF]

    From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.

    @inproceedings{surminski_scatt-man_2023,
    address = {New York, NY, USA},
    series = {{CODASPY} '23},
    title = {{SCAtt}-man: {Side}-{Channel}-{Based} {Remote} {Attestation} for {Embedded} {Devices} that {Users} {Understand}},
    isbn = {9798400700675},
    url = {https://doi.org/10.1145/3577923.3583652},
    doi = {10.1145/3577923.3583652},
    abstract = {From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.},
    booktitle = {Proceedings of the {Thirteenth} {ACM} {Conference} on {Data} and {Application} {Security} and {Privacy}},
    publisher = {Association for Computing Machinery},
    author = {Surminski, Sebastian and Niesler, Christian and Linsner, Sebastian and Davi, Lucas and Reuter, Christian},
    year = {2023},
    keywords = {HCI, UsableSec, Security, Ranking-CORE-B, Projekt-CROSSING},
    pages = {225--236},
    }

  • Leon Würsching, Florentin Putz, Steffen Haesler, Matthias Hollick (2023)
    FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) (Best Paper Award) New York, NY, USA. doi:10.1145/3544548.3580993
    [BibTeX] [Abstract] [Download PDF]

    Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.

    @inproceedings{wursching_fido2_2023,
    address = {New York, NY, USA},
    series = {{CHI} '23},
    title = {{FIDO2} the {Rescue}? {Platform} vs. {Roaming} {Authentication} on {Smartphones}},
    url = {https://peasec.de/paper/2023/2023_WuerschingPutzHaeslerHollick_PlatformvsRoamingAuthenticationonSmartphones_CHI.pdf},
    doi = {10.1145/3544548.3580993},
    abstract = {Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
    publisher = {Association for Computing Machinery},
    author = {Würsching, Leon and Putz, Florentin and Haesler, Steffen and Hollick, Matthias},
    year = {2023},
    note = {event-place: Hamburg, HH, Germany},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A*, AuswahlUsableSec, Projekt-emergenCITY},
    }

  • Verena Zimmermann, Jasmin Haunschild, Alina Stöver, Nina Gerber (2023)
    Safe AND Secure Infrastructures? – Studying Human Aspects of Safety and Security Incidents with Experts from both Domains
    Mensch und Computer – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-225
    [BibTeX] [Abstract] [Download PDF]

    In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.

    @inproceedings{zimmermann_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe {AND} {Secure} {Infrastructures}? – {Studying} {Human} {Aspects} of {Safety} and {Security} {Incidents} with {Experts} from both {Domains}},
    url = {https://dl.gi.de/items/9c1d2bd5-229f-4db0-a764-6126cf92ef5f},
    doi = {10.18420/muc2023-mci-ws01-225},
    abstract = {In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Stöver, Alina and Gerber, Nina},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    }

  • Marco Zivkovic, Jonas Franken, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Infrastrukturen und historisches Wissen: Eine interdisziplinäre Analyse der Resilienz von Schienen- und Kabelnetzen
    Tagungsband Fachtagung Katastrophenforschung 2023 Leoben.
    [BibTeX] [Abstract] [Download PDF]

    Im Forschungsprojekt “ Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”“ wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.

    @inproceedings{zivkovic_infrastrukturen_2023,
    address = {Leoben},
    title = {Infrastrukturen und historisches {Wissen}: {Eine} interdisziplinäre {Analyse} der {Resilienz} von {Schienen}- und {Kabelnetzen}},
    isbn = {978-3-900397-11-1},
    url = {https://peasec.de/paper/2023/2023_ZivkovicFrankenThiessenEngelsReuter_InfrastrukturenHistorischesWissen_FKF23.pdf},
    abstract = {Im Forschungsprojekt " Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”" wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.},
    booktitle = {Tagungsband {Fachtagung} {Katastrophenforschung} 2023},
    publisher = {Disaster Competence Network Austria},
    author = {Zivkovic, Marco and Franken, Jonas and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-NetzGeschichte},
    }

  • Elise Özalp, Katrin Hartwig, Christian Reuter (2023)
    Trends in Explainable Artificial Intelligence for Non-Experts
    In: Peter Klimczak, Christer Petersen: AI – Limits and Prospects of Artificial Intelligence. Bielefeld: Transcript Verlag, , 223–243.
    [BibTeX] [Abstract] [Download PDF]

    In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.

    @incollection{ozalp_trends_2023,
    address = {Bielefeld},
    title = {Trends in {Explainable} {Artificial} {Intelligence} for {Non}-{Experts}},
    url = {https://www.transcript-verlag.de/978-3-8376-5732-6/ai-limits-and-prospects-of-artificial-intelligence/?c=313000019},
    abstract = {In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.},
    booktitle = {{AI} - {Limits} and {Prospects} of {Artificial} {Intelligence}},
    publisher = {Transcript Verlag},
    author = {Özalp, Elise and Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Petersen, Christer},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {223--243},
    }

    2022

  • Ali Sercan Basyurt, Jennifer Fromm, Philipp Kuehn, Marc-André Kaufhold, Milad Mirabaie (2022)
    Help Wanted – Challenges in Data Collection, Analysis and Communication of Cyber Threats in Security Operation Centers
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) Nürnberg.
    [BibTeX] [Abstract] [Download PDF]

    Security Operation Centers are tasked with collecting and analyzing cyber threat data from multiple sources to communicate warning messages and solutions. These tasks are extensive and resource consuming, which makes supporting approaches valuable to experts. However, to implement such approaches, information about the challenges these experts face while performing these tasks is necessary. We therefore conducted semi-structured expert interviews to identify these challenges. By doing so, valuable insights into these challenges based on expert knowledge is acquired, which in return could be leveraged to develop automated approaches to support experts and address these challenges.

    @inproceedings{basyurt_help_2022,
    address = {Nürnberg},
    title = {Help {Wanted} - {Challenges} in {Data} {Collection}, {Analysis} and {Communication} of {Cyber} {Threats} in {Security} {Operation} {Centers}},
    url = {http://www.peasec.de/paper/2022/2022_BasyourtFrommKuehnKaufholdMirabaie_HelpWantedChallengesDataCollectionAnalysisCommunication_WI.pdf},
    abstract = {Security Operation Centers are tasked with collecting and analyzing cyber threat data from multiple sources to communicate warning messages and solutions. These tasks are extensive and resource consuming, which makes supporting approaches valuable to experts. However, to implement such approaches, information about the challenges these experts face while performing these tasks is necessary. We therefore conducted semi-structured expert interviews to identify these challenges. By doing so, valuable insights into these challenges based on expert knowledge is acquired, which in return could be leveraged to develop automated approaches to support experts and address these challenges.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI})},
    author = {Basyurt, Ali Sercan and Fromm, Jennifer and Kuehn, Philipp and Kaufhold, Marc-André and Mirabaie, Milad},
    year = {2022},
    keywords = {Ranking-CORE-C, Security, Projekt-CYWARN},
    }

  • Markus Bayer, Marc-André Kaufhold, Björn Buchhold, Marcel Keller, Jörg Dallmeyer, Christian Reuter (2022)
    Data Augmentation in Natural Language Processing: A Novel Text Generation Approach for Long and Short Text Classifiers
    International Journal of Machine Learning and Cybernetics (IJMLC) . doi:10.1007/s13042-022-01553-3
    [BibTeX] [Abstract] [Download PDF]

    In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.

    @article{bayer_data_2022,
    title = {Data {Augmentation} in {Natural} {Language} {Processing}: {A} {Novel} {Text} {Generation} {Approach} for {Long} and {Short} {Text} {Classifiers}},
    url = {https://link.springer.com/article/10.1007/s13042-022-01553-3},
    doi = {10.1007/s13042-022-01553-3},
    abstract = {In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.},
    journal = {International Journal of Machine Learning and Cybernetics (IJMLC)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Buchhold, Björn and Keller, Marcel and Dallmeyer, Jörg and Reuter, Christian},
    year = {2022},
    keywords = {Student, Security, A-Paper, Ranking-ImpactFactor, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Tom Biselli, Enno Steinbrink, Franziska Herbert, Gina Maria Schmidbauer-Wolf, Christian Reuter (2022)
    On the Challenges of Developing a Concise Questionnaire to Identify Privacy Personas
    Proceedings on Privacy Enhancing Technologies (PoPETs) (4):645–669. doi:10.56553/popets-2022-0126
    [BibTeX] [Abstract] [Download PDF]

    Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.

    @article{biselli_challenges_2022,
    title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
    url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
    doi = {10.56553/popets-2022-0126},
    abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
    number = {4},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec, Projekt-GRKPrivacy},
    pages = {645--669},
    }

  • Christian Bueger, Tobias Liebetrau, Jonas Franken (2022)
    Security threats to undersea communications cables and infrastructure – consequences for the EU
    Brussels: European Parliament.
    [BibTeX] [Abstract] [Download PDF]

    The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.

    @book{bueger_security_2022,
    address = {Brussels},
    title = {Security threats to undersea communications cables and infrastructure – consequences for the {EU}},
    url = {https://www.europarl.europa.eu/thinktank/en/document/EXPO_IDA(2022)702557},
    abstract = {The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.},
    publisher = {European Parliament},
    author = {Bueger, Christian and Liebetrau, Tobias and Franken, Jonas},
    year = {2022},
    keywords = {Student, Security, Infrastructure, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Laura Buhleier, Sebastian Linsner, Enno Steinbrink, Christian Reuter (2022)
    Eine Klassifikation sicherheitskritischer UX-Design-Patterns
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-275
    [BibTeX] [Abstract] [Download PDF]

    User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.

    @inproceedings{buhleier_klassifikation_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Eine {Klassifikation} sicherheitskritischer {UX}-{Design}-{Patterns}},
    url = {https://dl.gi.de/handle/20.500.12116/39087},
    doi = {10.18420/muc2022-mci-ws10-275},
    abstract = {User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Buhleier, Laura and Linsner, Sebastian and Steinbrink, Enno and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-CROSSING, Projekt-GRKPrivacy},
    }

  • Laura Buhleier, Patrick Gantner, Tobias Frey, Michael Boers, Marc-André Kaufhold, Christian Reuter (2022)
    Effizienz und Nachhaltigkeit durch Green-IT: ein systematischer Literaturüberblick im Kontext der Klimakrise
    INFORMATIK 2022: 52. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), Lecture Notes in Informatics (LNI) Hamburg, Germany. doi:10.18420/inf2022_83
    [BibTeX] [Abstract] [Download PDF]

    Die Klimakrise gehört zu den aktuell größten Herausforderungen unserer Zeit. Informations- und Kommunikationstechnologien (IKT) können hierbei eine entscheidende Rolle spielen. Einerseits, da eine Effizienzsteigerung von oder durch IKT zu einer klimafreundlicheren Nutzung beitragen kann, und andererseits, da IKT zu einem erhöhten Ressourcenverbrauch führen kann. Um diese Thematik weiter zu untersuchen, wird in dieser Arbeit eine systematische Literaturrecherche durchgeführt, um Herausforderungen und Potenziale in der Adressierung der Klimakrise durch eine effiziente und nachhaltige Entwicklung des IKT-Sektors zu analysieren. Die dabei untersuchte Literatur beinhaltet Herausforderungen wie zum Beispiel den hohen Energie- und Materialverbrauch der IKT-Geräte und Datenzentren sowie die entstehenden Entsorgungskosten und das Konsumverhalten der Nutzer*innen. Deswegen sollten die Nutzer*innen mehr Informationen zur Wartung, zum Kauf gebrauchter Geräte, und zum Recyceln/Entsorgen erhalten. Die Analyse lieferte aber auch viele Potenziale. Durch IKT können Effizienzsteigerungen in den Bereich Industrie, Landwirtschaft, Verkehr und Transport erreicht und auch umweltschädliche Geräte substituiert werden. Durch diese Potenziale kann es aber, wie in anderen Bereichen, zu einem Rebound-Effekt kommen.

    @inproceedings{buhleier_effizienz_2022,
    address = {Hamburg, Germany},
    title = {Effizienz und {Nachhaltigkeit} durch {Green}-{IT}: ein systematischer {Literaturüberblick} im {Kontext} der {Klimakrise}},
    isbn = {978-3-88579-720-3},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/39590/rsflab_06.pdf?sequence=1&isAllowed=y},
    doi = {10.18420/inf2022_83},
    abstract = {Die Klimakrise gehört zu den aktuell größten Herausforderungen unserer Zeit. Informations- und Kommunikationstechnologien (IKT) können hierbei eine entscheidende Rolle spielen. Einerseits, da eine Effizienzsteigerung von oder durch IKT zu einer klimafreundlicheren Nutzung beitragen kann, und andererseits, da IKT zu einem erhöhten Ressourcenverbrauch führen kann. Um diese Thematik weiter zu untersuchen, wird in dieser Arbeit eine systematische Literaturrecherche durchgeführt, um Herausforderungen und Potenziale in der Adressierung der Klimakrise durch eine effiziente und nachhaltige Entwicklung des IKT-Sektors zu analysieren. Die dabei untersuchte Literatur beinhaltet Herausforderungen wie zum Beispiel den hohen Energie- und Materialverbrauch der IKT-Geräte und Datenzentren sowie die entstehenden Entsorgungskosten und das Konsumverhalten der Nutzer*innen. Deswegen sollten die Nutzer*innen mehr Informationen zur Wartung, zum Kauf gebrauchter Geräte, und zum Recyceln/Entsorgen erhalten. Die Analyse lieferte aber auch viele Potenziale. Durch IKT können Effizienzsteigerungen in den Bereich Industrie, Landwirtschaft, Verkehr und Transport erreicht und auch umweltschädliche Geräte substituiert werden. Durch diese Potenziale kann es aber, wie in anderen Bereichen, zu einem Rebound-Effekt kommen.},
    language = {de},
    booktitle = {{INFORMATIK} 2022: 52. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge}), {Lecture} {Notes} in {Informatics} ({LNI})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Buhleier, Laura and Gantner, Patrick and Frey, Tobias and Boers, Michael and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Demmler, D. and Krupka, D. and Federrath, H.},
    year = {2022},
    keywords = {Student, Ranking-CORE-C, Ranking-VHB-C, Security, Projekt-GeoBox, Projekt-AgriRegio},
    pages = {995--1012},
    }

  • Daniel EberzEder, Franz Kuntke, Christian Reuter (2022)
    Sensibilität für Resilient Smart Farming (RSF) und seine Bedeutung in Krisenzeiten
    42. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft Tänikon, Switzerland.
    [BibTeX] [Abstract] [Download PDF]

    Mit der globalen COVID-19-Pandemie und dem Hochwasser in West- und Mitteleuropa im Sommer 2021 hat unter anderem Deutschland in jüngster Vergangenheit zwei schwerwiegende Krisenszenarien erlebt. Die Auswirkungen auf die Gesellschaft und Wirtschaft sind verheerend. Parallel lassen sich Krisenereignisse im digitalen Raum, wie die Zunahme an Cyberkriminalität beobachten. Es wird zunehmend deutlich, dass die Resilienz analoger sowie digitaler Prozesse wichtiger für die vollständige Betriebsfähigkeit wird. Die vorliegende Arbeit setzt sich mit der Bedeutung des Resilient Smart Farming (RSF) in Krisenzeiten als Möglichkeit für eine nachhaltige, umweltgerechte und resiliente digitale Landwirtschaft auseinander. Dazu wurden u.a. lokale Schadensmeldungen gruppiert und mögliche RSF-Gegenmaßnahmen aufgezeigt. Im Ergebnis zeigt sich eine Bewertung von Konzepten des RSF hinsichtlich der Krisenprävention und -bewältigung anhand aktueller realer Beispiele. Aufgrund zunehmender Bedrohungen durch Naturkatastrophen und Cyberkriminialität gehen wir davon aus, dass die Aufmerksamkeit von Gesellschaft und Politik für die Resilienz der Primärproduktion weiter steigen wird.

    @inproceedings{eberz-eder_sensibilitat_2022,
    address = {Tänikon, Switzerland},
    title = {Sensibilität für {Resilient} {Smart} {Farming} ({RSF}) und seine {Bedeutung} in {Krisenzeiten}},
    url = {https://peasec.de/paper/2022/2022_EberzEderKuntkeReuter_SensibilitaetResilientSmartFarmingKrisen_GIL.pdf},
    abstract = {Mit der globalen COVID-19-Pandemie und dem Hochwasser in West- und Mitteleuropa im Sommer 2021 hat unter anderem Deutschland in jüngster Vergangenheit zwei schwerwiegende Krisenszenarien erlebt. Die Auswirkungen auf die Gesellschaft und Wirtschaft sind verheerend. Parallel lassen sich Krisenereignisse im digitalen Raum, wie die Zunahme an Cyberkriminalität beobachten. Es wird zunehmend deutlich, dass die Resilienz analoger sowie digitaler Prozesse wichtiger für die vollständige Betriebsfähigkeit wird. Die vorliegende Arbeit setzt sich mit der Bedeutung des Resilient Smart Farming (RSF) in Krisenzeiten als Möglichkeit für eine nachhaltige, umweltgerechte und resiliente digitale Landwirtschaft auseinander. Dazu wurden u.a. lokale Schadensmeldungen gruppiert und mögliche RSF-Gegenmaßnahmen aufgezeigt. Im Ergebnis zeigt sich eine Bewertung von Konzepten des RSF hinsichtlich der Krisenprävention und -bewältigung anhand aktueller realer Beispiele. Aufgrund zunehmender Bedrohungen durch Naturkatastrophen und Cyberkriminialität gehen wir davon aus, dass die Aufmerksamkeit von Gesellschaft und Politik für die Resilienz der Primärproduktion weiter steigen wird.},
    booktitle = {42. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Eberz-Eder, Daniel and Kuntke, Franz and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, Projekt-GeoBox, Projekt-AgriRegio},
    }

  • Kaan Eyilmez, Ali Sercan Basyurt, Stefan Stieglitz, Christoph Fuchss, Marc-André Kaufhold, Christian Reuter, Milad Mirabaie (2022)
    A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication
    Australasian Conference on Information Systems (ACIS) .
    [BibTeX] [Abstract] [Download PDF]

    Over the past few decades, the number and variety of cyberattacks and malware patterns have increased immensely. As a countermeasure, computer emergency response teams were established with the responsibility of securing the cyber environment. However, recent studies revealed that currently performed manual processes and the unavailability of adequate tools impede the achievement of cybersecurity. To address these challenges, we followed the Design Science paradigm to develop an artefact that improves the evaluation of open-source intelligence obtained from Twitter as well as the actor-specific communication of cyber threat information. Subsequently, the implemented artefact will be evaluated through semi-structured interviews with subject matter experts. This research in progress article presents the identified research gap and describes the development process and the endeavor to contribute to the cybersecurity domain theoretically with design principles for the development of an instrument and practically by implementing an artefact that supports domain experts in their work.

    @inproceedings{eyilmez_design_2022,
    title = {A {Design} {Science} {Artefact} for {Cyber} {Threat} {Detection} and {Actor} {Specific} {Communication}},
    url = {https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1049&context=acis2022},
    abstract = {Over the past few decades, the number and variety of cyberattacks and malware patterns have increased immensely. As a countermeasure, computer emergency response teams were established with the responsibility of securing the cyber environment. However, recent studies revealed that currently performed manual processes and the unavailability of adequate tools impede the achievement of cybersecurity. To address these challenges, we followed the Design Science paradigm to develop an artefact that improves the evaluation of open-source intelligence obtained from Twitter as well as the actor-specific communication of cyber threat information. Subsequently, the implemented artefact will be evaluated through semi-structured interviews with subject matter experts. This research in progress article presents the identified research gap and describes the development process and the endeavor to contribute to the cybersecurity domain theoretically with design principles for the development of an instrument and practically by implementing an artefact that supports domain experts in their work.},
    booktitle = {Australasian {Conference} on {Information} {Systems} ({ACIS})},
    publisher = {AIS Electronic Library (AISel)},
    author = {Eyilmez, Kaan and Basyurt, Ali Sercan and Stieglitz, Stefan and Fuchss, Christoph and Kaufhold, Marc-André and Reuter, Christian and Mirabaie, Milad},
    year = {2022},
    keywords = {Student, Security, Projekt-CYWARN},
    }

  • Jonas Franken, Thomas Reinhold, Lilian Reichert, Christian Reuter (2022)
    The Digital Divide in State Vulnerability to Submarine Communications Cable Failure
    International Journal of Critical Infrastructure Protection (IJCIP) ;38(100522):1–15. doi:10.1016/j.ijcip.2022.100522
    [BibTeX] [Abstract] [Download PDF]

    The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.

    @article{franken_digital_2022,
    title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
    volume = {38},
    url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
    doi = {10.1016/j.ijcip.2022.100522},
    abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
    number = {100522},
    journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
    author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Selected, Student, Security, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio},
    pages = {1--15},
    }

  • Jonas Franken (2022)
    Seekabel als Maritime Kritische Infrastruktur
    Dreizack 21: Von historischen bis zukünftigen Herausforderungen im maritimen Raum Laboe/Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_seekabel_2022,
    address = {Laboe/Kiel},
    title = {Seekabel als {Maritime} {Kritische} {Infrastruktur}},
    url = {https://www.kielseapowerseries.com/files/ispk/content/workshops/Dreizack/Sammelband zum Dreizack21.pdf},
    booktitle = {Dreizack 21: {Von} historischen bis zukünftigen {Herausforderungen} im maritimen {Raum}},
    author = {Franken, Jonas},
    editor = {Schilling, Henrik},
    year = {2022},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban},
    pages = {22--25},
    }

  • Sabrina Gabel, Lilian Reichert, Christian Reuter (2022)
    Discussing Conflict in Social Media – The Use of Twitter in the Jammu and Kashmir Conflict
    Media, War & Conflict ;15(4):1–26.
    [BibTeX] [Abstract] [Download PDF]

    Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani’s impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.

    @article{gabel_discussing_2022,
    title = {Discussing {Conflict} in {Social} {Media} – {The} {Use} of {Twitter} in the {Jammu} and {Kashmir} {Conflict}},
    volume = {15},
    url = {https://journals.sagepub.com/doi/full/10.1177/1750635220970997},
    abstract = {Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani's impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.},
    number = {4},
    journal = {Media, War \& Conflict},
    author = {Gabel, Sabrina and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, Ranking-ImpactFactor, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--26},
    }

  • Jelle Groenendaal, Ira Helsloot, Christian Reuter (2022)
    Towards More Insight into Cyber Incident Response Decision Making and its Implications for Cyber Crisis Management
    Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract] [Download PDF]

    Organizations affected by a cyber-attack usually rely on external Cyber Incident Response (CIR) consultants to conduct investigations and mitigate the impact. These CIR consultants need to make critical decisions that could have major impact on their clients. This preliminary investigation aims to get a better understanding of CIR decision-making and answers the following questions: (1.) To what extent do experienced CIR consultants use a Recognition-Primed Decision (RPD) Making strategy during their work? (2.) What are the implications for cyber crisis management as well as for training and decision-making? To answer these questions, we conducted a literature review and interviewed six experienced CIR consultants using the Critical Decision Method. Our analysis reveals that CIR consultants recognize situations based on past experiences and apply a course of action that has worked effectively in the past. This course of action is mainly aimed at collecting and evaluating more data. This finding differs from other operational domains such as the military and fire department, where recognition is usually followed immediately by action. For cyber crisis management, this means that crisis management teams should decide to what extent and in what ways they want to mitigate the risk of responding belatedly to cyber events, which could potentially lead to unnecessary data theft and sustained business disruption. Another implication is that crisis management teams should consider whether additional forensic investigation outweighs the expected benefits throughout the response process. For instance, if the likely entry-point of the attacker has been discovered, how much effort should be devoted to exclude other potential entry-points. Reflecting on the status-quo, several implications for training and decision-making are provided.

    @inproceedings{groenendaal_towards_2022,
    title = {Towards {More} {Insight} into {Cyber} {Incident} {Response} {Decision} {Making} and its {Implications} for {Cyber} {Crisis} {Management}},
    url = {http://idl.iscram.org/files/jellegroenendaal/2022/2468_JelleGroenendaal_etal2022.pdf},
    abstract = {Organizations affected by a cyber-attack usually rely on external Cyber Incident Response (CIR) consultants to conduct investigations and mitigate the impact. These CIR consultants need to make critical decisions that could have major impact on their clients. This preliminary investigation aims to get a better understanding of CIR decision-making and answers the following questions: (1.) To what extent do experienced CIR consultants use a Recognition-Primed Decision (RPD) Making strategy during their work? (2.) What are the implications for cyber crisis management as well as for training and decision-making? To answer these questions, we conducted a literature review and interviewed six experienced CIR consultants using the Critical Decision Method. Our analysis reveals that CIR consultants recognize situations based on past experiences and apply a course of action that has worked effectively in the past. This course of action is mainly aimed at collecting and evaluating more data. This finding differs from other operational domains such as the military and fire department, where recognition is usually followed immediately by action. For cyber crisis management, this means that crisis management teams should decide to what extent and in what ways they want to mitigate the risk of responding belatedly to cyber events, which could potentially lead to unnecessary data theft and sustained business disruption. Another implication is that crisis management teams should consider whether additional forensic investigation outweighs the expected benefits throughout the response process. For instance, if the likely entry-point of the attacker has been discovered, how much effort should be devoted to exclude other potential entry-points. Reflecting on the status-quo, several implications for training and decision-making are provided.},
    booktitle = {Proceedings of the {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Groenendaal, Jelle and Helsloot, Ira and Reuter, Christian},
    year = {2022},
    keywords = {UsableSec, Security},
    }

  • Laura Guntrum (2022)
    Justice-oriented Research in Peace and Conflict Studies in Times of Social Distancing
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-216
    [BibTeX] [Abstract] [Download PDF]

    Not only since the COVID-19 pandemic, many research processes had already been increasingly digitized to maintain global ex-change of information efficiently. For years, scientific empirical studies have been conducted in politically sensitive contexts using digitally mediated methods, entailing numerous risks as well as potentials. One goal of digital research is to also capture marginal-ized voices. With emerging risks related to digital research, such as digital surveillance and social media monitoring by adversaries (e.g., the military in Myanmar), research needs to be more thoughtfully conducted. Considering research ethics, an evolving discrepancy between security measures and values of social jus-tice, such as accessibility and representation, appears as most data-secure applications are not used widely and offers such as “Free Basics” entice people to use rather data-unsecure applica-tions. Reflecting on this existing discrepancy in ethical require-ments, I illustrate challenges of the German research context re-lated to digitally conducted research focusing on overt conflictive social contexts.

    @inproceedings{guntrum_justice-oriented_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Justice-oriented {Research} in {Peace} and {Conflict} {Studies} in {Times} of {Social} {Distancing}},
    url = {https://dl.gi.de/handle/20.500.12116/39092},
    doi = {10.18420/muc2022-mci-ws10-216},
    abstract = {Not only since the COVID-19 pandemic, many research processes had already been increasingly digitized to maintain global ex-change of information efficiently. For years, scientific empirical studies have been conducted in politically sensitive contexts using digitally mediated methods, entailing numerous risks as well as potentials. One goal of digital research is to also capture marginal-ized voices. With emerging risks related to digital research, such as digital surveillance and social media monitoring by adversaries (e.g., the military in Myanmar), research needs to be more thoughtfully conducted. Considering research ethics, an evolving discrepancy between security measures and values of social jus-tice, such as accessibility and representation, appears as most data-secure applications are not used widely and offers such as “Free Basics” entice people to use rather data-unsecure applica-tions. Reflecting on this existing discrepancy in ethical require-ments, I illustrate challenges of the German research context re-lated to digitally conducted research focusing on overt conflictive social contexts.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Guntrum, Laura},
    year = {2022},
    keywords = {Security, Peace, Projekt-ATHENE-FANCY, Projekt-TraCe},
    }

  • Laura Guntrum, Mira Keßler, Jignesh Patel, Anna Varfolomeeva (2022)
    Remotely Accessing the Field and Building Trust with Distant Sources. Perspectives from Journalism Practice for Ethnographic Research
    Global Media Journal – German Edition ;12(1).
    [BibTeX] [Abstract] [Download PDF]

    Journalists and ethnographic researchers, such as anthropologists, sociologists or media scholars, have comparable ways of establishing initial contacts with people from their fields of interest. Due to the ongoing COVID-19 pandemic and consequential travel restrictions and social distancing, it has become increasingly difficult to access a field. Taking inspiration from social anthropologist Ulf Hannerz (2004, p. 226), who compared journalists and anthropologists as “neighboring groups engaged in a somehow parallel pursuit,” this article explores what researchers may learn from practitioners who conduct research without being on-site. Fed by various practical journalists’ experiences, the article aims to investigate how information and communication technologies (ICTs) and digitally mediated methods, such as online search tools and social media, can be used to establish contacts and gain trust remotely. Here, the relevance of these methods for accessing a field in general goes beyond the limitations imposed during the COVID-19 pandemic and can be of interest to all those who face difficulties of field access of any kind. Ultimately, this article reflects on corresponding ethical challenges that may arise while conducting research remotely.

    @article{guntrum_remotely_2022,
    title = {Remotely {Accessing} the {Field} and {Building} {Trust} with {Distant} {Sources}. {Perspectives} from {Journalism} {Practice} for {Ethnographic} {Research}},
    volume = {12},
    url = {https://globalmediajournal.de/index.php/gmj/article/view/220},
    abstract = {Journalists and ethnographic researchers, such as anthropologists, sociologists or media scholars, have comparable ways of establishing initial contacts with people from their fields of interest. Due to the ongoing COVID-19 pandemic and consequential travel restrictions and social distancing, it has become increasingly difficult to access a field. Taking inspiration from social anthropologist Ulf Hannerz (2004, p. 226), who compared journalists and anthropologists as “neighboring groups engaged in a somehow parallel pursuit,” this article explores what researchers may learn from practitioners who conduct research without being on-site. Fed by various practical journalists’ experiences, the article aims to investigate how information and communication technologies (ICTs) and digitally mediated methods, such as online search tools and social media, can be used to establish contacts and gain trust remotely. Here, the relevance of these methods for accessing a field in general goes beyond the limitations imposed during the COVID-19 pandemic and can be of interest to all those who face difficulties of field access of any kind. Ultimately, this article reflects on corresponding ethical challenges that may arise while conducting research remotely.},
    number = {1},
    journal = {Global Media Journal - German Edition},
    author = {Guntrum, Laura and Keßler, Mira and Patel, Jignesh and Varfolomeeva, Anna},
    year = {2022},
    keywords = {Peace, Projekt-TraCe},
    }

  • Malte Göttsche, Sibylle Bauer, Anja Dahlmann, Friederike Frieß, Filippa Lentzos, Götz Neuneck, Irmgard Niemeyer, Thea Riebe, Jantje Silomon, Christian Reuter, Jakob Brochhaus, Lukas Rademacher (2022)
    Conference Proceedings : Science, Peace, Security ’21 : The Impact of new Technologies: Destabilizing or Enabling Resilience? : 8-10 September 2021
    Aachen: RWTH Aachen University. doi:10.18154/RWTH-2022-02256
    [BibTeX] [Abstract] [Download PDF]

    The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others. The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics. Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches. Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed. The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other. Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.

    @book{gottsche_conference_2022,
    address = {Aachen},
    title = {Conference {Proceedings} : {Science}, {Peace}, {Security} '21 : {The} {Impact} of new {Technologies}: {Destabilizing} or {Enabling} {Resilience}? : 8-10 {September} 2021},
    url = {https://peasec.de/paper/2022/2022_Goettscheetal_ProceedingsSciencePeaceSecurity21ImpactOfNewTechnologies.pdf},
    abstract = {The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others.
    The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics.
    Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches.
    Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed.
    The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other.
    Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.},
    publisher = {RWTH Aachen University},
    author = {Göttsche, Malte and Bauer, Sibylle and Dahlmann, Anja and Frieß, Friederike and Lentzos, Filippa and Neuneck, Götz and Niemeyer, Irmgard and Riebe, Thea and Silomon, Jantje and Reuter, Christian and Brochhaus, Jakob and Rademacher, Lukas},
    year = {2022},
    doi = {10.18154/RWTH-2022-02256},
    keywords = {Peace},
    }

  • Katrin Hartwig, Christian Reuter (2022)
    Nudging Users Towards Better Security Decisions in Password Creation Using Whitebox-based Multidimensional Visualizations
    Behaviour & Information Technology (BIT) ;41(7):1357–1380. doi:10.1080/0144929X.2021.1876167
    [BibTeX] [Abstract] [Download PDF]

    Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.

    @article{hartwig_nudging_2022,
    title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
    volume = {41},
    url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
    doi = {10.1080/0144929X.2021.1876167},
    abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
    number = {7},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec},
    pages = {1357--1380},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Cultural Violence and Fragmentation on Social Media: Interventions and Countermeasures by Humans and Social Bots
    In: Myriam Dunn Cavelty, Andreas Wenger: Cyber Security Politics: Socio-Technological Transformations and Political Fragmentation. Routledge, , 48–63.
    [BibTeX] [Abstract] [Download PDF]

    Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.

    @incollection{haunschild_cultural_2022,
    title = {Cultural {Violence} and {Fragmentation} on {Social} {Media}: {Interventions} and {Countermeasures} by {Humans} and {Social} {Bots}},
    isbn = {978-0-367-62674-7},
    url = {https://peasec.de/paper/2022/2022_HaunschildKaufholdReuter_SocialMediaAndFragmentation_Routledge.pdf},
    abstract = {Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.},
    booktitle = {Cyber {Security} {Politics}: {Socio}-{Technological} {Transformations} and {Political} {Fragmentation}},
    publisher = {Routledge},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Cavelty, Myriam Dunn and Wenger, Andreas},
    year = {2022},
    keywords = {Crisis, SocialMedia, Peace, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {48--63},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Perceptions and Use of Warning Apps – Did Recent Crises Lead to Changes in Germany?
    Mensch und Computer – Tagungsband New York. doi:10.1145/3543758.3543770
    [BibTeX] [Abstract] [Download PDF]

    Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.

    @inproceedings{haunschild_perceptions_2022,
    address = {New York},
    title = {Perceptions and {Use} of {Warning} {Apps} – {Did} {Recent} {Crises} {Lead} to {Changes} in {Germany}?},
    url = {http://www.peasec.de/paper/2022/2022_HaunschildKaufholdReuter_WarningAppsChangesGermany_MuC.pdf},
    doi = {10.1145/3543758.3543770},
    abstract = {Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Tagungsband}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Anja P. Jakobi, Jasmin Haunschild (2022)
    Transnational organisierte Kriminalität und internationale Politik
    In: Frank Sauer, Luba von Hauff, Carlo Masala: Handbuch Internationale Beziehungen. Wiesbaden: VS Verlag für Sozialwissenschaften, , 1–25. doi:10.1007/978-3-531-19954-2_40-4
    [BibTeX] [Abstract] [Download PDF]

    Der Beitrag analysiert die unterschiedlichen Formen und Voraussetzungen der Bekämpfung, Verfolgung und Prävention transnational organisierter Kriminalität in der internationalen Politik. Dazu führen wir zunächst in die Definition und die Grundlagen in diesem Bereich ein, auch im Hinblick auf eine Einordnung in Debatten der Internationalen Beziehungen, bevor einzelne Politikbereiche – Drogenhandel, Menschenhandel und -schmuggel, Waffenhandel, Geldwäsche und Terrorismusfinanzierung, Konfliktmineralien – vorgestellt werden. Die Schlussfolgerungen bieten einen Ausblick in weitere Teilbereiche und erläutern die Rolle von staatlichen und nicht-staatlichen Akteuren in der Bekämpfung transnational organisierter Kriminalität.

    @incollection{jakobi_transnational_2022,
    address = {Wiesbaden},
    title = {Transnational organisierte {Kriminalität} und internationale {Politik}},
    isbn = {978-3-531-19954-2},
    url = {https://doi.org/10.1007/978-3-531-19954-2_40-4},
    abstract = {Der Beitrag analysiert die unterschiedlichen Formen und Voraussetzungen der Bekämpfung, Verfolgung und Prävention transnational organisierter Kriminalität in der internationalen Politik. Dazu führen wir zunächst in die Definition und die Grundlagen in diesem Bereich ein, auch im Hinblick auf eine Einordnung in Debatten der Internationalen Beziehungen, bevor einzelne Politikbereiche – Drogenhandel, Menschenhandel und -schmuggel, Waffenhandel, Geldwäsche und Terrorismusfinanzierung, Konfliktmineralien – vorgestellt werden. Die Schlussfolgerungen bieten einen Ausblick in weitere Teilbereiche und erläutern die Rolle von staatlichen und nicht-staatlichen Akteuren in der Bekämpfung transnational organisierter Kriminalität.},
    booktitle = {Handbuch {Internationale} {Beziehungen}},
    publisher = {VS Verlag für Sozialwissenschaften},
    author = {Jakobi, Anja P. and Haunschild, Jasmin},
    editor = {Sauer, Frank and von Hauff, Luba and Masala, Carlo},
    year = {2022},
    doi = {10.1007/978-3-531-19954-2_40-4},
    keywords = {Peace},
    pages = {1--25},
    }

  • Marc-André Kaufhold, Julian Bäumler, Christian Reuter (2022)
    The Implementation of Protective Measures and Communication of Cybersecurity Alerts in Germany – A Representative Survey of the Population
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-228
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.

    @inproceedings{kaufhold_implementation_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Implementation} of {Protective} {Measures} and {Communication} of {Cybersecurity} {Alerts} in {Germany} - {A} {Representative} {Survey} of the {Population}},
    url = {https://dl.gi.de/handle/20.500.12116/39061},
    doi = {10.18420/muc2022-mci-ws01-228},
    abstract = {Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kaufhold, Marc-André and Bäumler, Julian and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Marc-André Kaufhold, Ali Sercan Basyurt, Kaan Eyilmez, Marc Stöttinger, Christian Reuter (2022)
    Cyber Threat Observatory: Design and Evaluation of an Interactive Dashboard for Computer Emergency Response Teams
    Proceedings of the European Conference on Information Systems (ECIS) Timisoara, Romania.
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.

    @inproceedings{kaufhold_cyber_2022,
    address = {Timisoara, Romania},
    title = {Cyber {Threat} {Observatory}: {Design} and {Evaluation} of an {Interactive} {Dashboard} for {Computer} {Emergency} {Response} {Teams}},
    url = {http://www.peasec.de/paper/2022/2022_KaufholdBasyurtEyilmezStoettingerReuter_CyberThreatObservatory_ECIS.pdf},
    abstract = {Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Kaufhold, Marc-André and Basyurt, Ali Sercan and Eyilmez, Kaan and Stöttinger, Marc and Reuter, Christian},
    year = {2022},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Marc-André Kaufhold, Christian Reuter, Tina Comes, Milad Mirabaie, Stefan Stieglitz (2022)
    Proceedings of the 2nd Workshop on Mobile Resilience: Designing Interactive Systems for Crisis Response
    Darmstadt: TUprints.
    [BibTeX] [Abstract] [Download PDF]

    Information and communication technologies (ICT), including artificial intelligence, internet of things, and mobile applications can be utilized to tackle important societal challenges, such as the ongoing COVID-19 pandemic. While they may increase societal resilience, their design, functionality, and underlying infrastructures must be resilient against disruptions caused by anthropogenic, natural and hybrid crises, emergencies, and threats. In order to research challenges, designs, and potentials of interactive technologies, this workshop investigated the space of mobile technologies and resilient systems for crisis response, including the application domains of cyber threat and pandemic response.

    @book{kaufhold_proceedings_2022,
    address = {Darmstadt},
    title = {Proceedings of the 2nd {Workshop} on {Mobile} {Resilience}: {Designing} {Interactive} {Systems} for {Crisis} {Response}},
    url = {http://www.peasec.de/paper/2022/2022_KaufholdReuterComesMirbabaieStieglitz_Proceedings2ndWorkshopMobileResilience.pdf},
    abstract = {Information and communication technologies (ICT), including artificial intelligence, internet of things, and mobile applications can be utilized to tackle important societal challenges, such as the ongoing COVID-19 pandemic. While they may increase societal resilience, their design, functionality, and underlying infrastructures must be resilient against disruptions caused by anthropogenic, natural and hybrid crises, emergencies, and threats. In order to research challenges, designs, and potentials of interactive technologies, this workshop investigated the space of mobile technologies and resilient systems for crisis response, including the application domains of cyber threat and pandemic response.},
    publisher = {TUprints},
    author = {Kaufhold, Marc-André and Reuter, Christian and Comes, Tina and Mirabaie, Milad and Stieglitz, Stefan},
    year = {2022},
    keywords = {Crisis, Projekt-CYWARN},
    }

  • Philipp Kuehn, Julian Bäumler, Marc-André Kaufhold, Marc Wendelborn, Christian Reuter (2022)
    The Notion of Relevance in Cybersecurity: A Categorization of Security Tools and Deduction of Relevance Notions
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-220
    [BibTeX] [Abstract] [Download PDF]

    Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.

    @inproceedings{kuehn_notion_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Notion} of {Relevance} in {Cybersecurity}: {A} {Categorization} of {Security} {Tools} and {Deduction} of {Relevance} {Notions}},
    url = {https://dl.gi.de/handle/20.500.12116/39072},
    doi = {10.18420/muc2022-mci-ws01-220},
    abstract = {Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kuehn, Philipp and Bäumler, Julian and Kaufhold, Marc-André and Wendelborn, Marc and Reuter, Christian},
    year = {2022},
    keywords = {Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Franz Kuntke, Vladimir Romanenko, Sebastian Linsner, Enno Steinbrink, Christian Reuter (2022)
    LoRaWAN Security Issues and Mitigation Options by the Example of Agricultural IoT Scenarios
    Transactions on Emerging Telecommunications Technologies (ETT) ;33(5):e4452. doi:10.1002/ett.4452
    [BibTeX] [Abstract] [Download PDF]

    The Internet of Things (IoT) is a major trend that is seen as a great opportunity to improve efficiency in many domains, including agriculture. This technology could transform the sector, improving the management and quality of agricultural operations, for example, crop farming. The most promising data transmission standard for this domain seems to be Long Range Wide Area Network (LoRaWAN), a popular representative of low power wide area network technologies today. LoRaWAN, like any wireless protocol, has properties that can be exploited by attackers, which has been a topic of multiple research papers in recent years. By conducting a systematic literature review, we build a recent list of attacks, as well as collect mitigation options. Taking a look at a concrete use case (IoT in agriculture) allows us to evaluate the practicality of both exploiting the vulnerabilities and implementing the countermeasures. We detected 16 attacks that we grouped into six attack types. Along with the attacks, we collect countermeasures for attack mitigation. Developers can use our findings to minimize the risks when developing applications based on LoRaWAN. These mostly theoretical security recommendations should encourage future works to evaluate the mitigations in practice.

    @article{kuntke_lorawan_2022,
    title = {{LoRaWAN} {Security} {Issues} and {Mitigation} {Options} by the {Example} of {Agricultural} {IoT} {Scenarios}},
    volume = {33},
    issn = {2161-3915},
    url = {https://www.peasec.de/paper/2022/2022_KuntkeRomanenkoLinsnerSteinbrinkReuter_LoRaWANsecurityAgriculture_ETT.pdf},
    doi = {10.1002/ett.4452},
    abstract = {The Internet of Things (IoT) is a major trend that is seen as a great opportunity to improve efficiency in many domains, including agriculture. This technology could transform the sector, improving the management and quality of agricultural operations, for example, crop farming. The most promising data transmission standard for this domain seems to be Long Range Wide Area Network (LoRaWAN), a popular representative of low power wide area network technologies today. LoRaWAN, like any wireless protocol, has properties that can be exploited by attackers, which has been a topic of multiple research papers in recent years. By conducting a systematic literature review, we build a recent list of attacks, as well as collect mitigation options. Taking a look at a concrete use case (IoT in agriculture) allows us to evaluate the practicality of both exploiting the vulnerabilities and implementing the countermeasures. We detected 16 attacks that we grouped into six attack types. Along with the attacks, we collect countermeasures for attack mitigation. Developers can use our findings to minimize the risks when developing applications based on LoRaWAN. These mostly theoretical security recommendations should encourage future works to evaluate the mitigations in practice.},
    number = {5},
    journal = {Transactions on Emerging Telecommunications Technologies (ETT)},
    author = {Kuntke, Franz and Romanenko, Vladimir and Linsner, Sebastian and Steinbrink, Enno and Reuter, Christian},
    month = may,
    year = {2022},
    keywords = {Student, Security, A-Paper, Ranking-ImpactFactor, RSF, Projekt-GeoBox, Projekt-GRKPrivacy, Projekt-HyServ, Projekt-AgriRegio},
    pages = {e4452},
    }

  • Franz Kuntke, Sebastian Linsner, Enno Steinbrink, Jonas Franken, Christian Reuter (2022)
    Resilience in Agriculture: Communication and Energy Infrastructure Dependencies of German Farmers
    International Journal of Disaster Risk Science (IJDRS) ;13(2):214–229. doi:10.1007/s13753-022-00404-7
    [BibTeX] [Abstract] [Download PDF]

    Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.

    @article{kuntke_resilience_2022,
    title = {Resilience in {Agriculture}: {Communication} and {Energy} {Infrastructure} {Dependencies} of {German} {Farmers}},
    volume = {13},
    issn = {2192-6395},
    url = {https://link.springer.com/article/10.1007/s13753-022-00404-7},
    doi = {10.1007/s13753-022-00404-7},
    abstract = {Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.},
    number = {2},
    journal = {International Journal of Disaster Risk Science (IJDRS)},
    author = {Kuntke, Franz and Linsner, Sebastian and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
    month = apr,
    year = {2022},
    keywords = {Selected, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, RSF, Projekt-GeoBox, Projekt-GRKPrivacy, Projekt-HyServ, Projekt-AgriRegio},
    pages = {214--229},
    }

  • Sebastian Linsner, Enno Steinbrink, Franz Kuntke, Jonas Franken, Christian Reuter (2022)
    Supporting Users in Data Disclosure Scenarios in Agriculture through Transparency
    Behaviour & Information Technology (BIT) ;41(10):2137–2159. doi:10.1080/0144929X.2022.2068070
    [BibTeX] [Abstract] [Download PDF]

    Business collaboration in the era of digital transformation requires the exchange of operational data. Since data are hardly controllable once they have been published or shared with others, it is highly important that users are clearly informed about who has access to which data and how certain settings can prevent the disclosure of sensitive data. However, giving end users more control over their data through increased transparency could also lead to information overload. This is particularly true in the field of agriculture, where tight schedules put pressure on employees of small enterprises. We conduct an empirical prestudy with 52 German farmers to investigate current data sharing scenarios. From these insights, we derive requirements and a concept for data sharing solutions providing data flow transparency for users. To investigate the behavior of users and the effects of transparent UI controls, we evaluate a prototype with 18 persons. Our evaluation shows that farmers demand flexible and secure tools that adjust to their workflows. Also, data should be stored and processed locally, granting farmers data sovereignty. Although the controls require additional effort, the evaluated transparent controls for data disclosure are easy to use and raise user awareness.

    @article{linsner_supporting_2022,
    title = {Supporting {Users} in {Data} {Disclosure} {Scenarios} in {Agriculture} through {Transparency}},
    volume = {41},
    url = {http://www.peasec.de/paper/2022/2022_LinsnerSteinbrinkKuntkeFrankenReuter_SupportingDataDisclosureScenariosAgriculture_BIT.pdf},
    doi = {10.1080/0144929X.2022.2068070},
    abstract = {Business collaboration in the era of digital transformation requires the exchange of operational data. Since data are hardly controllable once they have been published or shared with others, it is highly important that users are clearly informed about who has access to which data and how certain settings can prevent the disclosure of sensitive data. However, giving end users more control over their data through increased transparency could also lead to information overload. This is particularly true in the field of agriculture, where tight schedules put pressure on employees of small enterprises. We conduct an empirical prestudy with 52 German farmers to investigate current data sharing scenarios. From these insights, we derive requirements and a concept for data sharing solutions providing data flow transparency for users. To investigate the behavior of users and the effects of transparent UI controls, we evaluate a prototype with 18 persons. Our evaluation shows that farmers demand flexible and secure tools that adjust to their workflows. Also, data should be stored and processed locally, granting farmers data sovereignty. Although the controls require additional effort, the evaluated transparent controls for data disclosure are easy to use and raise user awareness.},
    number = {10},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Linsner, Sebastian and Steinbrink, Enno and Kuntke, Franz and Franken, Jonas and Reuter, Christian},
    year = {2022},
    keywords = {UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, RSF, Projekt-GRKPrivacy, Projekt-HyServ, Projekt-AgriRegio},
    pages = {2137--2159},
    }

  • Oliver Meier, Michael Brzoska, AnnaKatharina Ferl, Sascha Hach, Markus Bayer (2), Max Mutschler, Berenike Prem, Thomas Reinhold, Stefka Schmid, Matthias Schwarz (2022)
    Für eine umfassende, globale und aktive Abrüstungs- und Rüstungskontrollpolitik
    49security.
    [BibTeX] [Abstract] [Download PDF]

    Eine vorausschauende und global ausgerichtete deutsche Rüstungskontrollpolitik hat enorme sicherheitspolitische Potenziale. Denn: Eine aktive Rüstungskontrollpolitik Deutschlands kann helfen, die Gefahren der weltweiten Aufrüstung und regionaler Rüstungs- und Eskalationsdynamiken zu mindern. Rüstungskontrollpolitische Instrumente müssen jede Vereinbarung über das Ende des Kriegs gegen die Ukraine stützen. Vereinbarungen über die Nichtverbreitung von Massenvernichtungswaffen bestimmen Regeln, die den militärischen Missbrauch von dual use-Technologien verhindern können. Abrüstung und Rüstungskontrolle mindern schon jetzt menschliches Leid in anderen Weltregionen. Abrüstung kann dazu beitragen, das vorherrschende und im Krieg gegen die Ukraine zunehmend unberechenbare Abschreckungsparadigma zu überwinden. Eine engagierte Rüstungskontrollpolitik fügt sich dann in die feministische Außenpolitik der Bundesregierung, wenn sie partizipativ und restriktiv angelegt ist und negative Folgen von Aufrüstung und Krieg besonders für Frauen und marginalisierte Gruppen reduziert. Um diese sicherheitspolitischen Potenziale auszuschöpfen, sollte die Nationale Sicherheitsstrategie Eckpunkte einer eigenständigen deutschen Rüstungskontrollpolitik beschreiben. Drei Prinzipien können eine solche Politik anleiten.

    @misc{meier_fur_2022,
    title = {Für eine umfassende, globale und aktive {Abrüstungs}- und {Rüstungskontrollpolitik}},
    url = {https://fourninesecurity.de/2022/11/10/fuer-eine-umfassende-globale-und-aktive-abruestungs-und-ruestungskontrollpolitik},
    abstract = {Eine vorausschauende und global ausgerichtete deutsche Rüstungskontrollpolitik hat enorme sicherheitspolitische Potenziale. Denn: Eine aktive Rüstungskontrollpolitik Deutschlands kann helfen, die Gefahren der weltweiten Aufrüstung und regionaler Rüstungs- und Eskalationsdynamiken zu mindern. Rüstungskontrollpolitische Instrumente müssen jede Vereinbarung über das Ende des Kriegs gegen die Ukraine stützen. Vereinbarungen über die Nichtverbreitung von Massenvernichtungswaffen bestimmen Regeln, die den militärischen Missbrauch von dual use-Technologien verhindern können. Abrüstung und Rüstungskontrolle mindern schon jetzt menschliches Leid in anderen Weltregionen. Abrüstung kann dazu beitragen, das vorherrschende und im Krieg gegen die Ukraine zunehmend unberechenbare Abschreckungsparadigma zu überwinden. Eine engagierte Rüstungskontrollpolitik fügt sich dann in die feministische Außenpolitik der Bundesregierung, wenn sie partizipativ und restriktiv angelegt ist und negative Folgen von Aufrüstung und Krieg besonders für Frauen und marginalisierte Gruppen reduziert.
    Um diese sicherheitspolitischen Potenziale auszuschöpfen, sollte die Nationale Sicherheitsstrategie Eckpunkte einer eigenständigen deutschen Rüstungskontrollpolitik beschreiben. Drei Prinzipien können eine solche Politik anleiten.},
    language = {de},
    publisher = {49security},
    author = {Meier, Oliver and Brzoska, Michael and Ferl, Anna-Katharina and Hach, Sascha and Bayer (2), Markus and Mutschler, Max and Prem, Berenike and Reinhold, Thomas and Schmid, Stefka and Schwarz, Matthias},
    year = {2022},
    note = {49security},
    keywords = {Peace},
    }

  • Tilo Mentler, Christian Reuter, Simon Nestler, Marc-André Kaufhold, Michael Herczeg, Jens Pottebaum (2022)
    9. Workshop Mensch-Maschine-Interaktion in sicherheitskritischen Systemen
    Mensch und Computer – Workshopband Darmstadt, Germany. doi:10.18420/muc2022-mci-ws10-117
    [BibTeX] [Abstract] [Download PDF]

    Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.

    @inproceedings{mentler_9_2022,
    address = {Darmstadt, Germany},
    title = {9. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
    url = {https://dl.gi.de/handle/20.500.12116/39086},
    doi = {10.18420/muc2022-mci-ws10-117},
    abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Mentler, Tilo and Reuter, Christian and Nestler, Simon and Kaufhold, Marc-André and Herczeg, Michael and Pottebaum, Jens},
    year = {2022},
    keywords = {HCI, UsableSec, Security},
    }

  • Max Mühlhäuser, Christian Reuter, Bastian Pfleging, Thomas Kosch, Andrii Matviienko, Katrin Gerling, Sven Mayer, Wilko Heuten, Tanja Döring, Florian Müller, Martin Schmitz (2022)
    Proceedings of Mensch und Computer 2022: Facing Realities
    ACM.
    [BibTeX] [Abstract] [Download PDF]

    Die 2001 ins Leben gerufene Konferenz „Mensch und Computer“ (MuC) ist die größte Tagungsreihe der Mensch-Computer-Interaktion in Europa. Teilnehmenden aus Wissenschaft und Industrie bietet die MuC eine Plattform für Beiträge und Diskussionen zu innovativen Formen der Interaktion zwischen Menschen und digitaler Technik, zu nutzerorientierten Entwicklungsmethoden, interaktiven Anwendungen und weiteren Themen aus dem Spannungsfeld zwischen Nutzenden, Teams und Communities einerseits sowie den genutzten Informations- und Kommunikationstechnologien andererseits. Ziel der Tagung ist es, innovative Forschungsergebnisse zu diskutieren, den Informationsaustausch zwischen Wissenschaft und Praxis zu fördern, Forschungsaktivitäten und Ausbildung anzuregen sowie Wissenschaft, Praxis und Öffentlichkeit für die Relevanz nutzungs- und aufgabengerechter Technikgestaltung zu sensibilisieren. Hauptsächlich englischsprachige Fachbeiträge und deren Veröffentlichung in der „ACM Digital Library“ bzw. Digitalen Bibliothek der GI fördern die weltweite Sichtbarkeit der wissenschaftlichen Resultate der MuC.

    @book{muhlhauser_proceedings_2022,
    title = {Proceedings of {Mensch} und {Computer} 2022: {Facing} {Realities}},
    isbn = {978-1-4503-9690-5},
    url = {https://dl.acm.org/doi/proceedings/10.1145/3543758},
    abstract = {Die 2001 ins Leben gerufene Konferenz „Mensch und Computer“ (MuC) ist die größte Tagungsreihe der
    Mensch-Computer-Interaktion in Europa. Teilnehmenden aus Wissenschaft und Industrie bietet die MuC
    eine Plattform für Beiträge und Diskussionen zu innovativen Formen der Interaktion zwischen Menschen und digitaler Technik, zu nutzerorientierten Entwicklungsmethoden, interaktiven Anwendungen und weiteren Themen aus dem Spannungsfeld zwischen Nutzenden, Teams und Communities einerseits sowie den genutzten Informations- und Kommunikationstechnologien andererseits. Ziel der Tagung ist es, innovative Forschungsergebnisse zu diskutieren, den Informationsaustausch zwischen Wissenschaft und Praxis zu fördern, Forschungsaktivitäten und Ausbildung anzuregen sowie Wissenschaft, Praxis und Öffentlichkeit
    für die Relevanz nutzungs- und aufgabengerechter Technikgestaltung zu sensibilisieren. Hauptsächlich englischsprachige Fachbeiträge und deren Veröffentlichung in der „ACM Digital Library“ bzw. Digitalen Bibliothek der GI fördern die weltweite Sichtbarkeit der wissenschaftlichen Resultate der MuC.},
    publisher = {ACM},
    author = {Mühlhäuser, Max and Reuter, Christian and Pfleging, Bastian and Kosch, Thomas and Matviienko, Andrii and Gerling, Katrin and Mayer, Sven and Heuten, Wilko and Döring, Tanja and Müller, Florian and Schmitz, Martin},
    year = {2022},
    keywords = {HCI, UsableSec},
    }

  • Denis Orlov, Simon Möller, Sven Düfler, Steffen Haesler, Christian Reuter (2022)
    Detecting a Crisis: Comparison of Self-Reported vs. Automated Internet Outage Measuring Methods
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-321
    [BibTeX] [Abstract] [Download PDF]

    Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.

    @inproceedings{orlov_detecting_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Detecting a {Crisis}: {Comparison} of {Self}-{Reported} vs. {Automated} {Internet} {Outage} {Measuring} {Methods}},
    url = {https://dl.gi.de/handle/20.500.12116/39089},
    doi = {10.18420/muc2022-mci-ws10-321},
    abstract = {Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Orlov, Denis and Möller, Simon and Düfler, Sven and Haesler, Steffen and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Aparecido Fabiano Pinatti De Carvalho, Saqib Saeed, Christian Reuter, Markus Rohde, Dave Randall, Volkmar Pipek, Volker Wulf (2022)
    Understanding Nomadic Practices of Social Activist Networks through the Lens of Infrastructuring: The Case of the European Social Forum
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) . doi:10.1007/s10606-022-09442-7
    [BibTeX] [Abstract] [Download PDF]

    Within CSCW and HCI, an increasing body of literature has been demonstrating the essential relevance of infrastructures and infrastructuring to the work of people engaging in technologically mediated nomadicity. Tech Nomads – or T-Nomads, as they are sometimes called – not only rely on technological, human, and environmental infrastructural components – such as Wi-Fi, technical support, space, and basic resources such as light and power outlets – but they also have to engage in infrastructuring to mobilise their workplaces and effectively accomplish work in and across different locations. In this article, we bring an infrastructuring perspective to understanding nomadic practices concerning the organisation of complex collaborative events. We introduce findings from a long-term investigation focusing on how infrastructures are re-instantiated with the help of digital technologies, according to emerging demands from T-Nomads. Our findings demonstrate the need for a ‘nonessentialist’ approach to nomadicity, one which recognises the character of nomadic work and its varied aspects in different contexts. We extend the infrastructuring literature by demonstrating how infrastructuring work is done in a complex collaborative initiative, as the organisation of the annual European Social Forum.

    @article{pinatti_de_carvalho_understanding_2022,
    title = {Understanding {Nomadic} {Practices} of {Social} {Activist} {Networks} through the {Lens} of {Infrastructuring}: {The} {Case} of the {European} {Social} {Forum}},
    url = {https://link.springer.com/article/10.1007/s10606-022-09442-7},
    doi = {10.1007/s10606-022-09442-7},
    abstract = {Within CSCW and HCI, an increasing body of literature has been demonstrating the essential relevance of infrastructures and infrastructuring to the work of people engaging in technologically mediated nomadicity. Tech Nomads – or T-Nomads, as they are sometimes called – not only rely on technological, human, and environmental infrastructural components – such as Wi-Fi, technical support, space, and basic resources such as light and power outlets – but they also have to engage in infrastructuring to mobilise their workplaces and effectively accomplish work in and across different locations. In this article, we bring an infrastructuring perspective to understanding nomadic practices concerning the organisation of complex collaborative events. We introduce findings from a long-term investigation focusing on how infrastructures are re-instantiated with the help of digital technologies, according to emerging demands from T-Nomads. Our findings demonstrate the need for a ‘nonessentialist’ approach to nomadicity, one which recognises the character of nomadic work and its varied aspects in different contexts. We extend the infrastructuring literature by demonstrating how infrastructuring work is done in a complex collaborative initiative, as the organisation of the annual European Social Forum.},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Pinatti De Carvalho, Aparecido Fabiano and Saeed, Saqib and Reuter, Christian and Rohde, Markus and Randall, Dave and Pipek, Volkmar and Wulf, Volker},
    year = {2022},
    keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Book Review: Artificial Intelligence and The Future of Warfare, James Johnson (2021)
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00918-4
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics & International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.

    @article{reinhold_book_2022,
    title = {Book {Review}: {Artificial} {Intelligence} and {The} {Future} of {Warfare}, {James} {Johnson} (2021)},
    url = {https://link.springer.com/article/10.1007/s12399-022-00918-4},
    doi = {10.1007/s12399-022-00918-4},
    abstract = {Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics \& International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Reuter, Christian},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 145–158. doi:https://doi.org/10.1007/978-3-031-11043-6_11
    [BibTeX] [Abstract] [Download PDF]

    As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.

    @incollection{reinhold_cyber_2022,
    edition = {1},
    title = {Cyber {Weapons} and {Artificial} {Intelligence}: {Impact}, {Influence} and the {Challenges} for {Arms} {Control}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_ReinholdReuter_CyberWeaponsAIImpactInfluenceChallenges_AI-Book.pdf},
    abstract = {As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_11},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {145--158},
    }

  • Thomas Reinhold (2022)
    Arms Control for Artificial Intelligence
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 211–226. doi:https://doi.org/10.1007/978-3-031-11043-6_15
    [BibTeX] [Abstract] [Download PDF]

    With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.

    @incollection{reinhold_arms_2022,
    edition = {1},
    title = {Arms {Control} for {Artificial} {Intelligence}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_Reinhold_ ArmsControlforAI_AI-Book.pdf},
    abstract = {With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_15},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {211--226},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Towards a Cyber Weapons Assessment Model – Assessment of the Technical Features of Malicious Software
    IEEE Transactions on Technology and Society ;3(3):226–239. doi:10.1109/TTS.2021.3131817
    [BibTeX] [Abstract] [Download PDF]

    The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.

    @article{reinhold_towards_2022,
    title = {Towards a {Cyber} {Weapons} {Assessment} {Model} – {Assessment} of the {Technical} {Features} of {Malicious} {Software}},
    volume = {3},
    issn = {2637-6415},
    url = {https://peasec.de/paper/2021/2021_ReinholdReuter_CyberWeapons_IEEETransactionsTechnologySociety.pdf},
    doi = {10.1109/TTS.2021.3131817},
    abstract = {The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.},
    language = {en},
    number = {3},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = sep,
    year = {2022},
    keywords = {A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {226--239},
    }

  • Christian Reuter, Luigi Lo Iacono, Alexander Benlian (2022)
    Special Issue on Usable Security and Privacy with User-Centered Interventions and Transparency Mechanisms – Behaviour & Information Technology (BIT)
    Taylor & Francis.
    [BibTeX] [Download PDF]

    @book{reuter_special_2022,
    title = {Special {Issue} on {Usable} {Security} and {Privacy} with {User}-{Centered} {Interventions} and {Transparency} {Mechanisms} - {Behaviour} \& {Information} {Technology} ({BIT})},
    url = {https://www.tandfonline.com/toc/tbit20/41/10?nav=tocList},
    publisher = {Taylor \& Francis},
    author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
    year = {2022},
    note = {Publication Title: Behaviour \& Information Technology (BIT)},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Peace},
    }

  • Christian Reuter, Luigi Lo Iacono, Alexander Benlian (2022)
    A Quarter Century of Usable Security and Privacy Research: Transparency, Tailorability, and the Road Ahead
    Behaviour & Information Technology (BIT) ;41(10):2035–2048. doi:10.1080/0144929X.2022.2080908
    [BibTeX] [Abstract] [Download PDF]

    In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.

    @article{reuter_quarter_2022,
    title = {A {Quarter} {Century} of {Usable} {Security} and {Privacy} {Research}: {Transparency}, {Tailorability}, and the {Road} {Ahead}},
    volume = {41},
    issn = {0144-929X},
    url = {https://www.tandfonline.com/toc/tbit20/41/10},
    doi = {10.1080/0144929X.2022.2080908},
    abstract = {In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.},
    number = {10},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {2035--2048},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    1 ed. Wiesbaden: Springer Vieweg. doi:https://doi.org/10.1007/978-3-658-39720-3
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022,
    address = {Wiesbaden},
    edition = {1},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    isbn = {978-3-658-39719-7},
    url = {https://link.springer.com/book/10.1007/978-3-658-39720-3},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    language = {en},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-658-39720-3},
    keywords = {Crisis, HCI, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Christian Reuter, Malte Göttsche, Friederike Frieß, Pierre Thielbörger, Johannes Vüllers (2022)
    Zwischen Destabilisierung und der Ermöglichung von Resilienz: Perspektiven aus den Technikwissenschaften, den Sozialwissenschaften und den Rechtswissenschaften
    Die Friedens-Warte / Journal of International Peace and Organization (JIPO) ;95(3-4):241–243.
    [BibTeX] [Abstract] [Download PDF]

    In dieser Sonderausgabe von „Die Friedens-Warte“ nähern wir uns dem Thema Resilienz aus den unterschiedlichen Perspektiven der Technikwissenschaften (mit einem Schwerpunkt auf neuen Technologien), den Sozialwissenschaften und den Rechtswissenschaften. Ein solcher interdisziplinärer Austausch innerhalb des Forschungsfeldes der Friedens- und Konfliktforschung ist aus unserer Sicht immens wichtig, zurzeit jedoch noch allzu rar. Das heutige internationale Sicherheitsumfeld ist gekennzeichnet durch den Niedergang der klassischen Rüstungskontrollarchitektur, die Rückkehr der Großmachtpolitik und das schwindende Vertrauen zwischen den Staaten. Neue Entwicklungen im Bereich der Militärtechnologie und der Technologien mit Doppelverwendungsfähigkeit sowie Modernisierungsprogramme für Waffen machen die Bemühungen um Frieden und Sicherheit noch komplexer. Seit dem Einmarsch Russlands in die Ukraine im Februar 2022 ist allgemein anerkannt, wie wichtig es ist, sich mit diesen Fragen sachkundig auseinanderzusetzen. Der erste Teil dieser Sonderausgabe basiert auf der interdisziplinären Konferenz Science Peace Security 2021 in Aachen, die sich mit den Auswirkungen neuer Technologien auf die Resilienz befasste. Gesucht wurden Konzepte zur Erreichung eines widerstandsfähigeren Sicherheitsumfeldes durch wissenschaftliche Beiträge und politische Maßnahmen zur Krisenbewältigung, Risikobewertung, Vertrauensbildung und Rüstungsbegrenzung. Untersucht wurden nukleare, biologische, chemische und weltraumgestützte Bedrohungen sowie Entwicklungen in der Informationstechnologie, wie z. B. Cyber- oder künstliche Intelligenz, sowie weitere relevante technischen Bereiche.

    @article{reuter_zwischen_2022,
    title = {Zwischen {Destabilisierung} und der {Ermöglichung} von {Resilienz}: {Perspektiven} aus den {Technikwissenschaften}, den {Sozialwissenschaften} und den {Rechtswissenschaften}},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/article/99.105025/fw202203024101},
    abstract = {In dieser Sonderausgabe von „Die Friedens-Warte“ nähern wir uns dem Thema Resilienz aus den unterschiedlichen Perspektiven der Technikwissenschaften (mit einem Schwerpunkt auf neuen Technologien), den Sozialwissenschaften und den Rechtswissenschaften. Ein solcher interdisziplinärer Austausch innerhalb des Forschungsfeldes der Friedens- und Konfliktforschung ist aus unserer Sicht immens wichtig, zurzeit jedoch noch allzu rar.
    Das heutige internationale Sicherheitsumfeld ist gekennzeichnet durch den Niedergang der klassischen Rüstungskontrollarchitektur, die Rückkehr der Großmachtpolitik und das schwindende Vertrauen zwischen den Staaten. Neue Entwicklungen im Bereich der Militärtechnologie und der Technologien mit Doppelverwendungsfähigkeit sowie Modernisierungsprogramme für Waffen machen die Bemühungen um Frieden und Sicherheit noch komplexer. Seit dem Einmarsch Russlands in die Ukraine im Februar 2022 ist allgemein anerkannt, wie wichtig es ist, sich mit diesen Fragen sachkundig auseinanderzusetzen.
    Der erste Teil dieser Sonderausgabe basiert auf der interdisziplinären Konferenz Science Peace Security 2021 in Aachen, die sich mit den Auswirkungen neuer Technologien auf die Resilienz befasste. Gesucht wurden Konzepte zur Erreichung eines widerstandsfähigeren Sicherheitsumfeldes durch wissenschaftliche Beiträge und politische Maßnahmen zur Krisenbewältigung, Risikobewertung, Vertrauensbildung und Rüstungsbegrenzung. Untersucht wurden nukleare, biologische, chemische und weltraumgestützte Bedrohungen sowie Entwicklungen in der Informationstechnologie, wie z. B. Cyber- oder künstliche Intelligenz, sowie weitere relevante technischen Bereiche.},
    number = {3-4},
    journal = {Die Friedens-Warte / Journal of International Peace and Organization (JIPO)},
    author = {Reuter, Christian and Göttsche, Malte and Frieß, Friederike and Thielbörger, Pierre and Vüllers, Johannes},
    year = {2022},
    keywords = {Peace},
    pages = {241--243},
    }

  • Christian Reuter, Malte Göttsche, Friederike Frieß, Pierre Thielbörger, Johannes Vüllers (2022)
    Between Destabilization and Enabling Resilience: Perspectives from the Technical Sciences, Political Science and Law
    Die Friedens-Warte / Journal of International Peace and Organization (JIPO) ;95(3-4):244–246.
    [BibTeX] [Abstract] [Download PDF]

    In this special issue of the “Journal of International Peace and Organization”, we approach the topic of resilience from the different perspectives of the technical sciences (with a focus on new technologies), the social sciences, and law. In our view such interdisciplinary exchange of views within the research field of peace and conflict research is highly important, yet at the same time all too rare. Today’s international security environment is marked by the demise of the classical arms control architecture, the return of great power politics, and eroding trust among states. New developments in military and dual use technology as well as weapon modernization programs add complexity to any effort towards peace and security. The importance of dealing with these issues in an informed manner has been widely accepted since Russia’s invasion of Ukraine in February 2022. The first part of this special issue is based on the interdisciplinary conference Science Peace Security 2021 in Aachen, which examined the impacts of new technologies on resilience. It sought concepts on how a more resilient security environment can be achieved through scientific contributions and policy measures towards crisis resolution, risk assessments, confidence-building, and arms limitations. Nuclear, biological, chemical, and space threats as well as developments in information technology such as cyber or artificial intelligence issues, and any other relevant technical fields, were examined.

    @article{reuter_between_2022,
    title = {Between {Destabilization} and {Enabling} {Resilience}: {Perspectives} from the {Technical} {Sciences}, {Political} {Science} and {Law}},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/article/99.105025/fw202203024401},
    abstract = {In this special issue of the “Journal of International Peace and Organization”, we approach the topic of resilience from the different perspectives of the technical sciences (with a focus on new technologies), the social sciences, and law. In our view such interdisciplinary exchange of views within the research field of peace and conflict research is highly important, yet at the same time all too rare.
    Today’s international security environment is marked by the demise of the classical arms control architecture, the return of great power politics, and eroding trust among states. New developments in military and dual use technology as well as weapon modernization programs add complexity to any effort towards peace and security. The importance of dealing with these issues in an informed manner has been widely accepted since Russia’s invasion of Ukraine in February 2022.
    The first part of this special issue is based on the interdisciplinary conference Science Peace Security 2021 in Aachen, which examined the impacts of new technologies on resilience. It sought concepts on how a more resilient security environment can be achieved through scientific contributions and policy measures towards crisis resolution, risk assessments, confidence-building, and arms limitations. Nuclear, biological, chemical, and space threats as well as developments in information technology such as cyber or artificial intelligence issues, and any other relevant technical fields, were examined.},
    number = {3-4},
    journal = {Die Friedens-Warte / Journal of International Peace and Organization (JIPO)},
    author = {Reuter, Christian and Göttsche, Malte and Frieß, Friederike and Thielbörger, Pierre and Vüllers, Johannes},
    year = {2022},
    keywords = {Peace},
    pages = {244--246},
    }

  • Christian Reuter, Malte Göttsche, Friederike Frieß, Pierre Thielbörger, Johannes Vüllers (2022)
    Special Issue on Between Destabilization and Enabling Resilience: Perspectives from the Technical Sciences, Social Sciences, and Law – Die Friedens-Warte / Journal of International Peace and Organization (JIPO)
    Berliner Wissenschafts-Verlag.
    [BibTeX] [Abstract] [Download PDF]

    In this special issue of the “Journal of International Peace and Organization”, we approach the topic of resilience from the different perspectives of the technical sciences (with a focus on new technologies), the social sciences, and law. In our view such interdisciplinary exchange of views within the research field of peace and conflict research is highly important, yet at the same time all too rare. Today’s international security environment is marked by the demise of the classical arms control architecture, the return of great power politics, and eroding trust among states. New developments in military and dual use technology as well as weapon modernization programs add complexity to any effort towards peace and security. The importance of dealing with these issues in an informed manner has been widely accepted since Russia’s invasion of Ukraine in February 2022. The first part of this special issue is based on the interdisciplinary conference Science Peace Security 2021 in Aachen, which examined the impacts of new technologies on resilience. It sought concepts on how a more resilient security environment can be achieved through scientific contributions and policy measures towards crisis resolution, risk assessments, confidence-building, and arms limitations. Nuclear, biological, chemical, and space threats as well as developments in information technology such as cyber or artificial intelligence issues, and any other relevant technical fields, were examined.

    @book{reuter_special_2022-1,
    title = {Special {Issue} on {Between} {Destabilization} and {Enabling} {Resilience}: {Perspectives} from the {Technical} {Sciences}, {Social} {Sciences}, and {Law} - {Die} {Friedens}-{Warte} / {Journal} of {International} {Peace} and {Organization} ({JIPO})},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/journal/fw/95/3-4},
    abstract = {In this special issue of the “Journal of International Peace and Organization”, we approach the topic of resilience from the different perspectives of the technical sciences (with a focus on new technologies), the social sciences, and law. In our view such interdisciplinary exchange of views within the research field of peace and conflict research is highly important, yet at the same time all too rare.
    Today’s international security environment is marked by the demise of the classical arms control architecture, the return of great power politics, and eroding trust among states. New developments in military and dual use technology as well as weapon modernization programs add complexity to any effort towards peace and security. The importance of dealing with these issues in an informed manner has been widely accepted since Russia’s invasion of Ukraine in February 2022.
    The first part of this special issue is based on the interdisciplinary conference Science Peace Security 2021 in Aachen, which examined the impacts of new technologies on resilience. It sought concepts on how a more resilient security environment can be achieved through scientific contributions and policy measures towards crisis resolution, risk assessments, confidence-building, and arms limitations. Nuclear, biological, chemical, and space threats as well as developments in information technology such as cyber or artificial intelligence issues, and any other relevant technical fields, were examined.},
    publisher = {Berliner Wissenschafts-Verlag},
    author = {Reuter, Christian and Göttsche, Malte and Frieß, Friederike and Thielbörger, Pierre and Vüllers, Johannes},
    year = {2022},
    keywords = {Peace},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    Nijmegen: The Radboud University Thesis Repository.
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022-1,
    address = {Nijmegen},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    url = {https://repository.ubn.ru.nl/handle/2066/253000},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    publisher = {The Radboud University Thesis Repository},
    author = {Reuter, Christian},
    year = {2022},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Christian Reuter, Franz Kuntke, Matthias Trapp, Christian Wied, Gerwin Brill, Georg Müller, Enno Steinbrink, Jonas Franken, Daniel EberzEder, Wolfgang Schneider (2022)
    AgriRegio: Infrastruktur zur Förderung von digitaler Resilienz und Klimaresilienz im ländlichen Raum am Beispiel der Pilotregion Nahe-Donnersberg
    INFORMATIK 2022: 52. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), Lecture Notes in Informatics (LNI) Hamburg, Germany. doi:10.18420/inf2022_81
    [BibTeX] [Abstract] [Download PDF]

    Die Digitalisierung schreitet auch in der Landwirtschaft immer weiter voran. Vermehrt werden in landwirtschaftlichen Betrieben sogenannte Smart Farming-Technologien eingesetzt, mit deren Hilfe verschiedenste Arbeitsabläufe automatisiert ablaufen, kontrolliert werden und mit anderen Betrieben ausgetauscht werden können. Durch die verfügbaren Daten und die Vernetzung mit anderen Betrieben, ergeben sich vielfältige neue Möglichkeiten in Bezug auf ressourcenschonendes, wirtschaftlicheres und kollaboratives Arbeiten. Problematiken ergeben sich mit Blick auf die Speicherung dieser sensiblen Betriebsdaten, vor allem, wenn hierfür nur einige wenige Anbieter zur Verfügung stehen. Das Forschungsprojekt „AgriRegio“ soll die digitalisierte Datenerfassung und -nutzung in landwirtschaftlichen Betrieben widerstandsfähiger machen und die sicherheitskritische Infrastruktur schützen. Sieben Projektpartner erproben dazu smarte Sensoren auf Basis standardisierter Open-Source-Technologien in der Landwirtschaft, bei denen die Betriebsdaten dezentral auf lokalen Servern gespeichert werden.

    @inproceedings{reuter_agriregio_2022,
    address = {Hamburg, Germany},
    title = {{AgriRegio}: {Infrastruktur} zur {Förderung} von digitaler {Resilienz} und {Klimaresilienz} im ländlichen {Raum} am {Beispiel} der {Pilotregion} {Nahe}-{Donnersberg}},
    isbn = {978-3-88579-720-3},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/39588/rsflab_04.pdf?sequence=1&isAllowed=y},
    doi = {10.18420/inf2022_81},
    abstract = {Die Digitalisierung schreitet auch in der Landwirtschaft immer weiter voran. Vermehrt werden in landwirtschaftlichen Betrieben sogenannte Smart Farming-Technologien eingesetzt, mit deren Hilfe verschiedenste Arbeitsabläufe automatisiert ablaufen, kontrolliert werden und mit anderen Betrieben ausgetauscht werden können. Durch die verfügbaren Daten und die Vernetzung mit anderen Betrieben, ergeben sich vielfältige neue Möglichkeiten in Bezug auf ressourcenschonendes, wirtschaftlicheres und kollaboratives Arbeiten. Problematiken ergeben sich mit Blick auf die Speicherung dieser sensiblen Betriebsdaten, vor allem, wenn hierfür nur einige wenige Anbieter zur Verfügung stehen. Das Forschungsprojekt „AgriRegio“ soll die digitalisierte Datenerfassung und -nutzung in landwirtschaftlichen Betrieben widerstandsfähiger machen und die sicherheitskritische Infrastruktur schützen. Sieben Projektpartner erproben dazu smarte Sensoren auf Basis standardisierter Open-Source-Technologien in der Landwirtschaft, bei denen die Betriebsdaten dezentral auf lokalen Servern gespeichert werden.},
    language = {de},
    booktitle = {{INFORMATIK} 2022: 52. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge}), {Lecture} {Notes} in {Informatics} ({LNI})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Reuter, Christian and Kuntke, Franz and Trapp, Matthias and Wied, Christian and Brill, Gerwin and Müller, Georg and Steinbrink, Enno and Franken, Jonas and Eberz-Eder, Daniel and Schneider, Wolfgang},
    editor = {Demmler, D. and Krupka, D. and Federrath, H.},
    year = {2022},
    keywords = {Ranking-CORE-C, Ranking-VHB-C, UsableSec, Security, RSF, Projekt-AgriRegio},
    pages = {961--972},
    }

  • Christian Reuter, Daniel EberzEder, Franz Kuntke, Matthias Trapp (2022)
    RSF-Lab’22: Resilient Smart Farming Laboratory: Für eine widerstandsfähige und intelligente Landwirtschaft
    INFORMATIK 2022: 52. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), Lecture Notes in Informatics (LNI) Hamburg, Germany. doi:10.18420/inf2022_78
    [BibTeX] [Abstract] [Download PDF]

    Die zunehmende Vernetzung und Digitalisierung bringen große Veränderungen aber auch Vulnerabilitäten auf allen Ebenen mit sich. Um eine Infrastruktur für ein resilientes Smart Farming (RSF) zu erstellen, welche die Fortschritte der Digitalisierung in der Landwirtschaft nutzt, ohne die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und damit die Lebensmittelversorgung der Verbraucher zu gefährden, bedarf speziell der Sicherheitsaspekt einer kritischen Auseinandersetzung. Der Workshop adressiert diese Forschungsherausforderungen durch Beiträge zu einem umfassenden Monitoring für den Transport von künstlichen Besamungsdosen, zu modularer, sicherer und robuster Steuerungsarchitektur für autonomes Bewirtschaften von Weinbergen, zur Resilienz im ländlichen Raum, zum Aufbau eines informellen Netzwerkes zur Förderung der Digitalisierung in der Landwirtschaft und zu Effizienz und Nachhaltigkeit durch Green-IT.

    @inproceedings{reuter_rsf-lab22_2022,
    address = {Hamburg, Germany},
    title = {{RSF}-{Lab}’22: {Resilient} {Smart} {Farming} {Laboratory}: {Für} eine widerstandsfähige und intelligente {Landwirtschaft}},
    isbn = {978-3-88579-720-3},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/39585/rsflab_01.pdf?sequence=1&isAllowed=y},
    doi = {10.18420/inf2022_78},
    abstract = {Die zunehmende Vernetzung und Digitalisierung bringen große Veränderungen aber auch Vulnerabilitäten auf allen Ebenen mit sich. Um eine Infrastruktur für ein resilientes Smart Farming (RSF) zu erstellen, welche die Fortschritte der Digitalisierung in der Landwirtschaft nutzt, ohne die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und damit die Lebensmittelversorgung der Verbraucher zu gefährden, bedarf speziell der Sicherheitsaspekt einer kritischen Auseinandersetzung. Der Workshop adressiert diese Forschungsherausforderungen durch Beiträge zu einem umfassenden Monitoring für den Transport von künstlichen Besamungsdosen, zu modularer, sicherer und robuster Steuerungsarchitektur für autonomes Bewirtschaften von Weinbergen, zur Resilienz im ländlichen Raum, zum Aufbau eines informellen Netzwerkes zur Förderung der Digitalisierung in der Landwirtschaft und zu Effizienz und Nachhaltigkeit durch Green-IT.},
    language = {de},
    booktitle = {{INFORMATIK} 2022: 52. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge}), {Lecture} {Notes} in {Informatics} ({LNI})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Reuter, Christian and Eberz-Eder, Daniel and Kuntke, Franz and Trapp, Matthias},
    editor = {Demmler, D. and Krupka, D. and Federrath, H.},
    year = {2022},
    keywords = {Security, RSF, Projekt-AgriRegio},
    pages = {931--934},
    }

  • Christian Reuter, Thea Riebe, Jasmin Haunschild, Thomas Reinhold, Stefka Schmid (2022)
    Zur Schnittmenge von Informatik mit Friedens- und Sicherheitsforschung: Erfahrungen aus der interdisziplinären Lehre in der Friedensinformatik
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;11(2):129–140. doi:10.1007/s42597-022-00078-4
    [BibTeX] [Abstract] [Download PDF]

    Interdisziplinäre Forschung und Lehre zwischen Informatik sowie Friedens- und Sicherheitsforschung ist vor dem Hintergrund, dass Konflikte im Cyberspace nicht mehr eine in der Zukunft liegende Fiktion, sondern eine realitätsnahe Möglichkeit darstellen, unabdingbar. Auch wenn zahlreiche etablierte Lehrveranstaltungen und Lehrbücher in der einen oder anderen Disziplin existieren, gilt dies nicht für deren Schnittmenge. Dieser Beitrag reflektiert die Einführung der in Bezug auf Thematik und Hörer*innenschaft interdisziplinären Lehrveranstaltung „Informationstechnologie für Frieden und Sicherheit“ für Studierende der Informatik, IT-Sicherheit und Wirtschaftsinformatik der Technischen Universität Darmstadt, sowie Friedens- und Konfliktforschung der TU Darmstadt in Kooperation mit der Goethe-Universität Frankfurt. Hierbei werden Herausforderungen und Lösungsansätze der interdisziplinären Lehre dargestellt und die Bedeutung dieser Lehre hervorgehoben.

    @article{reuter_zur_2022,
    title = {Zur {Schnittmenge} von {Informatik} mit {Friedens}- und {Sicherheitsforschung}: {Erfahrungen} aus der interdisziplinären {Lehre} in der {Friedensinformatik}},
    volume = {11},
    issn = {2524-6976},
    url = {https://link.springer.com/content/pdf/10.1007/s42597-022-00078-4.pdf},
    doi = {10.1007/s42597-022-00078-4},
    abstract = {Interdisziplinäre Forschung und Lehre zwischen Informatik sowie Friedens- und Sicherheitsforschung ist vor dem Hintergrund, dass Konflikte im Cyberspace nicht mehr eine in der Zukunft liegende Fiktion, sondern eine realitätsnahe Möglichkeit darstellen, unabdingbar. Auch wenn zahlreiche etablierte Lehrveranstaltungen und Lehrbücher in der einen oder anderen Disziplin existieren, gilt dies nicht für deren Schnittmenge. Dieser Beitrag reflektiert die Einführung der in Bezug auf Thematik und Hörer*innenschaft interdisziplinären Lehrveranstaltung „Informationstechnologie für Frieden und Sicherheit“ für Studierende der Informatik, IT-Sicherheit und Wirtschaftsinformatik der Technischen Universität Darmstadt, sowie Friedens- und Konfliktforschung der TU Darmstadt in Kooperation mit der Goethe-Universität Frankfurt. Hierbei werden Herausforderungen und Lösungsansätze der interdisziplinären Lehre dargestellt und die Bedeutung dieser Lehre hervorgehoben.},
    number = {2},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
    month = oct,
    year = {2022},
    keywords = {Security, Peace},
    pages = {129--140},
    }

  • Thea Riebe, Philipp Kuehn, Philipp Imperatori, Christian Reuter (2022)
    U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance
    European Journal for Security Research (EJSR) . doi:10.1007/s41125-022-00080-0
    [BibTeX] [Abstract] [Download PDF]

    Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.

    @article{riebe_us_2022,
    title = {U.{S}. {Security} {Policy}: {The} {Dual}-{Use} {Regulation} of {Cryptography} and its {Effects} on {Surveillance}},
    url = {https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf},
    doi = {10.1007/s41125-022-00080-0},
    abstract = {Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.},
    journal = {European Journal for Security Research (EJSR)},
    author = {Riebe, Thea and Kuehn, Philipp and Imperatori, Philipp and Reuter, Christian},
    year = {2022},
    keywords = {Student, Security, Projekt-KontiKat, Projekt-CYWARN},
    }

  • Stefka Schmid (2022)
    Trustworthy and Explainable: A European Vision of (Weaponised) Artificial Intelligence
    Die Friedens-Warte / Journal of International Peace and Organization (JIPO) ;95(3-4):290–315. doi:10.35998/fw-2022-0013
    [BibTeX] [Abstract] [Download PDF]

    The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.

    @article{schmid_trustworthy_2022,
    title = {Trustworthy and {Explainable}: {A} {European} {Vision} of ({Weaponised}) {Artificial} {Intelligence}},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/article/10.35998/fw-2022-0013},
    doi = {10.35998/fw-2022-0013},
    abstract = {The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.},
    number = {3-4},
    journal = {Die Friedens-Warte / Journal of International Peace and Organization (JIPO)},
    author = {Schmid, Stefka},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    pages = {290--315},
    }

  • Stefka Schmid, Thea Riebe, Christian Reuter (2022)
    Dual-Use and Trustworthy? A Mixed Methods Analysis of AI Diffusion between Civilian and Defense R&D
    Science and Engineering Ethics ;28(12):1–23. doi:10.1007/s11948-022-00364-7
    [BibTeX] [Abstract] [Download PDF]

    Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R&D.

    @article{schmid_dual-use_2022,
    title = {Dual-{Use} and {Trustworthy}? {A} {Mixed} {Methods} {Analysis} of {AI} {Diffusion} between {Civilian} and {Defense} {R}\&{D}},
    volume = {28},
    url = {https://peasec.de/paper/2022/2022_SchmidRiebeReuter_DualUseandTrustworthy_ScienceEngineeringEthics.pdf},
    doi = {10.1007/s11948-022-00364-7},
    abstract = {Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R\&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R\&D.},
    number = {12},
    journal = {Science and Engineering Ethics},
    author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
    year = {2022},
    keywords = {A-Paper, Ranking-ImpactFactor, Projekt-KontiKat, Peace, AuswahlPeace, Projekt-CYWARN},
    pages = {1--23},
    }

  • Sebastian Schwartz, Laura Guntrum, Christian Reuter (2022)
    Vision or Threat – Awareness for Dual-Use in the Development of Autonomous Driving
    IEEE Transactions on Technology and Society ;3(3):163–174. doi:10.1109/TTS.2022.3182310
    [BibTeX] [Abstract] [Download PDF]

    In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.

    @article{schwartz_vision_2022,
    title = {Vision or {Threat} – {Awareness} for {Dual}-{Use} in the {Development} of {Autonomous} {Driving}},
    volume = {3},
    issn = {2637-6415},
    url = {https://www.peasec.de/paper/2022/2022_SchwartzGuntrumReuter_VisionorThreatAwarenessDualUseAutonomousDriving_IEEE-TTS.pdf},
    doi = {10.1109/TTS.2022.3182310},
    abstract = {In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.},
    language = {en},
    number = {3},
    journal = {IEEE Transactions on Technology and Society},
    author = {Schwartz, Sebastian and Guntrum, Laura and Reuter, Christian},
    year = {2022},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Projekt-ATHENE-FANCY, Projekt-TraCe},
    pages = {163--174},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Introduction
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 1–9. doi:https://doi.org/10.1007/978-3-031-11043-6_1
    [BibTeX] [Abstract] [Download PDF]

    In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.

    @incollection{schornig_introduction_2022,
    edition = {1},
    title = {Introduction},
    isbn = {978-3-031-11043-6},
    url = {http://www.peasec.de/paper/2022/2022_SchoernigReinhold_Intro_AI-Book.pdf},
    abstract = {In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_1},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--9},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Armament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm
    1 ed. Springer. doi:https://doi.org/10.1007/978-3-031-11043-6
    [BibTeX] [Abstract] [Download PDF]

    Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed. The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part. This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.

    @book{schornig_armament_2022,
    edition = {1},
    title = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    isbn = {978-3-031-11043-6},
    url = {https://link.springer.com/book/10.1007/978-3-031-11043-6},
    abstract = {Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed.
    The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part.
    This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.},
    language = {en},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    }

  • Verena Zimmermann, Jasmin Haunschild, Marita Unden, Paul Gerber, Nina Gerber (2022)
    Sicherheitsherausforderungen für Smart City-Infrastrukturen
    Wirtschaftsinformatik & Management . doi:10.1365/s35764-022-00396-5
    [BibTeX] [Abstract] [Download PDF]

    Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.

    @article{zimmermann_sicherheitsherausforderungen_2022,
    title = {Sicherheitsherausforderungen für {Smart} {City}-{Infrastrukturen}},
    url = {https://link.springer.com/content/pdf/10.1365/s35764-022-00396-5.pdf},
    doi = {10.1365/s35764-022-00396-5},
    abstract = {Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.},
    journal = {Wirtschaftsinformatik \& Management},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Unden, Marita and Gerber, Paul and Gerber, Nina},
    year = {2022},
    keywords = {UsableSec, Security, Projekt-ATHENE-SecUrban},
    }

    2021

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2021)
    Information Overload in Crisis Management: Bilingual Evaluation of Embedding Models for Clustering Social Media Posts in Emergencies
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.

    @inproceedings{bayer_information_2021,
    title = {Information {Overload} in {Crisis} {Management}: {Bilingual} {Evaluation} of {Embedding} {Models} for {Clustering} {Social} {Media} {Posts} in {Emergencies}},
    url = {https://peasec.de/paper/2021/2021_BayerKaufholdReuter_InformationOverloadInCrisisManagementBilingualEvaluation_ECIS.pdf},
    abstract = {Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--18},
    }

  • Ansgar Bernardi, Sandra Becker, Carsten Struve, Sebastian Linsner, Christian Reuter, Georg Müller (2021)
    Erfolgsorientierte Dienstleistung: Neue Perspektiven für die landwirtschaftliche Arbeitsteilung durch hybride Dienstleistungen
    41. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft .
    [BibTeX] [Abstract] [Download PDF]

    Im Projekt HyServ werden landwirtschaftliche Dienstleistungen als Hybrid aus klassischem Arbeitsauftrag und Auftrag zur Datenverarbeitung verstanden, der sowohl den Auftrag als auch das Ergebnis umfasst. Die hybriden Dienstleistungen mit fälschungssicheren Vereinbarungen und technischen Kontrollmöglichkeiten sichern besseres Vertrauen in intensiven Datenaustausch und innovative Produktionsformen in komplexen Kooperationen. Die integrierte Betrachtung von konventionell-physischer Arbeitsleistung und Datenverarbeitung erlaubt neuartige landwirtschaftliche Dienstleistungen: Anstelle der reinen Aktivität kann das Erreichen definierter Ziele vereinbart und nachprüfbar dokumentiert werden. So können auch Ergebnisse, die erst nach längerer Zeit erkennbar werden, in die vereinbarte Leistung einbezogen und erfolgsabhängig entlohnt werden. Derartige erfolgsorientierte Dienstleistungen verbinden Ausführung und Garantieleistungen und eröffnen so gerade in kritischen Zeiten neue Formen der Risikoverteilung und innovativer Geschäftsmodelle.

    @inproceedings{bernardi_erfolgsorientierte_2021,
    title = {Erfolgsorientierte {Dienstleistung}: {Neue} {Perspektiven} für die landwirtschaftliche {Arbeitsteilung} durch hybride {Dienstleistungen}},
    url = {https://peasec.de/paper/2021/2021_Bernardietal_ErfolgsorientierteDienstleistung_GIL.pdf},
    abstract = {Im Projekt HyServ werden landwirtschaftliche Dienstleistungen als Hybrid aus klassischem Arbeitsauftrag und Auftrag zur Datenverarbeitung verstanden, der sowohl den Auftrag als auch das Ergebnis umfasst. Die hybriden Dienstleistungen mit fälschungssicheren Vereinbarungen und technischen Kontrollmöglichkeiten sichern besseres Vertrauen in intensiven Datenaustausch und innovative Produktionsformen in komplexen Kooperationen. Die integrierte Betrachtung von konventionell-physischer Arbeitsleistung und Datenverarbeitung erlaubt neuartige landwirtschaftliche Dienstleistungen: Anstelle der reinen Aktivität kann das Erreichen definierter Ziele vereinbart und nachprüfbar dokumentiert werden. So können auch Ergebnisse, die erst nach längerer Zeit erkennbar werden, in die vereinbarte Leistung einbezogen und erfolgsabhängig entlohnt werden. Derartige erfolgsorientierte Dienstleistungen verbinden Ausführung und Garantieleistungen und eröffnen so gerade in kritischen Zeiten neue Formen der Risikoverteilung und innovativer Geschäftsmodelle.},
    booktitle = {41. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Bernardi, Ansgar and Becker, Sandra and Struve, Carsten and Linsner, Sebastian and Reuter, Christian and Müller, Georg},
    editor = {Meyer-Aurich, Andreas and Gandorfer, Markus and Hoffmann, Christa and Weltzien, Cornelia and Bellingrath-Kimura, Sonoko D. and Floto, Helga},
    year = {2021},
    keywords = {Ranking-VHB-C, Projekt-HyServ},
    pages = {37},
    }

  • Tom Biselli, Christian Reuter (2021)
    On the Relationship between IT Privacy and Security Behavior: A Survey among German Private Users
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) Potsdam, Germany.
    [BibTeX] [Abstract] [Download PDF]

    The relevance of adequate privacy and security behavior in the digital space is higher than ever. However, the exact relationship between privacy and security behavior is rarely discussed in the literature. This study investigates this relationship and the role of socio-demographic factors (gender, age, education, political opinions) in such behavior. Exploratory results of a survey of German private users (N=1,219) show that privacy and security behavior are only weakly correlated and not similarly influenced by socio-demographic factors. While se-curity behavior significantly differs between age and education groups (younger and less educated show less security behavior), no such differences exist for pri-vacy behavior. Additionally, political orientation and opinion has no influence on privacy and security behavior. Thus, this study sheds light on the concepts of privacy, security and corresponding behavior and emphasizes the need for a fine-grained differentiation if either privacy or security behavior is to be improved.

    @inproceedings{biselli_relationship_2021,
    address = {Potsdam, Germany},
    title = {On the {Relationship} between {IT} {Privacy} and {Security} {Behavior}: {A} {Survey} among {German} {Private} {Users}},
    url = {https://peasec.de/paper/2021/2021_BiselliReuter_RelationshipITPrivacyandSecurityBehavior_WI.pdf},
    abstract = {The relevance of adequate privacy and security behavior in the digital space is higher than ever. However, the exact relationship between privacy and security behavior is rarely discussed in the literature. This study investigates this relationship and the role of socio-demographic factors (gender, age, education, political opinions) in such behavior. Exploratory results of a survey of German private users (N=1,219) show that privacy and security behavior are only weakly correlated and not similarly influenced by socio-demographic factors. While se-curity behavior significantly differs between age and education groups (younger and less educated show less security behavior), no such differences exist for pri-vacy behavior. Additionally, political orientation and opinion has no influence on privacy and security behavior. Thus, this study sheds light on the concepts of privacy, security and corresponding behavior and emphasizes the need for a fine-grained differentiation if either privacy or security behavior is to be improved.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI})},
    publisher = {AIS},
    author = {Biselli, Tom and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Ranking-CORE-C, UsableSec, Security, Ranking-WKWI-A, Projekt-ATHENE-FANCY},
    pages = {1--17},
    }

  • Daniel EberzEder, Franz Kuntke, Wolfgang Schneider, Christian Reuter (2021)
    Technologische Umsetzung des Resilient Smart Farming (RSF) durch den Einsatz von Edge-Computing
    41. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft .
    [BibTeX] [Abstract] [Download PDF]

    Edge Computing bietet die Möglichkeit zur Realisierung von Resilient Smart Farming (RSF). Die vorliegende Arbeit setzt sich mit Möglichkeiten der möglichst ausfallsicheren Digitalisierung der Landwirtschaft als kritischer Infrastruktur auseinander und zeigt auf, dass dezentrale Lösungen des Edge Computing inzwischen innovative technologische Möglichkeiten zur Realisierung von RSF bieten. Die Vorteile der lokalen Datenverarbeitung am Entstehungsort in Kombination mit einer regionalen Vernetzung bieten neue Möglichkeiten im Zeitalter von 5GInfrastrukturen und dem Einsatz von IoT-Sensornetzwerken. Der Fokus dieser Arbeit liegt auf Edge Computing als Technologie zur Umsetzung eines resilienten Smart Farming.

    @inproceedings{eberz-eder_technologische_2021,
    title = {Technologische {Umsetzung} des {Resilient} {Smart} {Farming} ({RSF}) durch den {Einsatz} von {Edge}-{Computing}},
    url = {http://www.peasec.de/paper/2021/2021_EberzEderKuntkeSchneiderReuter_TechnischeUmsetzungResilientSmartFarming_GIL.pdf},
    abstract = {Edge Computing bietet die Möglichkeit zur Realisierung von Resilient Smart Farming (RSF). Die vorliegende Arbeit setzt sich mit Möglichkeiten der möglichst ausfallsicheren Digitalisierung der Landwirtschaft als kritischer Infrastruktur auseinander und zeigt auf, dass dezentrale Lösungen des Edge Computing inzwischen innovative technologische Möglichkeiten zur Realisierung von RSF bieten. Die Vorteile der lokalen Datenverarbeitung am Entstehungsort in Kombination mit einer regionalen Vernetzung bieten neue Möglichkeiten im Zeitalter von 5GInfrastrukturen und dem Einsatz von IoT-Sensornetzwerken. Der Fokus dieser Arbeit liegt auf Edge Computing als Technologie zur Umsetzung eines resilienten Smart Farming.},
    booktitle = {41. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Eberz-Eder, Daniel and Kuntke, Franz and Schneider, Wolfgang and Reuter, Christian},
    year = {2021},
    keywords = {Ranking-VHB-C, UsableSec, Security, Projekt-GeoBox},
    pages = {79--84},
    }

  • Rolf Egert, Nina Gerber, Jasmin Haunschild, Philipp Kuehn, Verena Zimmermann (2021)
    Towards Resilient Critical Infrastructures – Motivating Users to Contribute to Smart Grid Resilience
    i-com – Journal of Interactive Media ;20(2):161–175. doi:10.1515/icom-2021-0021
    [BibTeX] [Abstract] [Download PDF]

    Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers – capable of producing and consuming electricity – who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.

    @article{egert_towards_2021,
    series = {i-com},
    title = {Towards {Resilient} {Critical} {Infrastructures} - {Motivating} {Users} to {Contribute} to {Smart} {Grid} {Resilience}},
    volume = {20},
    url = {https://www.degruyter.com/document/doi/10.1515/icom-2021-0021/html},
    doi = {10.1515/icom-2021-0021},
    abstract = {Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers - capable of producing and consuming electricity - who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.},
    number = {2},
    journal = {i-com - Journal of Interactive Media},
    author = {Egert, Rolf and Gerber, Nina and Haunschild, Jasmin and Kuehn, Philipp and Zimmermann, Verena},
    year = {2021},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {161--175},
    }

  • Anjuli Franz, Gregor Albrecht, Verena Zimmermann, Katrin Hartwig, Christian Reuter, Alexander Benlian, Joachim Vogt (2021)
    SoK: Still Plenty of Phish in the Sea — A Review of User-Oriented Phishing Interventions and Avenues for Future Research
    USENIX Symposium on Usable Privacy and Security (SOUPS) .
    [BibTeX] [Abstract] [Download PDF]

    Phishing is a prevalent cyber threat, targeting individuals and organizations alike. Previous approaches on anti-phishing measures have started to recognize the role of the user, who, at the center of the target, builds the last line of defense. However, user-oriented phishing interventions are fragmented across a diverse research landscape, which has not been systematized to date. This makes it challenging to gain an overview of the various approaches taken by prior works. In this paper, we present a taxonomy of phishing interventions based on a systematic literature analysis. We shed light on the diversity of existing approaches by analyzing them with respect to the intervention type, the addressed phishing attack vector, the time at which the intervention takes place, and the required user interaction. Furthermore, we highlight shortcomings and challenges emerging from both our literature sample and prior meta-analyses, and discuss them in the light of current movements in the field of usable security. With this article, we hope to provide useful directions for future works on phishing interventions.

    @inproceedings{franz_sok_2021,
    title = {{SoK}: {Still} {Plenty} of {Phish} in the {Sea} — {A} {Review} of {User}-{Oriented} {Phishing} {Interventions} and {Avenues} for {Future} {Research}},
    isbn = {978-1-939133-25-0},
    url = {https://www.usenix.org/system/files/soups2021-franz.pdf},
    abstract = {Phishing is a prevalent cyber threat, targeting individuals and
    organizations alike. Previous approaches on anti-phishing
    measures have started to recognize the role of the user, who,
    at the center of the target, builds the last line of defense.
    However, user-oriented phishing interventions are fragmented
    across a diverse research landscape, which has not been
    systematized to date. This makes it challenging to gain an
    overview of the various approaches taken by prior works.
    In this paper, we present a taxonomy of phishing interventions
    based on a systematic literature analysis. We shed light
    on the diversity of existing approaches by analyzing them
    with respect to the intervention type, the addressed phishing
    attack vector, the time at which the intervention takes place,
    and the required user interaction. Furthermore, we highlight
    shortcomings and challenges emerging from both our literature
    sample and prior meta-analyses, and discuss them in
    the light of current movements in the field of usable security.
    With this article, we hope to provide useful directions for
    future works on phishing interventions.},
    booktitle = {{USENIX} {Symposium} on {Usable} {Privacy} and {Security} ({SOUPS})},
    author = {Franz, Anjuli and Albrecht, Gregor and Zimmermann, Verena and Hartwig, Katrin and Reuter, Christian and Benlian, Alexander and Vogt, Joachim},
    year = {2021},
    keywords = {UsableSec, Security, Ranking-CORE-B, Projekt-CROSSING, AuswahlUsableSec},
    }

  • Steffen Haesler, Stefka Schmid, Annemike Sophia Vierneisel, Christian Reuter (2021)
    Stronger Together: How Neighborhood Groups Build up a Virtual Network during the COVID-19 Pandemic
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2).
    [BibTeX] [Abstract] [Download PDF]

    During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.

    @article{haesler_stronger_2021,
    title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
    volume = {5},
    url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
    abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Steffen Haesler, Ragnark Mogk, Florentin Putz, Kevin T. Logan, Nadja Thiessen, Katharina Kleinschnitger, Lars Baumgärtner, JanPhilipp Stroscher, Christian Reuter, Michele Knodt, Matthias Hollick (2021)
    Connected Self-Organized Citizens in Crises: An Interdisciplinary Resilience Concept for Neighborhoods
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481749
    [BibTeX] [Abstract] [Download PDF]

    When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.

    @inproceedings{haesler_connected_2021,
    address = {Virtual Event, USA},
    title = {Connected {Self}-{Organized} {Citizens} in {Crises}: {An} {Interdisciplinary} {Resilience} {Concept} for {Neighborhoods}},
    url = {https://peasec.de/paper/2021/2021_Haesleretal_ConnectedSelfOrganizedCitizensinCrises_CSCWComp.pdf},
    doi = {10.1145/3462204.3481749},
    abstract = {When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haesler, Steffen and Mogk, Ragnark and Putz, Florentin and Logan, Kevin T. and Thiessen, Nadja and Kleinschnitger, Katharina and Baumgärtner, Lars and Stroscher, Jan-Philipp and Reuter, Christian and Knodt, Michele and Hollick, Matthias},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Transparenz im technischen Umgang mit Fake News
    Technik & Mensch (2):9–11.
    [BibTeX] [Abstract] [Download PDF]

    In den letzten Jahren haben sich soziale Medien wie Facebook und Twitter immer mehr zu wichtigen Informationsquellen entwickelt, welche die Verbreitung von nutzergenerierten Inhalten unterstützen. Durch die hohe Verbreitungsgeschwindigkeit, geringen Aufwand und (scheinbare) Anonymität nimmt gleichzeitig die Verbreitung von Fake News und ähnlichen Phänomenen zu. Bereits in den vergangenen Jahren aber insbesondere auch im Kontext der COVID-19 Pandemie hat sich gezeigt, dass Fake News und unbeabsichtigte Fehlinformationen ernsthafte und sogar lebensbedrohliche Konsequenzen mit sich tragen bringen können. Technische Unterstützungsmaßnahmen haben insbesondere in sozialen Medien ein großes Potenzial um Fake News effektiv zu bekämpfen. Hier sind zwei maßgebliche Schritte notwendig: (1) Fake News automatisiert detektieren und (2) nach der erfolgreichen Detektion sinnvolle technische Gegenmaßnahmen implementieren [2].

    @article{hartwig_transparenz_2021,
    title = {Transparenz im technischen {Umgang} mit {Fake} {News}},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_TransparenzFakeNews_TechnikMenschVDI.pdf},
    abstract = {In den letzten Jahren haben sich soziale Medien wie Facebook und Twitter immer mehr zu wichtigen Informationsquellen entwickelt, welche die Verbreitung von nutzergenerierten Inhalten unterstützen. Durch die hohe Verbreitungsgeschwindigkeit, geringen Aufwand und (scheinbare) Anonymität nimmt gleichzeitig die Verbreitung von Fake News und ähnlichen Phänomenen zu. Bereits in den vergangenen Jahren aber insbesondere auch im Kontext der COVID-19 Pandemie hat sich gezeigt, dass Fake News und unbeabsichtigte Fehlinformationen ernsthafte und sogar lebensbedrohliche Konsequenzen mit sich tragen bringen können. Technische Unterstützungsmaßnahmen haben insbesondere in sozialen Medien ein großes Potenzial um Fake News effektiv zu bekämpfen. Hier sind zwei maßgebliche Schritte notwendig: (1) Fake News automatisiert detektieren und (2) nach der erfolgreichen Detektion sinnvolle technische Gegenmaßnahmen implementieren [2].},
    number = {2},
    journal = {Technik \& Mensch},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2021},
    keywords = {Crisis},
    pages = {9--11},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Fake News technisch begegnen – Detektions- und Behandlungsansätze zur Unterstützung von NutzerInnen
    In: Peter Klimczak, Thomas Zoglauer: Wahrheit und Fake News im postfaktischen Zeitalter. Wiesbaden: Springer Vieweg, , 133–150.
    [BibTeX] [Abstract] [Download PDF]

    Die Bedeutung des Umgangs mit Fake News hat sowohl im politischen als auch im sozialen Kontext zugenommen: Während sich bestehende Studien vor allem darauf konzentrieren, wie man gefälschte Nachrichten erkennt und kennzeichnet, fehlen Ansätze zur Unterstützung der NutzerInnen bei der eigenen Einschätzung weitgehend. Dieser Artikel stellt bestehende Black-Box- und White-Box-Ansätze vor und vergleicht Vor- und Nachteile. Dabei zeigen sich White-Box-Ansätze insbesondere als vielversprechend, um gegen Reaktanzen zu wirken, während Black-Box-Ansätze Fake News mit deutlich größerer Genauigkeit detektieren. Vorgestellt wird auch das von uns entwickelte Browser-Plugin TrustyTweet, welches die BenutzerInnen bei der Bewertung von Tweets auf Twitter unterstützt, indem es politisch neutrale und intuitive Warnungen anzeigt, ohne Reaktanz zu erzeugen.

    @incollection{hartwig_fake_2021,
    address = {Wiesbaden},
    series = {ars digitalis},
    title = {Fake {News} technisch begegnen – {Detektions}- und {Behandlungsansätze} zur {Unterstützung} von {NutzerInnen}},
    volume = {3},
    isbn = {978-3-658-32956-3},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_FakeNewstechnischbegegnen_WahrheitundFake.pdf},
    abstract = {Die Bedeutung des Umgangs mit Fake News hat sowohl im politischen als auch im sozialen Kontext zugenommen: Während sich bestehende Studien vor allem darauf konzentrieren, wie man gefälschte Nachrichten erkennt und kennzeichnet, fehlen Ansätze zur Unterstützung der NutzerInnen bei der eigenen Einschätzung weitgehend. Dieser Artikel stellt bestehende Black-Box- und White-Box-Ansätze vor und vergleicht Vor- und Nachteile. Dabei zeigen sich White-Box-Ansätze insbesondere als vielversprechend, um gegen Reaktanzen zu wirken, während Black-Box-Ansätze Fake News mit deutlich größerer Genauigkeit detektieren. Vorgestellt wird auch das von uns entwickelte Browser-Plugin TrustyTweet, welches die BenutzerInnen bei der Bewertung von Tweets auf Twitter unterstützt, indem es politisch neutrale und intuitive Warnungen anzeigt, ohne Reaktanz zu erzeugen.},
    language = {de},
    booktitle = {Wahrheit und {Fake} {News} im postfaktischen {Zeitalter}},
    publisher = {Springer Vieweg},
    author = {Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Zoglauer, Thomas},
    year = {2021},
    keywords = {Crisis, HCI, SocialMedia, Peace},
    pages = {133--150},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Nudge or Restraint: How do People Assess Nudging in Cybersecurity – A Representative Study in Germany
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481514
    [BibTeX] [Abstract] [Download PDF]

    While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.

    @inproceedings{hartwig_nudge_2021,
    address = {Karlsruhe, Germany},
    title = {Nudge or {Restraint}: {How} do {People} {Assess} {Nudging} in {Cybersecurity} - {A} {Representative} {Study} in {Germany}},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_NudgingCybersecurityRepresentativeStudy_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481514},
    abstract = {While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2021},
    keywords = {UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {141--150},
    }

  • Katrin Hartwig, Atlas Englisch, Jan Pelle Thomson, Christian Reuter (2021)
    Finding Secret Treasure? Improving Memorized Secrets Through Gamification
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481509
    [BibTeX] [Abstract] [Download PDF]

    Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom. Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000) to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of participants’ gaming frequency.

    @inproceedings{hartwig_finding_2021,
    address = {Karlsruhe, Germany},
    title = {Finding {Secret} {Treasure}? {Improving} {Memorized} {Secrets} {Through} {Gamification}},
    url = {https://peasec.de/paper/2021/2021_HartwigEnglischThomsonReuter_MemorizedSecretsThroughGamification_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481509},
    abstract = {Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom.
    Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have
    identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their
    relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar
    nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding
    efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000)
    to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates
    a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of
    participants’ gaming frequency.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Englisch, Atlas and Thomson, Jan Pelle and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {105--117},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Perceptions of Police Technology Use and Attitudes Towards the Police – A Representative Survey of the German Population
    Mensch und Computer – Workshopband Bonn. doi:10.18420/muc2021-mci-ws08-255
    [BibTeX] [Abstract] [Download PDF]

    Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.

    @inproceedings{haunschild_perceptions_2021,
    address = {Bonn},
    title = {Perceptions of {Police} {Technology} {Use} and {Attitudes} {Towards} the {Police} - {A} {Representative} {Survey} of the {German} {Population}},
    volume = {Mensch und Computer 2021 - Workshopband},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildReuter_PoliceTechnologyUseSurvey_MuC-WS.pdf},
    doi = {10.18420/muc2021-mci-ws08-255},
    abstract = {Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2021)
    Citizens‘ Perceived Information Responsibilities and Information Challenges During the COVID-19 Pandemic
    GoodIT ’21: Proceedings of the Conference on Information Technology for Social Good . doi:10.1145/3462203.3475886
    [BibTeX] [Abstract] [Download PDF]

    In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens‘ perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens‘ needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens‘ desire to stay informed.

    @inproceedings{haunschild_citizens_2021,
    title = {Citizens' {Perceived} {Information} {Responsibilities} and {Information} {Challenges} {During} the {COVID}-19 {Pandemic}},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildPauliReuter_InformationResponsibilitiesCovid19_GoodIT.pdf},
    doi = {10.1145/3462203.3475886},
    abstract = {In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens' perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens' needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens' desire to stay informed.},
    booktitle = {{GoodIT} '21: {Proceedings} of the {Conference} on {Information} {Technology} for {Social} {Good}},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {151--156},
    }

  • Jasmin Haunschild, Kilian Demuth, HenriJacques Geiß, Christian Richter, Christian Reuter (2021)
    Nutzer, Sammler, Entscheidungsträger? Arten der Bürgerbeteiligung in Smart Cities
    HMD Praxis der Wirtschaftsinformatik ;58. doi:10.1365/s40702-021-00770-8
    [BibTeX] [Abstract] [Download PDF]

    Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.

    @article{haunschild_nutzer_2021,
    title = {Nutzer, {Sammler}, {Entscheidungsträger}? {Arten} der {Bürgerbeteiligung} in {Smart} {Cities}},
    volume = {58},
    url = {https://peasec.de/paper/2021/2021_HaunschildDemuthGeissRichterReuter_NutzerSammlerEntscheidungstragerBuergerbeteiligungSmartCities_HMD.pdf},
    doi = {10.1365/s40702-021-00770-8},
    abstract = {Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.},
    journal = {HMD Praxis der Wirtschaftsinformatik},
    author = {Haunschild, Jasmin and Demuth, Kilian and Geiß, Henri-Jacques and Richter, Christian and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Student, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Bridging from Crisis to Everyday Life – An Analysis of User Reviews of the Warning App NINA and the COVID-19 Information Apps CoroBuddy and DarfIchDas
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481745
    [BibTeX] [Abstract] [Download PDF]

    During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.

    @inproceedings{haunschild_bridging_2021,
    address = {Virtual Event, USA},
    title = {Bridging from {Crisis} to {Everyday} {Life} – {An} {Analysis} of {User} {Reviews} of the {Warning} {App} {NINA} and the {COVID}-19 {Information} {Apps} {CoroBuddy} and {DarfIchDas}},
    url = {https://peasec.de/paper/2021/2021_HaunschildReuter_UserReviewsWarningCovidApps_CSCWComp.pdf},
    doi = {10.1145/3462204.3481745},
    abstract = {During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {72--78},
    }

  • Franziska Herbert, Gina Maria Schmidbauer-Wolf, Christian Reuter (2021)
    Who Should Get My Private Data in Which Case? Evidence in the Wild
    Mensch und Computer – Tagungsband New York. doi:10.1145/3473856.3473879
    [BibTeX] [Abstract] [Download PDF]

    As a result of the ongoing digitalization of our everyday lives, the amount of data produced by everyone is steadily increasing. This happens through personal decisions and items, such as the use of social media or smartphones, but also through more and more data acquisition in public spaces, such as e.g., Closed Circuit Television. Are people aware of the data they are sharing? What kind of data do people want to share with whom? Are people aware if they have Wi-Fi, GPS, or Bluetooth activated as potential data sharing functionalities on their phone? To answer these questions, we conducted a representative online survey as well as face-to-face interviews with users in Germany. We found that most users wanted to share private data on premise with most entities, indicating that willingness to share data depends on who has access to the data. Almost half of the participants would be more willing to share data with specific entities (state bodies & rescue forces) in the event that an acquaintance is endangered. For Wi-Fi and GPS the frequencies of self-reported and actual activation on the smartphone are almost equal, but 17\% of participants were unaware of the Bluetooth status on their smartphone. Our research is therefore in line with other studies suggesting relatively low privacy awareness of users.

    @inproceedings{herbert_who_2021,
    address = {New York},
    title = {Who {Should} {Get} {My} {Private} {Data} in {Which} {Case}? {Evidence} in the {Wild}},
    url = {http://www.peasec.de/paper/2021/2021_Herbert_SchmidbauerWolfReuter_WhoShouldGetMyPrivateDateinWhichCase_MuC.pdf},
    doi = {10.1145/3473856.3473879},
    abstract = {As a result of the ongoing digitalization of our everyday lives, the amount of data produced by everyone is steadily increasing. This happens through personal decisions and items, such as the use of social media or smartphones, but also through more and more data acquisition in public spaces, such as e.g., Closed Circuit Television. Are people aware of the data they are sharing? What kind of data do people want to share with whom? Are people aware if they have Wi-Fi, GPS, or Bluetooth activated as potential data sharing functionalities on their phone? To answer these questions, we conducted a representative online survey as well as face-to-face interviews with users in Germany. We found that most users wanted to share private data on premise with most entities, indicating that willingness to share data depends on who has access to the data. Almost half of the participants would be more willing to share data with specific entities (state bodies \& rescue forces) in the event that an acquaintance is endangered. For Wi-Fi and GPS the frequencies of self-reported and actual activation on the smartphone are almost equal, but 17\% of participants were unaware of the Bluetooth status on their smartphone. Our research is therefore in line with other studies suggesting relatively low privacy awareness of users.},
    booktitle = {Mensch und {Computer} - {Tagungsband}},
    publisher = {ACM},
    author = {Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
    year = {2021},
    keywords = {UsableSec, Security, Projekt-ATHENE-FANCY},
    }

  • Marc-André Kaufhold, Markus Bayer, Daniel Hartung, Christian Reuter (2021)
    Design and Evaluation of Deep Learning Models for Real-Time Credibility Assessment in Twitter
    30th International Conference on Artificial Neural Networks (ICANN2021) Bratislava. doi:https://doi.org/10.1007/978-3-030-86383-8_32
    [BibTeX] [Abstract] [Download PDF]

    Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.

    @inproceedings{kaufhold_design_2021,
    address = {Bratislava},
    title = {Design and {Evaluation} of {Deep} {Learning} {Models} for {Real}-{Time} {Credibility} {Assessment} in {Twitter}},
    url = {https://peasec.de/paper/2021/2021_KaufholdBayerHartungReuter_DeepLearningCredibilityAssessmentTwitter_ICANN.pdf},
    doi = {https://doi.org/10.1007/978-3-030-86383-8_32},
    abstract = {Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.},
    booktitle = {30th {International} {Conference} on {Artificial} {Neural} {Networks} ({ICANN2021})},
    author = {Kaufhold, Marc-André and Bayer, Markus and Hartung, Daniel and Reuter, Christian},
    year = {2021},
    keywords = {Student, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--13},
    }

  • Marc-André Kaufhold, Jennifer Fromm, Thea Riebe, Milad Mirbabaie, Philipp Kuehn, Ali Sercan Basyurt, Markus Bayer, Marc Stöttinger, Kaan Eyilmez, Reinhard Möller, Christoph Fuchß, Stefan Stieglitz, Christian Reuter (2021)
    CYWARN: Strategy and Technology Development for Cross-Platform Cyber Situational Awareness and Actor-Specific Cyber Threat Communication
    Mensch und Computer – Workshopband Bonn. doi:10.18420/muc2021-mci-ws08-263
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.

    @inproceedings{kaufhold_cywarn_2021,
    address = {Bonn},
    series = {Mensch und {Computer} 2021 - {Workshopband}},
    title = {{CYWARN}: {Strategy} and {Technology} {Development} for {Cross}-{Platform} {Cyber} {Situational} {Awareness} and {Actor}-{Specific} {Cyber} {Threat} {Communication}},
    url = {https://dl.gi.de/server/api/core/bitstreams/8f470f6b-5050-4fb9-b923-d08cf84c17b7/content},
    doi = {10.18420/muc2021-mci-ws08-263},
    abstract = {Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kaufhold, Marc-André and Fromm, Jennifer and Riebe, Thea and Mirbabaie, Milad and Kuehn, Philipp and Basyurt, Ali Sercan and Bayer, Markus and Stöttinger, Marc and Eyilmez, Kaan and Möller, Reinhard and Fuchß, Christoph and Stieglitz, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Security, Projekt-CYWARN},
    }

  • Marc-André Kaufhold, Christian Reuter, Tina Comes, Milad Mirbabaie, Stefan Stieglitz (2021)
    2nd Workshop on Mobile Resilience: Designing Mobile Interactive Systems for Crisis Response
    MobileHCI ’21: 23nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3447527.3474869
    [BibTeX] [Abstract] [Download PDF]

    Information and communication technologies (ICT), including artificial intelligence, internet of things, and mobile applications, can be utilized to tackle important societal challenges, such as the ongoing COVID-19 pandemic. While they may increase societal resilience, their design, functionality, and underlying infrastructures must be resilient against disruptions caused by anthropogenic, natural and hybrid crises, emergencies, and threats. In order to research challenges, designs, and potentials of interactive technologies, the second iteration of the workshop investigates the space of mobile technologies and resilient systems for crisis response, including the application domains of cyber threat and pandemic response.

    @article{kaufhold_2nd_2021,
    series = {{MobileHCI} '21 {Adjunct}},
    title = {2nd {Workshop} on {Mobile} {Resilience}: {Designing} {Mobile} {Interactive} {Systems} for {Crisis} {Response}},
    url = {https://peasec.de/paper/2021/2021_KaufholdReuterComesMirbabaieStieglitz_2ndWorkshopMobileResilience_MobileHCI.pdf},
    doi = {10.1145/3447527.3474869},
    abstract = {Information and communication technologies (ICT), including artificial intelligence, internet of things, and mobile applications, can be utilized to tackle important societal challenges, such as the ongoing COVID-19 pandemic. While they may increase societal resilience, their design, functionality, and underlying infrastructures must be resilient against disruptions caused by anthropogenic, natural and hybrid crises, emergencies, and threats. In order to research challenges, designs, and potentials of interactive technologies, the second iteration of the workshop investigates the space of mobile technologies and resilient systems for crisis response, including the application domains of cyber threat and pandemic response.},
    journal = {MobileHCI '21: 23nd International Conference on Human-Computer Interaction with Mobile Devices and Services},
    author = {Kaufhold, Marc-André and Reuter, Christian and Comes, Tina and Mirbabaie, Milad and Stieglitz, Stefan},
    year = {2021},
    keywords = {Crisis, Projekt-CYWARN},
    }

  • Marc-André Kaufhold (2021)
    Information Refinement Technologies for Crisis Informatics: User Expectations and Design Principles for Social Media and Mobile Apps
    Wiesbaden, Germany: Springer Vieweg. doi:10.1007/978-3-658-33341-6
    [BibTeX] [Abstract] [Download PDF]

    Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.

    @book{kaufhold_information_2021,
    address = {Wiesbaden, Germany},
    title = {Information {Refinement} {Technologies} for {Crisis} {Informatics}: {User} {Expectations} and {Design} {Principles} for {Social} {Media} and {Mobile} {Apps}},
    isbn = {978-3-658-33343-0},
    url = {https://www.springer.com/gp/book/9783658333430},
    abstract = {Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.},
    publisher = {Springer Vieweg},
    author = {Kaufhold, Marc-André},
    year = {2021},
    doi = {10.1007/978-3-658-33341-6},
    keywords = {Crisis, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlKaufhold, Dissertation},
    }

  • Philipp Kuehn, Markus Bayer, Marc Wendelborn, Christian Reuter (2021)
    OVANA: An Approach to Analyze and Improve the Information Quality of Vulnerability Databases
    Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES 2021) . doi:10.1145/3465481.3465744
    [BibTeX] [Abstract] [Download PDF]

    Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.

    @inproceedings{kuehn_ovana_2021,
    title = {{OVANA}: {An} {Approach} to {Analyze} and {Improve} the {Information} {Quality} of {Vulnerability} {Databases}},
    isbn = {978-1-4503-9051-4},
    url = {https://peasec.de/paper/2021/2021_KuehnBayerWendelbornReuter_OVANAQualityVulnerabilityDatabases_ARES.pdf},
    doi = {10.1145/3465481.3465744},
    abstract = {Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.},
    booktitle = {Proceedings of the 16th {International} {Conference} on {Availability}, {Reliability} and {Security} ({ARES} 2021)},
    publisher = {ACM},
    author = {Kuehn, Philipp and Bayer, Markus and Wendelborn, Marc and Reuter, Christian},
    year = {2021},
    keywords = {Security, Peace, Ranking-CORE-B, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--11},
    }

  • Franz Kuntke, Marcel Sinn, Sebastian Linsner, Christian Reuter (2021)
    Low Power Wide Area Networks (LPWAN) für krisentaugliche Datenübertragung in landwirtschaftlichen Betrieben
    41. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft Meyer-Aurich, Andreas Gandorfer, Markus Hoffmann, Christa Weltzien, Cornelia Bellingrath-Kimura, Sonoko D. Floto, Helga.
    [BibTeX] [Abstract] [Download PDF]

    Zuverlässige IT-basierte Kommunikation in der Landwirtschaft wird immer wichtiger für den regulären Betriebsablauf. Sollte sich ein Landwirt beispielsweise während eines lokalen Krisenfalls, wie einem Ausfall des Mobilfunknetzes oder des Internetzugangs des Betriebs, auf dem Feld aufhalten, wird ein alternativer Kommunikationskanal benötigt, um weiterhin eine Verbindung zu IT-Komponenten und benötigten Daten herstellen zu können. Mit der zunehmenden Digitalisierung finden Low-Power-Wide-Area-Network (LPWAN)-Technologien immer häufiger Anwendung, beispielsweise durch den Aufbau von Sensornetzwerken. Die eingesetzten LPWANTechnologien bieten dabei eine hohe Reichweite und sind größtenteils autark einsetzbar, erlauben jedoch keine klassische TCP/IP-Kommunikation. Im Rahmen dieser Arbeit wird experimentell eine populäre LPWAN-Technologie, namentlich LoRaWAN, durch AX.25 auf OSI-Schicht 2 (Data Link Layer) ergänzt, um Endgeräten eine TCP/IP-basierte Kommunikation über weite Strecken zu erlauben. Die Evaluation zeigt, dass klassische Anwendungen mit niedriger Bandbreite somit funktionsfähig sind und krisentaugliche Datenübertragung in landwirtschaftlichen Betrieben ermöglichen können.

    @inproceedings{kuntke_low_2021,
    address = {Meyer-Aurich, Andreas Gandorfer, Markus Hoffmann, Christa Weltzien, Cornelia Bellingrath-Kimura, Sonoko D. Floto, Helga},
    title = {Low {Power} {Wide} {Area} {Networks} ({LPWAN}) für krisentaugliche {Datenübertragung} in landwirtschaftlichen {Betrieben}},
    url = {http://www.peasec.de/paper/2021/2021_KuntkeSinnLinsnerReuter_LowPowerWideAreaNetworks_GIL.pdf},
    abstract = {Zuverlässige IT-basierte Kommunikation in der Landwirtschaft wird immer wichtiger für den regulären Betriebsablauf. Sollte sich ein Landwirt beispielsweise während eines lokalen Krisenfalls, wie einem Ausfall des Mobilfunknetzes oder des Internetzugangs des Betriebs, auf dem Feld aufhalten, wird ein alternativer Kommunikationskanal benötigt, um weiterhin eine Verbindung zu IT-Komponenten und benötigten Daten herstellen zu können. Mit der zunehmenden Digitalisierung finden Low-Power-Wide-Area-Network (LPWAN)-Technologien immer häufiger Anwendung, beispielsweise durch den Aufbau von Sensornetzwerken. Die eingesetzten LPWANTechnologien bieten dabei eine hohe Reichweite und sind größtenteils autark einsetzbar, erlauben jedoch keine klassische TCP/IP-Kommunikation. Im Rahmen dieser Arbeit wird experimentell eine populäre LPWAN-Technologie, namentlich LoRaWAN, durch AX.25 auf OSI-Schicht 2 (Data Link Layer) ergänzt, um Endgeräten eine TCP/IP-basierte Kommunikation über weite Strecken zu erlauben. Die Evaluation zeigt, dass klassische Anwendungen mit niedriger Bandbreite somit funktionsfähig sind und krisentaugliche Datenübertragung in landwirtschaftlichen Betrieben ermöglichen können.},
    booktitle = {41. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
    publisher = {Gesellschaft für Informatik},
    author = {Kuntke, Franz and Sinn, Marcel and Linsner, Sebastian and Reuter, Christian},
    editor = {Meyer-Aurich, Andreas and Gandorfer, Markus and Hoffmann, Christa and Weltzien, Cornelia and Bellingrath-Kimura, Sonoko D. and Floto, Helga},
    year = {2021},
    keywords = {Ranking-VHB-C, Security, Projekt-GeoBox, Projekt-HyServ},
    pages = {193--198},
    }

  • Franz Kuntke, Marcel Sinn, Christian Reuter (2021)
    Reliable Data Transmission using Low Power Wide Area Networks (LPWAN) for Agricultural Applications
    Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES 2021) . doi:10.1145/3465481.3469191
    [BibTeX] [Abstract] [Download PDF]

    Reliable IT-based communication in agriculture is becoming increasingly important for regular operations. For example, if a farmer is in the field during a network outage, such as a failure of the mobile network, an alternative communication channel is needed to continue to connect to IT components and required data. With increasing digitalization, Low Power Wide Area Network (LPWAN) technologies are being used more and more frequently, e.g. for sensor networks. The LPWAN technologies offer a high range and can be used autonomously for the most part, but do not allow classic TCP/IP communication. In this work, a popular LPWAN technology, namely LoRaWAN, is experimentally supplemented by AX.25 on OSI layer 2 (Data Link Layer) to allow end devices TCP/IP-based communication over long distances. The evaluation shows that classic low-bandwidth applications are thus functional and can enable reliable, crisis-capable data transmission.

    @inproceedings{kuntke_reliable_2021,
    title = {Reliable {Data} {Transmission} using {Low} {Power} {Wide} {Area} {Networks} ({LPWAN}) for {Agricultural} {Applications}},
    url = {http://www.peasec.de/paper/2021/2021_KuntkeSinnReuter_LPWANAgriculture_FARES.pdf},
    doi = {10.1145/3465481.3469191},
    abstract = {Reliable IT-based communication in agriculture is becoming increasingly important for regular operations. For example, if a farmer is in the field during a network outage, such as a failure of the mobile network, an alternative communication channel is needed to continue to connect to IT components and required data. With increasing digitalization, Low Power Wide Area Network (LPWAN) technologies are being used more and more frequently, e.g. for sensor networks. The LPWAN technologies offer a high range and can be used autonomously for the most part, but do not allow classic TCP/IP communication. In this work, a popular LPWAN technology, namely LoRaWAN, is experimentally supplemented by AX.25 on OSI layer 2 (Data Link Layer) to allow end devices TCP/IP-based communication over long distances. The evaluation shows that classic low-bandwidth applications are thus functional and can enable reliable, crisis-capable data transmission.},
    booktitle = {Proceedings of the 16th {International} {Conference} on {Availability}, {Reliability} and {Security} ({ARES} 2021)},
    author = {Kuntke, Franz and Sinn, Marcel and Reuter, Christian},
    year = {2021},
    keywords = {Student, Security, Projekt-GeoBox, Projekt-HyServ},
    pages = {1--9},
    }

  • Sebastian Linsner, Franz Kuntke, Enno Steinbrink, Jonas Franken, Christian Reuter (2021)
    The Role of Privacy in Digitalization – Analysing the German Farmers‘ Perspective
    Proceedings on Privacy Enhancing Technologies (PoPETs) ;2021(3):334–350. doi:10.2478/popets-2021-0050
    [BibTeX] [Abstract] [Download PDF]

    Technological progress can disrupt domains and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk. Having insight into the business data of others along the supply chain provides an advantage in terms of market position. This is particularly true in agriculture, where there is already a significant imbalance of power between actors. A multitude of small and medium-sized farming businesses are opposed by large upstream and downstream players that drive technological innovation. Further weakening the market position of farmers could lead to severe consequences for the entire sector. We found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other hand, privacy itself influences adoption of digital tools. Our study sheds light on the emerging challenges for farmers and the role of privacy in the process of digitalization in agriculture.

    @article{linsner_role_2021,
    title = {The {Role} of {Privacy} in {Digitalization} – {Analysing} the {German} {Farmers}' {Perspective}},
    volume = {2021},
    url = {https://www.petsymposium.org/2021/files/papers/issue3/popets-2021-0050.pdf},
    doi = {10.2478/popets-2021-0050},
    abstract = {Technological progress can disrupt domains
    and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers
    that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data
    itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and
    consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk.
    Having insight into the business data of others along the
    supply chain provides an advantage in terms of market
    position. This is particularly true in agriculture, where
    there is already a significant imbalance of power between actors. A multitude of small and medium-sized
    farming businesses are opposed by large upstream and
    downstream players that drive technological innovation.
    Further weakening the market position of farmers could
    lead to severe consequences for the entire sector. We
    found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other
    hand, privacy itself influences adoption of digital tools.
    Our study sheds light on the emerging challenges for
    farmers and the role of privacy in the process of digitalization in agriculture.},
    number = {3},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Linsner, Sebastian and Kuntke, Franz and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, AuswahlUsableSec, Projekt-GeoBox, Projekt-GRKPrivacy, Projekt-HyServ},
    pages = {334--350},
    }

  • Tilo Mentler, Christian Reuter, Simon Nestler, Marc-André Kaufhold, Michael Herczeg, Jens Pottebaum (2021)
    8. Workshop Mensch-Maschine-Interaktion in sicherheitskritischen Systemen: Ausnahmezustand
    Mensch und Computer – Workshopband Ingolstadt. doi:10.18420/muc2021-mci-ws08-117
    [BibTeX] [Abstract] [Download PDF]

    Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Anwendungsfelder, die bereits seit vielen Jahren Gegenstand der Forschung und Entwicklung sind. Beispiele sind Katastrophen-schutz oder Medizin, aber auch kritische Infrastrukturen. In die-sen und vielen weiteren Bereichen gilt, dass sichere Systemzu-stände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicher-heitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet. Dieser Beitrag stellt die Themenkomplexe des Workshops, die angenommenen Bei-träge und das Organisationsteam vor.

    @inproceedings{mentler_8_2021,
    address = {Ingolstadt},
    title = {8. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}: {Ausnahmezustand}},
    url = {https://dl.gi.de/handle/20.500.12116/37338},
    doi = {10.18420/muc2021-mci-ws08-117},
    abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Anwendungsfelder, die bereits seit vielen Jahren Gegenstand der Forschung und Entwicklung sind. Beispiele sind Katastrophen-schutz oder Medizin, aber auch kritische Infrastrukturen. In die-sen und vielen weiteren Bereichen gilt, dass sichere Systemzu-stände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicher-heitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet. Dieser Beitrag stellt die Themenkomplexe des Workshops, die angenommenen Bei-träge und das Organisationsteam vor.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Mentler, Tilo and Reuter, Christian and Nestler, Simon and Kaufhold, Marc-André and Herczeg, Michael and Pottebaum, Jens},
    year = {2021},
    keywords = {HCI, Security, Projekt-CYWARN},
    }

  • Thomas Reinhold (2021)
    Zur Rolle und Verantwortung der Informatik für die Friedensforschung und Rüstungskontrolle
    FIfF-Kommunikation ;38:47–49.
    [BibTeX] [Download PDF]

    @article{reinhold_zur_2021,
    title = {Zur {Rolle} und {Verantwortung} der {Informatik} für die {Friedensforschung} und {Rüstungskontrolle}},
    volume = {38},
    url = {https://peasec.de/paper/2021/2021_Reinhold_RolleVerantwortungInformatikFriedensforschung_FIFF.pdf},
    journal = {FIfF-Kommunikation},
    author = {Reinhold, Thomas},
    year = {2021},
    keywords = {Security, Peace, Projekt-DualUse, Cyberwar},
    pages = {47--49},
    }

  • Christian Reuter (2021)
    Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage)
    2 ed. Wiesbaden: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

    @book{reuter_sicherheitskritische_2021,
    address = {Wiesbaden},
    edition = {2},
    title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    isbn = {978-3-658-32795-8},
    url = {https://www.springer.com/de/book/9783658327941},
    abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, HCI, Selected, SocialMedia, UsableSec, Security, Projekt-KontiKat, Peace, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Christian Reuter, Ulrike Lechner (2021)
    Introduction to the WI2021 Track: Digitization and Society – Even in Times of Corona
    Innovation Through Information Systems. WI 2021: Volume II: A Collection of Latest Research on Technology Issues . doi:https://doi.org/10.1007/978-3-030-86797-3
    [BibTeX] [Abstract] [Download PDF]

    Information and communication technologies affect all areas of civil society. Digitalization opens up new opportunities to address important social issues. The motor of digitalization can be social necessity, technical feasibility, and also a crisis, as the reaction to the COVID-19 pandemic demonstrates: Out of necessity, ideas are created, systems designed and implemented and the value of digital solutions to society becomes apparent. With the digitalization of everyday working and learning, apps for tracing information chains and containing new infections have potential, but also pose social risks. The current COVID-19 crisis seems to put the role of digitalization in a completely new light. Both, to evaluate the value of digital solutions to society and to identify space for innovation is important in times of intense digitalization efforts. To meet the societal challenges posed by digitalization, it is particularly important to understand how they arise. The use of digital solutions in safety-critical contexts entails dependencies and the threat of various dangers: Infrastructure disruptions and failures can be caused by criminal acts, terrorist attacks, natural disasters, operational disruptions, and system failures. In addition, there is a concern about data arising from the use of digital solutions. Data protection, data sovereignty, data security, and their social perception must always be closely observed. Furthermore, it is important to ensure that digitalization does not lead to a digital divide. New digital solutions require constant evaluation and assessment of the consequences.

    @inproceedings{reuter_introduction_2021,
    title = {Introduction to the {WI2021} {Track}: {Digitization} and {Society} – {Even} in {Times} of {Corona}},
    isbn = {978-3-030-86797-3},
    url = {http://www.peasec.de/paper/2021/2021_ReuterLechner_DigitisationandSocietyinTimesofCorona_WI.pdf},
    doi = {https://doi.org/10.1007/978-3-030-86797-3},
    abstract = {Information and communication technologies affect all areas of civil society. Digitalization opens up new opportunities to address important social issues. The motor of digitalization can be social necessity, technical feasibility, and also a crisis, as the reaction to the COVID-19 pandemic demonstrates: Out of necessity, ideas are created, systems designed and implemented and the value of digital solutions to society becomes apparent. With the digitalization of everyday working and learning, apps for tracing information chains and containing new infections have potential, but also pose social risks. The current COVID-19 crisis seems to put the role of digitalization in a completely new light. Both, to evaluate the value of digital solutions to society and to identify space for innovation is important in times of intense digitalization efforts.
    To meet the societal challenges posed by digitalization, it is particularly important to understand how they arise. The use of digital solutions in safety-critical contexts entails dependencies and the threat of various dangers: Infrastructure disruptions and failures can be caused by criminal acts, terrorist attacks, natural disasters, operational disruptions, and system failures. In addition, there is a concern about data arising from the use of digital solutions. Data protection, data sovereignty, data security, and their social perception must always be closely observed. Furthermore, it is important to ensure that digitalization does not lead to a digital divide. New digital solutions require constant evaluation and assessment of the consequences.},
    booktitle = {Innovation {Through} {Information} {Systems}. {WI} 2021: {Volume} {II}: {A} {Collection} of {Latest} {Research} on {Technology} {Issues}},
    publisher = {Springer},
    author = {Reuter, Christian and Lechner, Ulrike},
    year = {2021},
    keywords = {HCI, UsableSec, Security},
    pages = {244--246},
    }

  • Christian Reuter (2021)
    Einleitung in die sicherheitskritische Mensch-Computer-Interaktion
    In: Christian ReuterSicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage). 2 ed. Wiesbaden, Germany: Springer Vieweg, , 3–17.
    [BibTeX] [Abstract] [Download PDF]

    Die sicherheitskritische Mensch-Computer-Interaktion (MCI) ist eine interdisziplinäre Herausforderung und ein für die Informatik und die jeweiligen Anwendungsdomänen ein zunehmend an Bedeutung gewinnendes Thema. Dieses Kapitel bietet eine Einfüh-rung in das Lehr- und Fachbuch „Sicherheitskritische Mensch-Computer-Interaktion – Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement“. Als didaktisch aufbereiteter, umfassender Überblick über Grundlagen, Methoden und Anwendungsgebiete soll es sowohl als vorlesungsbegleitende Lektüre als auch als Nach-schlagewerk für Personen aus Wissenschaft, Design und Entwicklung dienen. Dies ad-ressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering, von Analyse über Design bis Evaluation abgedeckt.

    @incollection{reuter_einleitung_2021,
    address = {Wiesbaden, Germany},
    edition = {2},
    title = {Einleitung in die sicherheitskritische {Mensch}-{Computer}-{Interaktion}},
    isbn = {978-3-658-32794-1},
    url = {https://doi.org/10.1007/978-3-658-32795-8_1},
    abstract = {Die sicherheitskritische Mensch-Computer-Interaktion (MCI) ist eine interdisziplinäre Herausforderung und ein für die Informatik und die jeweiligen Anwendungsdomänen ein zunehmend an Bedeutung gewinnendes Thema. Dieses Kapitel bietet eine Einfüh-rung in das Lehr- und Fachbuch „Sicherheitskritische Mensch-Computer-Interaktion – Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement“. Als didaktisch aufbereiteter, umfassender Überblick über Grundlagen, Methoden und Anwendungsgebiete soll es sowohl als vorlesungsbegleitende Lektüre als auch als Nach-schlagewerk für Personen aus Wissenschaft, Design und Entwicklung dienen. Dies ad-ressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering, von Analyse über Design bis Evaluation abgedeckt.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2021},
    keywords = {Crisis, HCI, UsableSec, Security, Projekt-CYWARN},
    pages = {3--17},
    }

  • Christian Reuter, Marc-André Kaufhold (2021)
    Soziale Medien in Notfällen, Krisen und Katastrophen
    In: Christian ReuterSicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage). 2 ed. Wiesbaden, Germany: Springer Vieweg, , 407–430.
    [BibTeX] [Abstract] [Download PDF]

    Die Nutzung sozialer Medien hat sich nicht nur im Alltag, sondern auch in vielen ver-schiedenen Notfällen, Krisen und Katastrophen etabliert. Dieser Prozess begann bereits vor etwa 20 Jahren nach den Terroranschlägen vom 11. September 2001. In den darauf-folgenden Jahren, vor allem aber dem letzten Jahrzehnt, wurde eine Vielzahl von Stu-dien veröffentlicht, die sich auf den Gebrauch von Informations- und Kommunikations-technologien einschließlich der sozialen Medien vor, während oder nach Notfällen kon-zentrieren. Dieser Forschungsbereich wird auch unter dem Begriff Crisis Informatics zusammengefasst. Das Ziel dieses Kapitels ist es, den Gebrauch von und die Forschung über soziale Medien in Katastrophen und Notfällen in den vergangenen 20 Jahren mit besonderem Schwerpunkt auf identifizierbare Nutzungsmuster und deren Wahrnehmung zusammenzufassen, um die bisherigen Ergebnisse und zukünftigen Potenziale herauszu-stellen.

    @incollection{reuter_soziale_2021,
    address = {Wiesbaden, Germany},
    edition = {2},
    title = {Soziale {Medien} in {Notfällen}, {Krisen} und {Katastrophen}},
    isbn = {978-3-658-32794-1},
    url = {https://doi.org/10.1007/978-3-658-32795-8_19},
    abstract = {Die Nutzung sozialer Medien hat sich nicht nur im Alltag, sondern auch in vielen ver-schiedenen Notfällen, Krisen und Katastrophen etabliert. Dieser Prozess begann bereits vor etwa 20 Jahren nach den Terroranschlägen vom 11. September 2001. In den darauf-folgenden Jahren, vor allem aber dem letzten Jahrzehnt, wurde eine Vielzahl von Stu-dien veröffentlicht, die sich auf den Gebrauch von Informations- und Kommunikations-technologien einschließlich der sozialen Medien vor, während oder nach Notfällen kon-zentrieren. Dieser Forschungsbereich wird auch unter dem Begriff Crisis Informatics zusammengefasst. Das Ziel dieses Kapitels ist es, den Gebrauch von und die Forschung über soziale Medien in Katastrophen und Notfällen in den vergangenen 20 Jahren mit besonderem Schwerpunkt auf identifizierbare Nutzungsmuster und deren Wahrnehmung zusammenzufassen, um die bisherigen Ergebnisse und zukünftigen Potenziale herauszu-stellen.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    editor = {Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Security, Peace, Projekt-CYWARN},
    pages = {407--430},
    }

  • Christian Reuter, Konstantin Aal, Frank Beham, Alexander Boden, Florian Brauner, Thomas Ludwig, Stephan Lukosch, Frank Fiedrich, Frank FuchsKittowski, Stefan Geisler, Klaus Gennen, Dominik Herrmann, Marc-André Kaufhold, Michael Klafft, Myriam Lipprandt, Luigi Lo Iacono, Volkmar Pipek, Tilo Mentler, Simon Nestler, Jens Pottebaum, Sven Quadflieg, Stefan Stieglitz, Christian Sturm, Gebhard Rusch, Stefan Sackmann, Melanie Volkamer, Volker Wulf (2021)
    Die Zukunft sicherheitskritischer Mensch-Computer-Interaktion
    In: Christian ReuterSicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (2. Auflage). 2 ed. Wiesbaden, Germany: Springer Vieweg, , 673–681.
    [BibTeX] [Abstract] [Download PDF]

    Sicherheitskritische Mensch-Computer-Interaktion ist nicht nur derzeit ein hochaktuel-les Thema, sondern wird dies auch in Zukunft bleiben. Insofern ist ein Lehr- und Fach-buch wie dieses immer nur eine Momentaufnahme, und kann immer nur einen punktuel-len Stand abdecken. Dennoch kann der Versuch unternommen werden, aktuelle Trends zu identifizieren und einen Ausblick in die Zukunft zu wagen. Genau das möchte dieses Kapitel erreichen: Es sollen zukünftige Entwicklungen vorausgesagt und versucht wer-den, diese korrekt einzuordnen. Das ist an dieser Stelle nicht nur durch den Herausgeber, sondern durch Abfrage bei zahlreichen am Lehrbuch beteiligten Autor*innen geschehen. Neben einem Ausblick auf Grundlagen und Methoden werden dementsprechend auch sicherheitskritische interaktive Systeme und sicherheitskritische kooperative Systeme abgedeckt.

    @incollection{reuter_zukunft_2021,
    address = {Wiesbaden, Germany},
    edition = {2},
    title = {Die {Zukunft} sicherheitskritischer {Mensch}-{Computer}-{Interaktion}},
    isbn = {978-3-658-19523-6},
    url = {https://doi.org/10.1007/978-3-658-32795-8_31},
    abstract = {Sicherheitskritische Mensch-Computer-Interaktion ist nicht nur derzeit ein hochaktuel-les Thema, sondern wird dies auch in Zukunft bleiben. Insofern ist ein Lehr- und Fach-buch wie dieses immer nur eine Momentaufnahme, und kann immer nur einen punktuel-len Stand abdecken. Dennoch kann der Versuch unternommen werden, aktuelle Trends zu identifizieren und einen Ausblick in die Zukunft zu wagen. Genau das möchte dieses Kapitel erreichen: Es sollen zukünftige Entwicklungen vorausgesagt und versucht wer-den, diese korrekt einzuordnen. Das ist an dieser Stelle nicht nur durch den Herausgeber, sondern durch Abfrage bei zahlreichen am Lehrbuch beteiligten Autor*innen geschehen. Neben einem Ausblick auf Grundlagen und Methoden werden dementsprechend auch sicherheitskritische interaktive Systeme und sicherheitskritische kooperative Systeme abgedeckt.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} (2. {Auflage})},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aal, Konstantin and Beham, Frank and Boden, Alexander and Brauner, Florian and Ludwig, Thomas and Lukosch, Stephan and Fiedrich, Frank and Fuchs-Kittowski, Frank and Geisler, Stefan and Gennen, Klaus and Herrmann, Dominik and Kaufhold, Marc-André and Klafft, Michael and Lipprandt, Myriam and Lo Iacono, Luigi and Pipek, Volkmar and Mentler, Tilo and Nestler, Simon and Pottebaum, Jens and Quadflieg, Sven and Stieglitz, Stefan and Sturm, Christian and Rusch, Gebhard and Sackmann, Stefan and Volkamer, Melanie and Wulf, Volker},
    editor = {Reuter, Christian},
    year = {2021},
    note = {https://doi.org/10.1007/978-3-658-32795-8\_31},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, Security, Projekt-KontiKat, Projekt-CYWARN},
    pages = {673--681},
    }

  • Christian Reuter, Marc-André Kaufhold (2021)
    Informatik für Frieden-, Konflikt- und Sicherheitsforschung
    In: Christian ReuterSicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage). 2 ed. Wiesbaden, Germany: Springer Vieweg, , 605–630.
    [BibTeX] [Abstract] [Download PDF]

    Seit jeher hatten die Erkenntnisse aus Naturwissenschaft und Technik einen großen Einfluss auf die Art und Weise, wie Kriege und Konflikte ausgetragen wurden bezie-hungsweise werden. Im Kontext von Frieden und Sicherheit können Erkenntnisse, die eigentlich für zivile Kontexte gewonnen wurden, auch für militärische Auseinanderset-zungen genutzt werden (Dual-Use-Problematik). Seit einigen Jahren betrifft dies insbe-sondere die Informatik, die durch die militärische Nutzung von Computern, Cyberwar, Cyberspionage Information Warfare, aber auch in Bereichen wie Desinformationen kon-fliktäre Auseinandersetzungen unterstützen (und verstärken) kann. Auch werden Kon-flikte vermehrt im digitalen Raum ausgetragen, mit erschwerter Zuordnungsmöglichkeit von einzelnen (angreifenden) Akteur*innen. Im Gegenzug dazu bietet die Informatik jedoch auch für friedensstiftende Aktivitäten zahlreiche Einsatzmöglichkeiten. Dieses Kapitel möchte eine Einführung in die zunehmend an Bedeutung gewinnende Thematik liefern.

    @incollection{reuter_informatik_2021,
    address = {Wiesbaden, Germany},
    edition = {2},
    title = {Informatik für {Frieden}-, {Konflikt}- und {Sicherheitsforschung}},
    isbn = {978-3-658-32794-1},
    url = {https://doi.org/10.1007/978-3-658-32795-8_28},
    abstract = {Seit jeher hatten die Erkenntnisse aus Naturwissenschaft und Technik einen großen Einfluss auf die Art und Weise, wie Kriege und Konflikte ausgetragen wurden bezie-hungsweise werden. Im Kontext von Frieden und Sicherheit können Erkenntnisse, die eigentlich für zivile Kontexte gewonnen wurden, auch für militärische Auseinanderset-zungen genutzt werden (Dual-Use-Problematik). Seit einigen Jahren betrifft dies insbe-sondere die Informatik, die durch die militärische Nutzung von Computern, Cyberwar, Cyberspionage Information Warfare, aber auch in Bereichen wie Desinformationen kon-fliktäre Auseinandersetzungen unterstützen (und verstärken) kann. Auch werden Kon-flikte vermehrt im digitalen Raum ausgetragen, mit erschwerter Zuordnungsmöglichkeit von einzelnen (angreifenden) Akteur*innen. Im Gegenzug dazu bietet die Informatik jedoch auch für friedensstiftende Aktivitäten zahlreiche Einsatzmöglichkeiten. Dieses Kapitel möchte eine Einführung in die zunehmend an Bedeutung gewinnende Thematik liefern.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    editor = {Reuter, Christian},
    year = {2021},
    keywords = {Security, Peace, Projekt-DualUse, Projekt-CYWARN},
    pages = {605--630},
    }

  • Christian Reuter, Thomas Ludwig, Volkmar Pipek (2021)
    Resilienz durch Kooperationstechnologien
    In: Christian Reuter: Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement. Wiesbaden, Germany: Springer Vieweg, , 473–493. doi:10.1007/978-3-658-32795-8_22
    [BibTeX] [Abstract] [Download PDF]

    Kooperationstechnologien spielen in sicherheitskritischen Systemen eine große Rolle, da in vielen Anwendungsfeldern nicht nur die Interaktion von Mensch und Computer, sondern auch die durch IT unterstützte Kooperation zwischen Menschen notwendig ist, um Aufgaben bewältigen zu können. Solche Technologien müssen verschiedene Anfor-derungen erfüllen und können ebenfalls zur Resilienz beitragen. Unter Resilienz durch Kooperation verstehen wir die Fähigkeit, Krisen durch die Anpassungsfähigkeit an ge-änderte Realitäten ohne nachhaltigen Schaden mithilfe von Kooperation zu überstehen. Während das Konzept der Resilienz in den Ingenieurwissenschaften vornehmlich die Verfügbarkeit technischer Systeme fokussiert, betrachten wir Resilienz als soziotechni-sches Konstrukt, unter expliziter Betrachtung der beteiligten Akteur*innen. Basierend auf Grundlagen zu Kooperationstechnologien zeigt dieses Kapitel anhand von prakti-schen exemplarisch umgesetzten Kooperationstechnologien (soziales Netzwerk, GIS-System, Smartphone Apps, Facebook App und Social Media Analytics-Plattform), wie Kooperation unterstützt wird und zu kooperativer Resilienz beitragen kann.

    @incollection{reuter_resilienz_2021,
    address = {Wiesbaden, Germany},
    title = {Resilienz durch {Kooperationstechnologien}},
    isbn = {978-3-658-32795-8},
    url = {http://www.peasec.de/paper/2021/2021_ReuterLudwigPipek_ResilienzKooperationstechnologien_SecMCI-Kap22.pdf},
    abstract = {Kooperationstechnologien spielen in sicherheitskritischen Systemen eine große Rolle, da in vielen Anwendungsfeldern nicht nur die Interaktion von Mensch und Computer, sondern auch die durch IT unterstützte Kooperation zwischen Menschen notwendig ist, um Aufgaben bewältigen zu können. Solche Technologien müssen verschiedene Anfor-derungen erfüllen und können ebenfalls zur Resilienz beitragen. Unter Resilienz durch Kooperation verstehen wir die Fähigkeit, Krisen durch die Anpassungsfähigkeit an ge-änderte Realitäten ohne nachhaltigen Schaden mithilfe von Kooperation zu überstehen. Während das Konzept der Resilienz in den Ingenieurwissenschaften vornehmlich die Verfügbarkeit technischer Systeme fokussiert, betrachten wir Resilienz als soziotechni-sches Konstrukt, unter expliziter Betrachtung der beteiligten Akteur*innen. Basierend auf Grundlagen zu Kooperationstechnologien zeigt dieses Kapitel anhand von prakti-schen exemplarisch umgesetzten Kooperationstechnologien (soziales Netzwerk, GIS-System, Smartphone Apps, Facebook App und Social Media Analytics-Plattform), wie Kooperation unterstützt wird und zu kooperativer Resilienz beitragen kann.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Ludwig, Thomas and Pipek, Volkmar},
    editor = {Reuter, Christian},
    year = {2021},
    doi = {10.1007/978-3-658-32795-8_22},
    keywords = {Cooperation, HCI, SocialMedia, Projekt-KontiKat, Infrastructure, RSF},
    pages = {473--493},
    }

  • Christian Reuter, Marc-André Kaufhold (2021)
    Usable Safety Engineering sicherheitskritischer interaktiver Systeme
    In: Christian Reuter: Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement. Wiesbaden, Germany: Springer Vieweg, , 23–45. doi:10.1007/978-3-658-32795-8_2
    [BibTeX] [Abstract] [Download PDF]

    Die Gestaltung gebrauchstauglicher, interaktiver und kooperativer Systeme wird bereits seit den 1980er Jahren in der Disziplin Mensch-Computer-Interaktion (MCI) und Com-puterunterstützte Gruppenarbeit (CSCW) behandelt. Es gibt jedoch einige Besonderhei-ten der MCI im Kontext sicherheitskritischer Systeme, insbesondere der störungsfreien Nutzung von IT (Safety) zu beachten. Dieses Kapitel stellt die wichtigsten Merkmale der Anwendung von Gestaltungsmethoden der MCI in sicherheitskritischen Systemen dar. Hierfür werden zu Beginn die Grundlagen der beiden Gebiete – der MCI sowie des Kri-sen- und Sicherheitsmanagements – erläutert. Darauf aufbauend werden Ansätze und Methoden der Analyse, des Designs und der Entwicklung sowie der Evaluation der MCI unter besonderer Berücksichtigung sicherheitskritischer Systeme diskutiert. Aspekte wie Risikoanalysen in der Anforderungsanalyse, die Einkalkulierung von Bedienfehlern und Rückfallebenen im Systemdesign gehören ebenso dazu wie besondere Herausforderun-gen bei Evaluationen.

    @incollection{reuter_usable_2021,
    address = {Wiesbaden, Germany},
    title = {Usable {Safety} {Engineering} sicherheitskritischer interaktiver {Systeme}},
    isbn = {978-3-658-32795-8},
    url = {https://link.springer.com/chapter/10.1007/978-3-658-32795-8_2},
    abstract = {Die Gestaltung gebrauchstauglicher, interaktiver und kooperativer Systeme wird bereits seit den 1980er Jahren in der Disziplin Mensch-Computer-Interaktion (MCI) und Com-puterunterstützte Gruppenarbeit (CSCW) behandelt. Es gibt jedoch einige Besonderhei-ten der MCI im Kontext sicherheitskritischer Systeme, insbesondere der störungsfreien Nutzung von IT (Safety) zu beachten. Dieses Kapitel stellt die wichtigsten Merkmale der Anwendung von Gestaltungsmethoden der MCI in sicherheitskritischen Systemen dar. Hierfür werden zu Beginn die Grundlagen der beiden Gebiete – der MCI sowie des Kri-sen- und Sicherheitsmanagements – erläutert. Darauf aufbauend werden Ansätze und Methoden der Analyse, des Designs und der Entwicklung sowie der Evaluation der MCI unter besonderer Berücksichtigung sicherheitskritischer Systeme diskutiert. Aspekte wie Risikoanalysen in der Anforderungsanalyse, die Einkalkulierung von Bedienfehlern und Rückfallebenen im Systemdesign gehören ebenso dazu wie besondere Herausforderun-gen bei Evaluationen.},
    booktitle = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    editor = {Reuter, Christian},
    year = {2021},
    doi = {10.1007/978-3-658-32795-8_2},
    keywords = {HCI, UsableSec, Security, Projekt-KontiKat, Projekt-CRISP},
    pages = {23--45},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    LinkedIn als Barometer: Austausch zwischen ziviler und militärischer F&E
    Wissenschaft & Frieden: 2021.
    [BibTeX] [Abstract] [Download PDF]

    Gibt es Wissenstransfers zwischen militärischer und ziviler Forschung? Wenn ja, in welchem Umfang? Um die Art und Weise zu untersuchen, wie Unternehmen durch sogenannte »Spillover«-Effekte von den Aktivitäten in den Bereichen »Forschung und Entwicklung« (F&E) eines anderen Unternehmens profi tieren, existieren bereits Methoden, die die Mobilität von Arbeitskräften als Initiator von Wissenstransfers untersuchen. Dieser Beitrag stellt einen ergänzenden Ansatz vor, der auf »Social Media Analytics« (SMA) beruht. Er soll helfen, die »Spillover«-Eff ekte vom Verteidigungsbereich in die zivile F&E quantifi zieren zu können und beruht auf der Analyse von Angaben zum Beschäftigungswechsel aus dem sozialen Netzwerk »LinkedIn«.

    @techreport{riebe_linkedin_2021,
    address = {Wissenschaft \& Frieden},
    title = {{LinkedIn} als {Barometer}: {Austausch} zwischen ziviler und militärischer {F}\&{E}},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_LinkedInalsBarometer_WuF.pdf},
    abstract = {Gibt es Wissenstransfers zwischen militärischer und ziviler Forschung? Wenn ja, in welchem Umfang? Um die Art und Weise zu untersuchen, wie Unternehmen durch sogenannte »Spillover«-Effekte von den Aktivitäten in den Bereichen »Forschung und Entwicklung« (F\&E) eines anderen Unternehmens profi tieren, existieren bereits Methoden, die die Mobilität von Arbeitskräften als Initiator von Wissenstransfers untersuchen. Dieser Beitrag stellt einen ergänzenden Ansatz vor, der auf »Social Media Analytics« (SMA) beruht. Er soll helfen, die »Spillover«-Eff ekte vom Verteidigungsbereich in die zivile F\&E quantifi zieren zu können und beruht auf der Analyse von Angaben zum Beschäftigungswechsel aus dem sozialen Netzwerk »LinkedIn«.},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Peace, Projekt-DualUse},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn
    Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.1755787
    [BibTeX] [Abstract] [Download PDF]

    Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.

    @article{riebe_measuring_2021,
    title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
    volume = {32},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
    doi = {10.1080/10242694.2020.1755787},
    abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
    number = {7},
    journal = {Defence and Peace Economics},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {773--785},
    }

  • Thea Riebe, Marc-André Kaufhold, Christian Reuter (2021)
    The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479865
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

    @article{riebe_impact_2021,
    title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
    volume = {5},
    url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
    doi = {10.1145/3479865},
    abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold},
    }

  • Thea Riebe, Tristan Wirth, Markus Bayer, Philipp Kuehn, Marc-André Kaufhold, Volker Knauthe, Stefan Guthe, Christian Reuter (2021)
    CySecAlert: An Alert Generation System for Cyber Security Events Using Open Source Intelligence Data
    Information and Communications Security (ICICS) . doi:10.1007/978-3-030-86890-1_24
    [BibTeX] [Abstract] [Download PDF]

    Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.

    @inproceedings{riebe_cysecalert_2021,
    title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
    url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
    doi = {10.1007/978-3-030-86890-1_24},
    abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
    booktitle = {Information and {Communications} {Security} ({ICICS})},
    author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {429--446},
    }

  • Thea Riebe, Christian Reuter (2021)
    Neue Technologien und Resilienz
    Wissenschaft und Frieden: 2021.
    [BibTeX] [Abstract] [Download PDF]

    Die Science · Peace · Security ’21 (SPS21) Konferenz fand in diesem Jahr virtuell statt. Ausgerichtet wurde sie durch Prof. Malte Göttsche, Leiter der Forschungsgruppe »Nukleare Verifikation und Abrüstung« an der RWTH Aachen mit Unterstützung eines international besetzten Programmkomitees. Die Konferenz brachte Wissenschaftler*innen aus vielen Disziplinen und aus aller Welt, Diplomat*innen sowie Mitglieder der Bundeswehr zusammen, um über aktuelle Fragen der Rüstungskontrolle und Abrüstung unter dem diesjährigen Motto »The Impact of New Technologies: Destabilizing or Enabling Resilience?« zu diskutieren.

    @techreport{riebe_neue_2021,
    address = {Wissenschaft und Frieden},
    title = {Neue {Technologien} und {Resilienz}},
    url = {https://peasec.de/paper/2021/2021_RiebeReuter_NeueTechnologienResilienz.pdf},
    abstract = {Die Science · Peace · Security ’21 (SPS21) Konferenz fand in diesem Jahr virtuell statt. Ausgerichtet wurde sie durch Prof. Malte Göttsche, Leiter der Forschungsgruppe »Nukleare Verifikation und Abrüstung« an der RWTH Aachen mit Unterstützung eines international besetzten Programmkomitees. Die Konferenz brachte Wissenschaftler*innen aus vielen Disziplinen und aus aller Welt, Diplomat*innen sowie Mitglieder der Bundeswehr zusammen, um über aktuelle Fragen der Rüstungskontrolle und Abrüstung unter dem diesjährigen Motto »The Impact of New Technologies: Destabilizing or Enabling Resilience?« zu diskutieren.},
    author = {Riebe, Thea and Reuter, Christian},
    year = {2021},
    keywords = {Peace},
    }

  • Enno Steinbrink, Lilian Reichert, Michelle Mende, Christian Reuter (2021)
    Digital Privacy Perceptions of Asylum Seekers in Germany – An Empirical Study about Smartphone Usage during the Flight
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479526
    [BibTeX] [Abstract] [Download PDF]

    Since 2015, an increased number of asylum seekers is coming to Europe. These migration movements increasingly rely on digital infrastructure, such as mobile internet access and online services, in order to reach their targeted destination countries. Asylum seekers often use smartphones for information and communication purposes. Even though there are many positive aspects in the use of such technologies, researchers have to consider the perceived risks of this specific user group. This work aims at investigating the use of mobile information technologies by asylum seekers during their flight, especially taking privacy into account. Thus, it examines asylum seekers’ digital privacy perceptions and identifies privacy protection behaviors by conducting a qualitative interview study with 14 asylum seekers who applied for asylum in Germany. The results show that asylum seekers are often aware of the various risks deriving from the use of smartphones and ICT, such as surveillance and persecution by state or non-state actors as well as extortion by criminals. Based on this, this work furthermore outlines different strategies used to manage these risks. Since the lack of privacy and trust leads to avoidance behavior, the insights of this study provide valuable information for the design of assistance apps and collaboration platforms, which appropriately address the specific needs for digital privacy in the context of flight, or for the conception of privacy-enhancing technologies helping to achieve this.

    @article{steinbrink_digital_2021,
    title = {Digital {Privacy} {Perceptions} of {Asylum} {Seekers} in {Germany} - {An} {Empirical} {Study} about {Smartphone} {Usage} during the {Flight}},
    volume = {5},
    url = {https://www.peasec.de/paper/2021/2021_SteinbrinkReichertMendeReuter_DigitalPrivacyPerceptionAsylumSeekers_CSCW.pdf},
    doi = {10.1145/3479526},
    abstract = {Since 2015, an increased number of asylum seekers is coming to Europe. These migration movements increasingly rely on digital infrastructure, such as mobile internet access and online services, in order to reach their targeted destination countries. Asylum seekers often use smartphones for information and communication purposes. Even though there are many positive aspects in the use of such technologies, researchers have to consider the perceived risks of this specific user group. This work aims at investigating the use of mobile information technologies by asylum seekers during their flight, especially taking privacy into account. Thus, it examines asylum seekers’ digital privacy perceptions and identifies privacy protection behaviors by conducting a qualitative interview study with 14 asylum seekers who applied for asylum in Germany. The results show that asylum seekers are often aware of the various risks deriving from the use of smartphones and ICT, such as surveillance and persecution by state or non-state actors as well as extortion by criminals. Based on this, this work furthermore outlines different strategies used to manage these risks. Since the lack of privacy and trust leads to avoidance behavior, the insights of this study provide valuable information for the design of assistance apps and collaboration platforms, which appropriately address the specific needs for digital privacy in the context of flight, or for the conception of privacy-enhancing technologies helping to achieve this.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Steinbrink, Enno and Reichert, Lilian and Mende, Michelle and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-ATHENE-FANCY, AuswahlUsableSec, Projekt-GRKPrivacy},
    }

  • Maike Wäscher, Siemer Denise, Stefka Schmid, Julia Karl (2021)
    Polizei, Protest und Pandemie in Frankfurt am Main
    In: Redaktion CoronaMonitor: Corona und Gesellschaft: Soziale Kämpfe in der Pandemie. Wien: Mandelbaum Verlag, , 165–186.
    [BibTeX] [Abstract] [Download PDF]

    Unser Beitrag beleuchtet das Polizieren von Protesten seit Beginn der COVID-19-Pandemie in Frankfurt am Main. Aus der Perspektive materialistischer Staatskritik argumentieren wir erstens, dass die Auflösung der Seebrücken-Demonstration durch die Frankfurter Polizei im April 2020 als ein kurzes Aufblitzen und Einüben des Ausnahmestaats im Normalstaat zu verstehen ist, bei dem die Polizei ihren erweiterten Ermessenspielraum ausreizte. Zweitens ließ sich in den darauffolgenden Wochen beobachten, dass die rechten sogenannten „Hygienedemos“ weniger repressiv als progressive Versammlungen poliziert wurden. Dies führen wir auf die extremismusideologische behördliche Deutung der Proteste zurück, die nicht nur blind ist für Autoritarismus durch Staatsapparate, sondern damit einhergehend systematisch die extreme Rechte verharmlost.

    @incollection{wascher_polizei_2021,
    address = {Wien},
    title = {Polizei, {Protest} und {Pandemie} in {Frankfurt} am {Main}},
    isbn = {978-3-85476-911-8},
    url = {https://peasec.de/paper/2021/2021_WäscherSiemerSchmidKarl_PolizeiProtestPandemieFrankfurt_CoronaGesellschaft_Mandelbaum.pdf},
    abstract = {Unser Beitrag beleuchtet das Polizieren von Protesten seit Beginn der COVID-19-Pandemie in Frankfurt am Main. Aus der Perspektive materialistischer Staatskritik argumentieren wir erstens, dass die Auflösung der Seebrücken-Demonstration durch die Frankfurter Polizei im April 2020 als ein kurzes Aufblitzen und Einüben des Ausnahmestaats im Normalstaat zu verstehen ist, bei dem die Polizei ihren erweiterten Ermessenspielraum ausreizte. Zweitens ließ sich in den darauffolgenden Wochen beobachten, dass die rechten sogenannten „Hygienedemos“ weniger repressiv als progressive Versammlungen poliziert wurden. Dies führen wir auf die extremismusideologische behördliche Deutung der Proteste zurück, die nicht nur blind ist für Autoritarismus durch Staatsapparate, sondern damit einhergehend systematisch die extreme Rechte verharmlost.},
    booktitle = {Corona und {Gesellschaft}: {Soziale} {Kämpfe} in der {Pandemie}},
    publisher = {Mandelbaum Verlag},
    author = {Wäscher, Maike and Siemer, Denise, and Schmid, Stefka and Karl, Julia},
    editor = {Redaktion Corona-Monitor},
    year = {2021},
    keywords = {Crisis},
    pages = {165--186},
    }

    2020

  • Steffen Haesler, Stefka Schmid, Christian Reuter (2020)
    Crisis Volunteering Nerds: Three Months After COVID-19 Hackathon \#WirVsVirus
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424584
    [BibTeX] [Abstract] [Download PDF]

    The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.

    @inproceedings{haesler_crisis_2020,
    title = {Crisis {Volunteering} {Nerds}: {Three} {Months} {After} {COVID}-19 {Hackathon} \#{WirVsVirus}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424584},
    doi = {10.1145/3406324.3424584},
    abstract = {The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    publisher = {ACM},
    author = {Haesler, Steffen and Schmid, Stefka and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--56},
    }

  • Jasmin Haunschild, Christian Reuter, Marc-André Kaufhold (2020)
    Crisis informatics insights for peace operations
    TECHNOPOPS: 2020.
    [BibTeX] [Abstract] [Download PDF]

    Crisis Informatics – a field combining computing and social science to make visible and support the creative ways in which humans use information and communication technology (ICT) to respond to crises – has made many contributions in the areas of rapid crisis management. Interactive technologies such as social media platforms or emergency apps connect and empower individuals, first responders and volunteers. In a previously published review, we show that for almost 20 years, studies have analyzed ICT in natural and man-made disasters, revealing that ICT enable new modes of communication among authorities and citizens. In this contribution, we relate crisis informatics insights concerning the involvement of citizens to peace operations and community engagement.

    @techreport{haunschild_crisis_2020,
    address = {TECHNOPOPS},
    title = {Crisis informatics insights for peace operations},
    url = {http://www.peasec.de/paper/2020/2020_HaunschuldReuterKaufhold_CrisisInformaticsPeaceOperations_TECHPOPS.pdf},
    abstract = {Crisis Informatics – a field combining computing and social science to make visible and support the creative ways in which humans use information and communication technology (ICT) to respond to crises – has made many contributions in the areas of rapid crisis management. Interactive technologies such as social media platforms or emergency apps connect and empower individuals, first responders and volunteers. In a previously published review, we show that for almost 20 years, studies have analyzed ICT in natural and man-made disasters, revealing that ICT enable new modes of communication among authorities and citizens. In this contribution, we relate crisis informatics insights concerning the involvement of citizens to peace operations and community engagement.},
    author = {Haunschild, Jasmin and Reuter, Christian and Kaufhold, Marc-André},
    year = {2020},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2020)
    Sticking with Landlines? Citizens‘ and Police Social Media Use and Expectation During Emergencies
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) (Best Paper Social Impact Award) Potsdam, Germany. doi:10.30844/wi_2020_o2-haunschild
    [BibTeX] [Abstract] [Download PDF]

    Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens‘ perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens‘ perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services‘ social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.

    @inproceedings{haunschild_sticking_2020,
    address = {Potsdam, Germany},
    title = {Sticking with {Landlines}? {Citizens}' and {Police} {Social} {Media} {Use} and {Expectation} {During} {Emergencies}},
    url = {http://www.peasec.de/paper/2020/2020_HaunschildKaufholdReuter_SocialMediaPoliceSurvey_WI.pdf},
    doi = {10.30844/wi_2020_o2-haunschild},
    abstract = {Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens' perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens' perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services' social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI}) ({Best} {Paper} {Social} {Impact} {Award})},
    publisher = {AIS Electronic Library (AISel)},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, Ranking-CORE-C, Ranking-VHB-C, Ranking-WKWI-A, Projekt-MAKI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--16},
    }

  • Franziska Herbert, Gina Maria Schmidbauer-Wolf,