PEASEC 2024: A Year in Review: 4 completed PhDs, 9 awards, 1 new lecture

@article{riebe_envisioning_2024,
title = {Envisioning {Human}-{Machine} {Interaction} in {Future} {Warfare}: {Defence} {Industry} {Narratives} on {Human} {Control} of {Autonomous} {Weapon} {Systems}},
url = {https://doi.org/10.1080/13600826.2024.2436966},
doi = {10.1080/13600826.2024.2436966},
abstract = {The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.},
journal = {Global Society},
author = {Riebe, Thea and Gonsior, Anja-Liisa and Reichert, Lilian and Reuter, Christian},
year = {2024},
keywords = {HCI, Peace, Projekt-TraCe, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-CyAware, Student},
}

@article{demuth_support_2024,
title = {Support {Personas}: {A} {Concept} for {Tailored} {Support} of {Users} of {Privacy}-{Enhancing} {Technologies}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0142.pdf},
doi = {https://doi.org/10.56553/popets-2024-0142},
abstract = {In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Demuth, Kilian and Linsner, Sebastian and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING},
pages = {797--817},
}

@article{putz_sounds_2024,
title = {Sounds {Good}? {Fast} and {Secure} {Contact} {Exchange} in {Groups}},
volume = {8},
url = {https://dl.acm.org/doi/10.1145/3686964},
doi = {10.1145/3686964},
abstract = {Trustworthy digital communication requires the secure exchange of contact information, but current approaches lack usability and scalability for larger groups of users. We evaluate the usability of two secure contact exchange systems: the current state of the art, SafeSlinger, and our newly designed protocol, PairSonic, which extends trust from physical encounters to spontaneous online communication. Our lab study (N=45) demonstrates PairSonic's superior usability, automating the tedious verification tasks from previous approaches via an acoustic out-of-band channel. Although participants significantly preferred our system, minimizing user effort surprisingly decreased the perceived security for some users, who associated security with complexity. We discuss user perceptions of the different protocol components and identify remaining usability barriers for CSCW application scenarios.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing (Best Paper Award)},
author = {Putz, Florentin and Haesler, Steffen and Hollick, Matthias},
year = {2024},
keywords = {HCI, Projekt-emergenCITY, A-Paper, Ranking-CORE-A, Security, UsableSec},
}

@article{linsner_building_2024,
title = {Building {Trust} in {Remote} {Attestation} {Through} {Transparency} – {A} {Qualitative} {User} {Study} on {Observable} {Attestation}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2374889},
doi = {10.1080/0144929X.2024.2374889},
abstract = {Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Linsner, Sebastian and Demuth, Kilian and Surminski, Sebastian and Davi, Lucas and Reuter, Christian},
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {A-Paper, Ranking-ImpactFactor, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING},
pages = {1--21},
}

@article{steinbrink_impact_2024,
title = {The {Impact} of {Transparency} and {Trust} on {User} {Acceptance} of {Contact} {Tracing} {Apps}: {Implications} for the {Adoption} of {Crisis} {Response} {Apps}},
issn = {2212-4209},
url = {https://www.sciencedirect.com/science/article/pii/S2212420924004230},
doi = {10.1016/j.ijdrr.2024.104661},
abstract = {Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.},
journal = {International Journal of Disaster Risk Reduction},
author = {Steinbrink, Enno and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor, Projekt-GRKPrivacy, Projekt-ATHENE-PriVis},
pages = {104661},
}

@article{linsner_decision-based_2024,
title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0113.php},
doi = {10.56553/popets-2024-0113},
abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING, Selected},
}

@article{bayer_cysecbert_2024,
title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
volume = {27},
issn = {2471-2566},
url = {https://peasec.de/paper/2024/2024_BayerKuehnShanesazReuter_CySecBERT_TOPS.pdf},
doi = {10.1145/3652594},
abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
number = {2},
journal = {ACM Transactions on Privacy and Security (TOPS)},
author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
month = apr,
year = {2024},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-ATHENE-CyAware, Student, Security, UsableSec, Projekt-CYLENCE, Projekt-CYWARN},
}

@article{schmid_trust_2024,
title = {Trust in {Artificial} {Intelligence}: {Producing} {Ontological} {Security} through {Governmental} {Visions}},
url = {https://doi.org/10.1177/00108367241288073},
doi = {10.1177/00108367241288073},
abstract = {With developments in Artificial Intelligence widely framed as security concern in both military and civilian realms, governments have turned their attention to regulating and governing AI. In a study of US, Chinese, and EU AI documents, we go beyond instrumental understandings of AI as a technological capability, which serves states' self-interests and the maintenance of their (supra)national security. Our specific interest lies in how AI policies tap into both problem-solving approaches and affective registers to achieve both physical as well as ontological security. We find that in governmental visions, AI is perceived as a capability that enhances societal, and geopolitical interests while its risks are framed as manageable. This echoes strands within Human-Computer Interaction that draw on human-centered perceptions of technology and assumptions about human-AI relationships of trust. Despite different cultural and institutional settings, the visions of future AI development are shaped by this (shared) understanding of human-AI interaction, offering common ground in the navigation of innovation policies.},
journal = {Cooperation and Conflict},
author = {Schmid, Stefka and Pham, Bao-Chau and Ferl, Anna-Katharina},
year = {2024},
keywords = {Peace, Projekt-TraCe, A-Paper, Ranking-ImpactFactor, AuswahlPeace},
}

@article{kuntke_geobox_2024,
title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
volume = {43},
issn = {0144-929X},
url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
doi = {10.1080/0144929X.2023.2185747},
abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
number = {4},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
month = mar,
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Security, UsableSec, Projekt-AgriRegio, Projekt-GeoBox, Selected, AuswahlUsableSec},
pages = {764--786},
}

@article{hartwig_landscape_2024,
title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
volume = {56},
issn = {0360-0300},
url = {https://peasec.de/paper/2024/2024_HartwigDoellReuter_LandscapeUserCentredMisinfoInterventions_CSUR.pdf},
doi = {10.1145/3674724},
abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
number = {11},
journal = {ACM Computing Surveys (CSUR)},
author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
month = jul,
year = {2024},
keywords = {HCI, Peace, Projekt-NEBULA, A-Paper, Ranking-ImpactFactor, Student, Selected, Ranking-CORE-A*},
}

@article{hartwig_misleading_2024,
title = {Misleading {Information} in {Crises}: {Exploring} {Content}-specific {Indicators} on {Twitter} from a {User} {Perspective}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2373166},
doi = {10.1080/0144929X.2024.2373166},
abstract = {Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information,
emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This
work investigates how content-specific user-centered indicators can contribute to an informed approach to
misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German
tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm)
characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators
users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants
qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While
a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth
and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for
people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in
dealing with misleading information, especially during crises.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Schmid, Stefka and Biselli, Tom and Pleil, Helene and Reuter, Christian},
year = {2024},
keywords = {Crisis, HCI, Projekt-NEBULA, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-ATHENE-PriVis},
pages = {1--34},
}

@article{biselli_supporting_2024,
title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
doi = {https://doi.org/10.56553/popets-2024-0011},
abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Student, Security, UsableSec, Projekt-CROSSING, Selected, AuswahlUsableSec},
pages = {171--191},
}

@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {979-8-4007-0330-0},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Projekt-ATHENE-CyAware, Security, UsableSec, Projekt-CYLENCE, Projekt-CYWARN, Selected, AuswahlUsableSec, Ranking-CORE-A*, AuswahlKaufhold},
}

@inproceedings{hartwig_adolescents_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
isbn = {979-8-4007-0330-0},
url = {https://peasec.de/paper/2024/2024_HartwigBiselliSchneiderReuter_MisinfoTikTok_CHI.pdf},
doi = {10.1145/3613904.3642264},
abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {HCI, Projekt-NEBULA, A-Paper, Security, UsableSec, Projekt-ATHENE-PriVis, AuswahlCrisis, Selected, Ranking-CORE-A*},
}

@inproceedings{guntrum_keyboard_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {Keyboard {Fighters}: {The} {Use} of {ICTs} by {Activists} in {Times} of {Military} {Coup} in {Myanmar}},
isbn = {979-8-4007-0330-0},
url = {https://doi.org/10.1145/3613904.3642279},
doi = {10.1145/3613904.3642279},
abstract = {Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.},
booktitle = {Proceedings of the {CHI} {Conference} on {Human} {Factors} in {Computing} {Systems}},
publisher = {Association for Computing Machinery},
author = {Guntrum, Laura},
year = {2024},
keywords = {HCI, Peace, Projekt-TraCe, A-Paper, Projekt-ATHENE, Selected, Ranking-CORE-A*},
}

@article{schmid_digital_2024,
title = {Digital {Resilience} in {Dealing} with {Misinformation} on {Social} {Media} during {COVID}-19: {A} {Web} {Application} to {Assist} {Users} in {Crises}},
volume = {26},
issn = {1572-9419},
url = {https://doi.org/10.1007/s10796-022-10347-5},
doi = {10.1007/s10796-022-10347-5},
abstract = {In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.},
number = {2},
journal = {Information Systems Frontiers (ISF)},
author = {Schmid, Stefka and Hartwig, Katrin and Cieslinski, Robert and Reuter, Christian},
month = apr,
year = {2024},
keywords = {Crisis, Projekt-NEBULA, Projekt-TraCe, A-Paper, Student},
pages = {477--499},
}

@article{hartwig_navigating_2024-1,
title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
issn = {1944-4079},
url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
doi = {10.1002/rhc3.12296},
abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
year = {2024},
note = {Publisher: John Wiley \& Sons, Ltd},
keywords = {Crisis, HCI, Projekt-NEBULA, A-Paper, Ranking-ImpactFactor, SocialMedia, Student, UsableSec, Projekt-ATHENE, Projekt-CYLENCE, Cyberwar},
}

@article{hartwig_landscape_2024,
title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
volume = {56},
issn = {0360-0300},
url = {https://peasec.de/paper/2024/2024_HartwigDoellReuter_LandscapeUserCentredMisinfoInterventions_CSUR.pdf},
doi = {10.1145/3674724},
abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
number = {11},
journal = {ACM Computing Surveys (CSUR)},
author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
month = jul,
year = {2024},
keywords = {HCI, Peace, Projekt-NEBULA, A-Paper, Ranking-ImpactFactor, Student, Selected, Ranking-CORE-A*},
}

@article{gonsior_intersektionale_2024,
title = {Die intersektionale {Perspektive} auf letale autonome {Waffensysteme}: {Eine} {Analyse} der {Diskurse} innerhalb der {UN}-{Waffenkonvention}},
issn = {1866-2196},
url = {https://doi.org/10.1007/s12399-024-00999-3},
doi = {10.1007/s12399-024-00999-3},
abstract = {Die Entwicklung letaler (teil)autonomer Waffensysteme (LAWS) gewinnt zunehmend an Bedeutung. Seit 2013 wird das Thema innerhalb der UN Convention on Certain Conventional Weapons zwischen Mitgliedsstaaten, Zivilgesellschaft und Fachexpert*innen diskutiert. Während sich die Debatte zu Beginn stark mit definitorischen Fragen von LAWS auseinandersetzte, so dominieren im Forum derzeit technische und rechtliche Fragen, was sich auch im entsprechenden wissenschaftlichen Diskurs widerspiegelt. Andererseits haben auch zivilgesellschaftliche Akteure den Verhandlungsprozess wesentlich beeinflusst, nicht zuletzt die Campaign to Stop Killer Robots, welche an der Initiierung des Verhandlungsrahmens maßgeblich beteiligt war. Einer der zentralen Argumentationsstränge dieser zivilgesellschaftlichen Akteure konzentriert sich auf eine intersektionale Perspektive, die unter anderem auf Bias in Technologien und Anwendungen aufmerksam macht, und versucht, diese Perspektiven in die GGE zu LAWS einzubringen und zu stärken. Die Analyse von 51 UN-Dokumenten und Gespräche mit Expert*innen zeigen, dass – im Hinblick auf Intersektionalität – insbesondere die Konzepte Gender und Race in den GGE-Diskussionen berücksichtigt werden, wenn auch nur mit geringem Gewicht. NGOs konnten jedoch die Gesamtdebatte beeinflussen und neue Themen einbringen, indem sie an etabliertere Diskurse in der Debatte anknüpften, wie z. B. an rechtliche oder technische Diskurse.},
journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
author = {Gonsior, Anja-Liisa},
month = jul,
year = {2024},
keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-CyAware},
}

@article{haunschild_understanding_2024,
title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
volume = {21},
url = {https://ojs.iscram.org/index.php/Proceedings/article/view/19},
abstract = {In disasters and crises, crisis preparation at the household level is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey in Germany on resource-oriented crisis preparedness and participants’ values, a group of more prepared and less prepared individuals was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. A quantitative analysis revealed a significant association between the value of benevolence and higher preparedness. Follow-up interviews (N=30) explored participants\&\#039; beliefs and norms, showing minimal group differences. Although crisis preparedness is generally viewed positively, strong negativity exists towards perceived “hoarders”. The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing intervention that can trigger benevolence to foster preparedness and appeal to the social benefits to counter the narrative of anti-social crisis preparedness.},
urldate = {2024-05-27},
journal = {Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) (Best Paper Award)},
author = {Haunschild, Jasmin and Burger, Felix and Reuter, Christian},
month = may,
year = {2024},
note = {Section: ISCRAM Proceedings},
keywords = {Crisis, Projekt-emergenCITY, Student, Projekt-ATHENE-SecUrban},
}

@article{schmid_digital_2024,
title = {Digital {Resilience} in {Dealing} with {Misinformation} on {Social} {Media} during {COVID}-19: {A} {Web} {Application} to {Assist} {Users} in {Crises}},
volume = {26},
issn = {1572-9419},
url = {https://doi.org/10.1007/s10796-022-10347-5},
doi = {10.1007/s10796-022-10347-5},
abstract = {In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.},
number = {2},
journal = {Information Systems Frontiers (ISF)},
author = {Schmid, Stefka and Hartwig, Katrin and Cieslinski, Robert and Reuter, Christian},
month = apr,
year = {2024},
keywords = {Crisis, Projekt-NEBULA, Projekt-TraCe, A-Paper, Student},
pages = {477--499},
}

@article{riebe_envisioning_2024,
title = {Envisioning {Human}-{Machine} {Interaction} in {Future} {Warfare}: {Defence} {Industry} {Narratives} on {Human} {Control} of {Autonomous} {Weapon} {Systems}},
url = {https://doi.org/10.1080/13600826.2024.2436966},
doi = {10.1080/13600826.2024.2436966},
abstract = {The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.},
journal = {Global Society},
author = {Riebe, Thea and Gonsior, Anja-Liisa and Reichert, Lilian and Reuter, Christian},
year = {2024},
keywords = {HCI, Peace, Projekt-TraCe, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-CyAware, Student},
}

@article{demuth_support_2024,
title = {Support {Personas}: {A} {Concept} for {Tailored} {Support} of {Users} of {Privacy}-{Enhancing} {Technologies}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0142.pdf},
doi = {https://doi.org/10.56553/popets-2024-0142},
abstract = {In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Demuth, Kilian and Linsner, Sebastian and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING},
pages = {797--817},
}

@article{bayer_activellm_2024,
title = {{ActiveLLM}: {Large} {Language} {Model}-based {Active} {Learning} for {Textual} {Few}-{Shot} {Scenarios}},
url = {https://arxiv.org/pdf/2405.10808},
doi = {10.48550/arXiv.2405.10808},
abstract = {Active learning is designed to minimize annotation efforts by prioritizing instances that most enhance learning. However, many active learning strategies struggle with a 'cold start' problem, needing substantial initial data to be effective. This limitation often reduces their utility for pre-trained models, which already perform well in few-shot scenarios. To address this, we introduce ActiveLLM, a novel active learning approach that leverages large language models such as GPT-4, Llama 3, and Mistral Large for selecting instances. We demonstrate that ActiveLLM significantly enhances the classification performance of BERT classifiers in few-shot scenarios, outperforming both traditional active learning methods and the few-shot learning method SetFit. Additionally, ActiveLLM can be extended to non-few-shot scenarios, allowing for iterative selections. In this way, ActiveLLM can even help other active learning strategies to overcome their cold start problem. Our results suggest that ActiveLLM offers a promising solution for improving model performance across various learning setups.},
journal = {arXiv},
author = {Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {Projekt-ATHENE-CyAware, Security, UsableSec, Projekt-CYLENCE},
}

@article{putz_sounds_2024,
title = {Sounds {Good}? {Fast} and {Secure} {Contact} {Exchange} in {Groups}},
volume = {8},
url = {https://dl.acm.org/doi/10.1145/3686964},
doi = {10.1145/3686964},
abstract = {Trustworthy digital communication requires the secure exchange of contact information, but current approaches lack usability and scalability for larger groups of users. We evaluate the usability of two secure contact exchange systems: the current state of the art, SafeSlinger, and our newly designed protocol, PairSonic, which extends trust from physical encounters to spontaneous online communication. Our lab study (N=45) demonstrates PairSonic's superior usability, automating the tedious verification tasks from previous approaches via an acoustic out-of-band channel. Although participants significantly preferred our system, minimizing user effort surprisingly decreased the perceived security for some users, who associated security with complexity. We discuss user perceptions of the different protocol components and identify remaining usability barriers for CSCW application scenarios.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing (Best Paper Award)},
author = {Putz, Florentin and Haesler, Steffen and Hollick, Matthias},
year = {2024},
keywords = {HCI, Projekt-emergenCITY, A-Paper, Ranking-CORE-A, Security, UsableSec},
}

@article{kuehn_navigating_2024,
title = {Navigating the {Shadows}: {Manual} and {Semi}-{Automated} {Evaluation} of the {Dark} {Web} for {Cyber} {Threat} {Intelligence}},
volume = {12},
issn = {2169-3536},
shorttitle = {Navigating the {Shadows}},
url = {https://ieeexplore.ieee.org/document/10643518},
doi = {10.1109/ACCESS.2024.3448247},
abstract = {In today’s world, cyber-attacks are becoming more frequent and thus proactive protection against them is becoming more important. Cyber Threat Intelligence (CTI) is a possible solution, as it collects threat information in various information sources and derives stakeholder intelligence to protect one’s infrastructure. The current focus of CTI in research is the clear web, but the dark web may contain further information. To further advance protection, this work analyzes the dark web as Open Source Intelligence (OSINT) data source to complement current CTI information. The underlying assumption is that hackers use the dark web to exchange, develop, and share information and assets. This work aims to understand the structure of the dark web and identify the amount of its openly available CTI related information. We conducted a comprehensive literature review for dark web research and CTI. To follow this up we manually investigated and analyzed 65 dark web forum (DWF), 7 single-vendor shops, and 72 dark web marketplace (DWM). We documented the content and relevance of DWFs and DWMs for CTI, as well as challenges during the extraction and provide mitigations. During our investigation we identified IT security relevant information in both DWFs and DWMs, ranging from malware toolboxes to hacking-as-a-service. One of the most present challenges during our manual analysis were necessary interactions to access information and anti-crawling measures, i.e., CAPTCHAs. This analysis showed 88\% of marketplaces and 53\% of forums contained relevant data. Our complementary semi-automated analysis of 1,186,906 onion addresses indicates, that the necessary interaction makes it difficult to see the dark web as an open, but rather treat it as specialized information source, when clear web information does not suffice.},
journal = {IEEE Access},
author = {Kuehn, Philipp and Wittorf, Kyra and Reuter, Christian},
year = {2024},
keywords = {Ranking-CORE-A, Ranking-ImpactFactor, Student, Security, UsableSec, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
pages = {118903--118922},
}

@article{linsner_building_2024,
title = {Building {Trust} in {Remote} {Attestation} {Through} {Transparency} – {A} {Qualitative} {User} {Study} on {Observable} {Attestation}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2374889},
doi = {10.1080/0144929X.2024.2374889},
abstract = {Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Linsner, Sebastian and Demuth, Kilian and Surminski, Sebastian and Davi, Lucas and Reuter, Christian},
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {A-Paper, Ranking-ImpactFactor, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING},
pages = {1--21},
}

@article{steinbrink_impact_2024,
title = {The {Impact} of {Transparency} and {Trust} on {User} {Acceptance} of {Contact} {Tracing} {Apps}: {Implications} for the {Adoption} of {Crisis} {Response} {Apps}},
issn = {2212-4209},
url = {https://www.sciencedirect.com/science/article/pii/S2212420924004230},
doi = {10.1016/j.ijdrr.2024.104661},
abstract = {Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.},
journal = {International Journal of Disaster Risk Reduction},
author = {Steinbrink, Enno and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor, Projekt-GRKPrivacy, Projekt-ATHENE-PriVis},
pages = {104661},
}

@article{linsner_decision-based_2024,
title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0113.php},
doi = {10.56553/popets-2024-0113},
abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING, Selected},
}

@article{guntrum_navigating_2024,
title = {Navigating the {Pandemic} through {Technology}: {Colombian} {NGOs} {Promoting} {Peace} during the {COVID}-19 era},
url = {https://peasec.de/paper/2024/2024_GuntrumCerrilloReuter_NavigatingPanedemicThroughTechnology_PeaceDev.pdf},
doi = {10.1177/15423166241293856},
abstract = {This article examines how Colombian NGOs use Information and Communication Technologies (ICTs) for peacebuilding attempts amid the COVID-19 pandemic. Drawing from 17 interviews with NGO members, the study underscores the pivotal role of digital peacebuilding in sustaining and expanding peace attempts, effective data management, and a broader engagement of target groups beyond in-person activities often associated with safety and financial concerns. The findings also identify prevailing challenges of incorporating ICTs in NGO's peacebuilding activities, ranging from privacy-related concerns to connectivity issues. The article points out the potential for NGOs to enhance interactivity, knowledge transfer, and to diversify their activities, including IT-security training and awareness campaigns on hate speech and propaganda. It also emphasizes the importance of developing risk reduction strategies tailored to the specific needs of different target groups.},
journal = {Peacebuilding \& Development},
author = {Guntrum, Laura and Cerrillo, Sofía and Reuter, Christian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Student},
}

@article{bayer_cysecbert_2024,
title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
volume = {27},
issn = {2471-2566},
url = {https://peasec.de/paper/2024/2024_BayerKuehnShanesazReuter_CySecBERT_TOPS.pdf},
doi = {10.1145/3652594},
abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
number = {2},
journal = {ACM Transactions on Privacy and Security (TOPS)},
author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
month = apr,
year = {2024},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-ATHENE-CyAware, Student, Security, UsableSec, Projekt-CYLENCE, Projekt-CYWARN},
}

@article{schmid_trust_2024,
title = {Trust in {Artificial} {Intelligence}: {Producing} {Ontological} {Security} through {Governmental} {Visions}},
url = {https://doi.org/10.1177/00108367241288073},
doi = {10.1177/00108367241288073},
abstract = {With developments in Artificial Intelligence widely framed as security concern in both military and civilian realms, governments have turned their attention to regulating and governing AI. In a study of US, Chinese, and EU AI documents, we go beyond instrumental understandings of AI as a technological capability, which serves states' self-interests and the maintenance of their (supra)national security. Our specific interest lies in how AI policies tap into both problem-solving approaches and affective registers to achieve both physical as well as ontological security. We find that in governmental visions, AI is perceived as a capability that enhances societal, and geopolitical interests while its risks are framed as manageable. This echoes strands within Human-Computer Interaction that draw on human-centered perceptions of technology and assumptions about human-AI relationships of trust. Despite different cultural and institutional settings, the visions of future AI development are shaped by this (shared) understanding of human-AI interaction, offering common ground in the navigation of innovation policies.},
journal = {Cooperation and Conflict},
author = {Schmid, Stefka and Pham, Bao-Chau and Ferl, Anna-Katharina},
year = {2024},
keywords = {Peace, Projekt-TraCe, A-Paper, Ranking-ImpactFactor, AuswahlPeace},
}

@article{kuntke_geobox_2024,
title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
volume = {43},
issn = {0144-929X},
url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
doi = {10.1080/0144929X.2023.2185747},
abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
number = {4},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
month = mar,
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Security, UsableSec, Projekt-AgriRegio, Projekt-GeoBox, Selected, AuswahlUsableSec},
pages = {764--786},
}

@article{crawford_ethical_2024,
title = {Ethical research in the {German} social sciences: {Exploring} the significance and challenges of institutionalized research ethics practices},
issn = {1747-0161},
url = {https://doi.org/10.1177/17470161241270787},
doi = {10.1177/17470161241270787},
abstract = {This article explores two key facets of institutionalized ethical review processes in Germany: (1) their importance in shaping ethical research and (2) their associated challenges, with a specific focus on their implications within the social sciences. Ethical considerations play a pivotal role in (social science) research, safeguarding, amongst others, the rights and well-being of participants and ensuring research integrity. Despite notable progress in promoting research ethics, German research institutions still need to significantly improve their ethics review processes. To address these challenges, this article emphasizes the need for expanding the current management of research ethics and implementing what we call ?Institutionalized Research Ethics Practices?? (IREPs), which include but go beyond the scope of common Institutional Review Boards (IRBs). Drawing on two workshops with researchers and IRB members, and a systematic review of existing IRBs in the German social sciences, we propose concrete recommendations for developing and enhancing IREPs, including a conducive environment, accessibility, fairness, and fostering expertise (CAFE). These enhancements aim to strengthen Germany?s research ethics infrastructure and promote responsible and ethical research practices in the social sciences.},
urldate = {2024-08-19},
journal = {Research Ethics},
author = {Crawford, Andrew and Fichtner, Laura and Guntrum, Laura and Jänsch, Stephanie and Krösche, Niklas and Soulier, Eloïse and Süß, Clara-Auguste},
month = aug,
year = {2024},
note = {Publisher: SAGE Publications Ltd},
keywords = {Peace, Ranking-ImpactFactor},
pages = {17470161241270787},
annote = {doi: 10.1177/17470161241270787},
}

@article{hartwig_misleading_2024,
title = {Misleading {Information} in {Crises}: {Exploring} {Content}-specific {Indicators} on {Twitter} from a {User} {Perspective}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2373166},
doi = {10.1080/0144929X.2024.2373166},
abstract = {Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information,
emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This
work investigates how content-specific user-centered indicators can contribute to an informed approach to
misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German
tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm)
characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators
users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants
qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While
a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth
and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for
people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in
dealing with misleading information, especially during crises.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Schmid, Stefka and Biselli, Tom and Pleil, Helene and Reuter, Christian},
year = {2024},
keywords = {Crisis, HCI, Projekt-NEBULA, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-ATHENE-PriVis},
pages = {1--34},
}

@article{kaufhold_exploring_2024,
title = {Exploring the evolving landscape of human-centred crisis informatics: current challenges and future trends},
volume = {23},
issn = {2196-6826},
url = {https://doi.org/10.1515/icom-2024-0002},
doi = {10.1515/icom-2024-0002},
abstract = {Modern Information and Communication Technology (ICT) has been used in safety-critical situations for over twenty years. Rooted in Human-Computer Interaction (HCI) and related disciplines, the field of crisis informatics made considerable efforts to investigate social media use and role patterns in crises, facilitate the collection, processing and refinement of social media data, design and evaluate supportive ICT, and provide cumulative and longitudinal research. This narrative review examines contemporary challenges of human-centred crisis informatics and envision trends for the following decade, including (I) a broadening scope of crisis informatics, (II) the professionalisation of cross-platform collaboration of citizen communities and emergency services, (III) expert interfaces for explainable and multimodal artificial intelligence for user-generated content assessment, (IV) internet of things and mobile apps for bidirectional communication and warnings in disruption-tolerant networks, as well as (V) digital twins and virtual reality for the effective training of multi-agency collaboration in hybrid hazards.},
number = {2},
journal = {i-com - Journal of Interactive Media},
author = {Kaufhold, Marc-André},
year = {2024},
keywords = {Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-CyAware, Projekt-CYLENCE, AuswahlCrisis},
pages = {155--163},
}

@article{biselli_supporting_2024,
title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
doi = {https://doi.org/10.56553/popets-2024-0011},
abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Ranking-CORE-A, Student, Security, UsableSec, Projekt-CROSSING, Selected, AuswahlUsableSec},
pages = {171--191},
}

@article{haunschild_towards_2024,
title = {Towards a {Digitally} {Mediated} {Transitional} {Justice} {Process}? {An} {Analysis} of {Colombian} {Transitional} {Justice} {Organisations}’ {Posting} {Behaviour} on {Facebook}},
volume = {30},
issn = {1082-7307},
url = {https://nsuworks.nova.edu/pcs/vol30/iss2/4/},
abstract = {In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.},
number = {2},
journal = {Peace and Conflict Studies},
author = {Haunschild, Jasmin and Guntrum, Laura and Cerrillo, Sofía and Bujara, Franziska and Reuter, Christian},
year = {2024},
keywords = {Peace, SocialMedia, Student, Projekt-ATHENE-SecUrban},
}

@article{hartwig_navigating_2024-1,
title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
issn = {1944-4079},
url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
doi = {10.1002/rhc3.12296},
abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
year = {2024},
note = {Publisher: John Wiley \& Sons, Ltd},
keywords = {Crisis, HCI, Projekt-NEBULA, A-Paper, Ranking-ImpactFactor, SocialMedia, Student, UsableSec, Projekt-ATHENE, Projekt-CYLENCE, Cyberwar},
}

@book{reuter_information_2024,
address = {Wiesbaden, Germany},
edition = {2},
title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
isbn = {978-3-658-44809-7},
url = {https://doi.org/10.1007/978-3-658-44810-3},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT) and artificial intelligence (AI), plays a crucial role regarding questions of peace and security. This textbook, extended and updated in its second edition, addresses the significance, potential of IT, as well as the challenges it poses, with regard to peace and security.
It introduces the reader to the concepts of peace, conflict, and security research, especially focusing on natural, technical and computer science perspectives. In the following sections, it sheds light on cyber conflicts, war and peace, cyber arms control, cyber attribution, infrastructures, artificial intelligence, as well ICT in peace and conflict.},
publisher = {Springer Vieweg},
author = {Reuter, Christian},
year = {2024},
keywords = {Peace, Projekt-TraCe, AuswahlPeace, Security, Projekt-CROSSING, Selected, Infrastructure, Cyberwar},
}

@book{kuntke_resilient_2024,
address = {Wiesbaden, Germany},
title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
isbn = {978-3-658-44156-2},
shorttitle = {Resilient {Smart} {Farming}},
url = {https://link.springer.com/book/10.1007/978-3-658-44157-9},
abstract = {Like many sectors, agriculture is experiencing a continuous digitalization, i.e. an increase in data-driven technologies used. In contrast to companies of other critical infrastructures – e.g. energy or telecommunication – a typical farm is comparatively small and often run as a family business.
Accordingly, the demands on farming technology, its implementation, and regulations are different in many terms.
Furthermore, the circumstances that influence crisis risks and crisis management are different in agriculture – and as digitalization introduces new potential risks, this process should be reviewed critically.
Currently, the most advanced approaches for agriculture are typically referred to as smart farming and agriculture 4.0, which incorporate more precise cultivation with less manual effort.
But such new agriculture technology developments usually lack an assessment about its impact on the sector's resilience and dependencies on other infrastructures.
The research domains of crisis informatics and IT security mostly focuses on other topics, apart from agriculture.
The resilience research in agriculture itself is currently intensifying, however, this line of research focuses more on problems resulting from the climate crisis and social change.
For these reasons it remains unclear, how digitalization impacts the resilience of food production and food safety.
Therefore, it is not well researched which technological developments may lead to undesired effects in the future.
How modern systems should be designed to allow for both, positive impacts on efficiency, and prevention of negative effects in terms of reduced resilience capacities, is also not answered by current literature.
The aim of the present work is to close this research gap at the intersection of agriculture, digitalization, and resilience.
To answer the question to what extent current technologies used by farmers are at risk of failure, the dissertation first presents a snapshot of the resilience state of agricultural companies and the technologies used.
This involves interviews with stakeholders, mainly farmers, as well as surveying security issues of the LoRaWAN protocol, a transmission technology especially useful for agricultural Internet of Things.
Which desires of farmers exist regarding software focusing on aspects of business continuity and secured operations, is another open question.
This dissertation aims to also answer this question with empirical methods, mainly focus groups and usability tests.
Then the rise of Internet of Things in agriculture raises another question, whether such technologies acquired for smart farming could also have benefits for resilience against internet-connection-lost situations.
This question is answered by empirical evaluation of LoRaWAN range characteristics in agricultural landscapes, as well as artifact generation for resilient communication channels on top of LoRaWAN transmission devices.
Several findings are derived from the conducted research:
There is a lack of understanding of how strong the used tools in agriculture depend on ICT, and many tools require a working internet connection.
Moreover, IT employed by agricultural enterprises presents security concerns similar to those encountered in other domains.
Based on these findings, developments, and evaluations of new software approaches are presented:
Derived design criteria and own system designs that allow for modern data-driven business operations, including IoT integration based on LoRaWAN.
The developed solutions show an increase in resilience capacities by enhancing the communication possibilities in crisis situations.
The detected low absorption capacities against communication infrastructure outages shows room for improvement.
To improve agricultural ITs' resilience, software engineers could use the concepts and designs of this dissertation for their product development, like a modular offline-capable farm management storage that allows an exchange of small data in an autarkic manner via commodity LoRaWAN hardware.
But also technology advisors and farmers benefit from the technological analyses and suggestions embedded in this work, like using multiple LoRaWAN gateways with an overlapping coverage to mitigate security vulnerabilities.},
publisher = {Springer Vieweg},
author = {Kuntke, Franz},
year = {2024},
doi = {10.1007/978-3-658-44157-9},
keywords = {Crisis, DissPublisher, HCI, Security, UsableSec, Projekt-AgriRegio, Projekt-GeoBox, RSF},
}

@book{kuntke_resilient_2024-1,
address = {Darmstadt, Germany},
title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
url = {http://tuprints.ulb.tu-darmstadt.de/26496/},
abstract = {Like many sectors, agriculture is experiencing a continuous digitalization, i.e. an increase in data-driven technologies used. In contrast to companies of other critical infrastructures – e.g. energy or telecommunication – a typical farm is comparatively small and often run as a family business.
Accordingly, the demands on farming technology, its implementation, and regulations are different in many terms.
Furthermore, the circumstances that influence crisis risks and crisis management are different in agriculture – and as digitalization introduces new potential risks, this process should be reviewed critically.
Currently, the most advanced approaches for agriculture are typically referred to as smart farming and agriculture 4.0, which incorporate more precise cultivation with less manual effort.
But such new agriculture technology developments usually lack an assessment about its impact on the sector's resilience and dependencies on other infrastructures.
The research domains of crisis informatics and IT security mostly focuses on other topics, apart from agriculture.
The resilience research in agriculture itself is currently intensifying, however, this line of research focuses more on problems resulting from the climate crisis and social change.
For these reasons it remains unclear, how digitalization impacts the resilience of food production and food safety.
Therefore, it is not well researched which technological developments may lead to undesired effects in the future.
How modern systems should be designed to allow for both, positive impacts on efficiency, and prevention of negative effects in terms of reduced resilience capacities, is also not answered by current literature.
The aim of the present work is to close this research gap at the intersection of agriculture, digitalization, and resilience.
To answer the question to what extent current technologies used by farmers are at risk of failure, the dissertation first presents a snapshot of the resilience state of agricultural companies and the technologies used.
This involves interviews with stakeholders, mainly farmers, as well as surveying security issues of the LoRaWAN protocol, a transmission technology especially useful for agricultural Internet of Things.
Which desires of farmers exist regarding software focusing on aspects of business continuity and secured operations, is another open question.
This dissertation aims to also answer this question with empirical methods, mainly focus groups and usability tests.
Then the rise of Internet of Things in agriculture raises another question, whether such technologies acquired for smart farming could also have benefits for resilience against internet-connection-lost situations.
This question is answered by empirical evaluation of LoRaWAN range characteristics in agricultural landscapes, as well as artifact generation for resilient communication channels on top of LoRaWAN transmission devices.
Several findings are derived from the conducted research:
There is a lack of understanding of how strong the used tools in agriculture depend on ICT, and many tools require a working internet connection.
Moreover, IT employed by agricultural enterprises presents security concerns similar to those encountered in other domains.
Based on these findings, developments, and evaluations of new software approaches are presented:
Derived design criteria and own system designs that allow for modern data-driven business operations, including IoT integration based on LoRaWAN.
The developed solutions show an increase in resilience capacities by enhancing the communication possibilities in crisis situations.
The detected low absorption capacities against communication infrastructure outages shows room for improvement.
To improve agricultural ITs' resilience, software engineers could use the concepts and designs of this dissertation for their product development, like a modular offline-capable farm management storage that allows an exchange of small data in an autarkic manner via commodity LoRaWAN hardware.
But also technology advisors and farmers benefit from the technological analyses and suggestions embedded in this work, like using multiple LoRaWAN gateways with an overlapping coverage to mitigate security vulnerabilities.},
publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
author = {Kuntke, Franz},
year = {2024},
doi = {10.26083/tuprints-00026496},
keywords = {Crisis, HCI, Security, UsableSec, Projekt-AgriRegio, Projekt-GeoBox, RSF, Dissertation},
}

@book{reinhold_towards_2024,
address = {Wiesbaden, Germany},
title = {Towards a {Peaceful} {Development} of {Cyberspace}: {Challenges} and {Technical} {Measures} for the {De}-{Escalation} of {State}-{Led} {Cyberconflicts} and {Arms} {Control} of {Cyberweapons}},
isbn = {978-3-658-43950-7},
url = {https://link.springer.com/book/10.1007/978-3-658-43951-4},
abstract = {Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states' security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas},
year = {2024},
doi = {10.1007/978-3-658-43951-4},
keywords = {DissPublisher, Peace, Security, Projekt-ATHENE, Projekt-CROSSING},
}

@book{haunschild_enhancing_2024,
address = {Darmstadt, Germany},
title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
author = {Haunschild, Jasmin},
year = {2024},
keywords = {Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, Dissertation},
}

@book{haesler_citizens_2024,
address = {Darmstadt, Germany},
title = {Citizens in {Crises}: {Behavior}, {Dependencies}, and {Technological} {Support} of {Digital} {Self}-{Organization}},
publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
author = {Haesler, Steffen},
year = {2024},
keywords = {Crisis, HCI, Projekt-emergenCITY, Dissertation},
}

@book{linsner_privacy_2024,
address = {Darmstadt, Germany},
title = {Privacy {Preserving} {Data} {Management} – {Assisting} {Users} in {Data} {Disclosure} {Scenarios}},
publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
author = {Linsner, Sebastian},
year = {2024},
keywords = {Security, UsableSec, Projekt-ATHENE-PriVis, Projekt-CROSSING, Dissertation},
}

@book{hartwig_navigating_2024,
address = {Darmstadt, Germany},
title = {Navigating {Misinformation}: {User}-{Centered} {Design} and {Evaluation} of {Indicator}-{Based} {Digital} {Interventions}},
publisher = {Dissertation (Dr.-Ing.), Department of Computer Science, Technische Universität Darmstadt},
author = {Hartwig, Katrin},
year = {2024},
keywords = {Crisis, HCI, Projekt-NEBULA, Dissertation},
}

@book{bayer_deep_2024,
address = {Darmstadt, Germany},
title = {Deep {Learning} in {Textual} {Low}-{Data} {Regimes} for {Cybersecurity}},
publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
author = {Bayer, Markus},
year = {2024},
keywords = {Projekt-ATHENE-CyAware, Security, Projekt-CYLENCE, Projekt-CYWARN, Dissertation},
}

@incollection{haesler_moderne_2024,
title = {Moderne {Technologien} und {Resilienz}},
isbn = {978-3-17-043720-3},
booktitle = {Resilienz und {Schockereignisse}},
publisher = {Kohlhammer},
author = {Haesler, Steffen and Reuter, Christian},
editor = {Karsten, Andreas H. and Voßschmidt, Stefan and Becker, Uwe},
year = {2024},
keywords = {Projekt-emergenCITY, Security, UsableSec},
pages = {183--190},
}

@incollection{reuter_teaching_2024,
address = {Wiesbaden, Germany},
title = {Teaching {Peace} {Informatics}: {Reflections} from {Lectures} and {Exercises}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_21},
abstract = {Conflicts in cyberspace do not longer constitute a fictional scenario of the future. To gain a better understanding of how such conflicts are carried out, interdisciplinary research and teaching building on both computer science and peace and security studies is indispensable. Even though numerous established courses and textbooks exist in some disciplines, this does not apply to their intersection. This chapter (This chapter has been published as a paper (in German): Reuter et al. (2022)) reflects on the introduction of the interdisciplinary course “Information Technology for Peace and Security” for students of Computer Science, IT Security and Information Systems at the Technical University of Darmstadt and Peace and Conflict Research at the TU Darmstadt in cooperation with Goethe University Frankfurt. The challenges and solutions of interdisciplinary teaching are presented while the importance of this type of teaching is assessed.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_21},
keywords = {Peace, Security, Infrastructure},
}

@incollection{franken_secure_2024,
address = {Wiesbaden, Germany},
title = {Secure {Critical} {Infrastructures}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_13},
abstract = {Critical infrastructures (CI) provide societies with essential goods and services. With the growing impact of digitalisation, information and communication technologies play an increasing role within these entities. Large-scale outages in many of the ten German CI sectors revealed the increasing vulnerabilities stemming from dependencies on electricity and connectivity. While the CI concept is widely used in current public debates, some inconsistencies require nuanced attention from students and researchers of CI. This chapter introduces secure critical infrastructures. It therefore provides an overview of the central characteristics, essential concepts of hierarchy, (inter-)dependency, criticality, and vulnerability to enable a coherent analysis of CI. To map out the multi-actor landscape within CI, the private, public, hybrid and civil-society stakeholders mainly shaping CI policies and discourses will be introduced.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Franken, Jonas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_13},
keywords = {Peace, Security, Infrastructure},
}

@incollection{riebe_dual-use_2024,
address = {Wiesbaden, Germany},
title = {Dual-{Use} {Information} {Technology}: {Research}, {Development} and {Governance}},
isbn = {978-3-658-25652-4},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_8},
abstract = {Dual-use of IT is relevant to many applications and technology areas: how can we prevent, control or manage the risk of misuse of IT? How can dual-use awareness and regulation help to mitigate the risks to peace and security on the national and international levels? As cyberspace has been declared a military domain, IT is increasingly important for civil and military infrastructures. How can researchers, developers and decision-makers make sure that IT is not misused to cause harm? This has been discussed as the dual-use problem for nuclear, biological and chemical technologies. This chapter introduces different dual-use concepts and illustrates by considering cryptography, intrusion software, and artificial intelligence how governance measures, including export control, are applied. Further, approaches of technology assessment, with a focus on the design process, are presented. The chapter also provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_8},
keywords = {Peace},
}

@incollection{reinhold_artificial_2024,
address = {Wiesbaden},
title = {Artificial {Intelligence} and {Cyber} {Weapons}},
isbn = {978-3-658-44810-3},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_16},
abstract = {As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter (This chapter is based on the chapter “Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control” by Thomas Reinhold and Christian Reuter, published in 2022 in “Armament, Arms Control and Artificial Intelligence: The Janus-faced Nature of Machine Learning in the Military Realm” by Thomas Reinhold and Niklas Schörnig (Editors).) will analyse this development and highlight the increasing tendency towards artificial intelligence enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyber attacks and the problems for developing arms control measures for this technology fusion. However, the chapter also ventures an outlook how artificial intelligence methods can help to mitigate these challenges if applied for arms control measures itself.},
booktitle = {Information {Technology} for {Peace} and {Security}: {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
doi = {10.1007/978-3-658-44810-3_16},
pages = {335--349},
}

@incollection{reuter_outlook_2024,
address = {Wiesbaden, Germany},
title = {Outlook: {The} {Future} of {IT} in {Peace} and {Security}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_22},
abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aal, Konstantin and Altmann, Jürgen and Bernhardt, Ute and Denker, Kai and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Reinhold, Thomas and Riebe, Thea and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schirch, Lisa and Schmid, Stefka and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_22},
keywords = {Peace, Security, Projekt-CROSSING},
}

@incollection{kaufhold_cultural_2024,
address = {Wiesbaden, Germany},
title = {Cultural {Violence} and {Peace} {Interventions} in {Social} {Media}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_18},
abstract = {Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_18},
keywords = {Crisis, HCI, Peace, SocialMedia, Projekt-CYLENCE},
}

@incollection{reinhold_verification_2024,
address = {Wiesbaden, Germany},
title = {Verification in {Cyberspace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_11},
abstract = {Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_11},
keywords = {Peace, Security, Projekt-CNTR},
}

@incollection{reuter_arms_2024,
address = {Wiesbaden},
title = {Arms {Control} and its {Applicability} to {Cyberspace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_10},
abstract = {Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.},
language = {en},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_10},
keywords = {Peace, Projekt-CNTR},
}

@incollection{reinhold_cyber_2024,
address = {Wiesbaden, Germany},
title = {From {Cyber} {War} to {Cyber} {Peace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_7},
abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_7},
keywords = {Peace, Security, Projekt-CROSSING, Cyberwar, Projekt-CNTR},
}

@incollection{reuter_peace_2024,
address = {Wiesbaden, Germany},
title = {Peace {Informatics}: {Bridging} {Peace} and {Conflict} {Studies} with {Computer} {Science}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_2},
abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Gonsior, Anja-Liisa and Riebe, Thea and Kaufhold, Marc-André},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_2},
keywords = {Peace, Security, Infrastructure},
}

@incollection{reuter_overview_2024,
address = {Wiesbaden, Germany},
title = {An {Overview} and {Introduction} to {Information} {Technology} for {Peace} and {Security}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_1},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Schmid, Stefka},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_1},
keywords = {Peace, Security, Projekt-CROSSING},
}

@incollection{jakobi_transnational_2024,
address = {Wiesbaden},
title = {Transnational organisierte {Kriminalität} und internationale {Politik}},
isbn = {978-3-658-33953-1},
url = {https://doi.org/10.1007/978-3-658-33953-1_40},
abstract = {Der Beitrag analysiert die unterschiedlichen Formen und Voraussetzungen der Bekämpfung, Verfolgung und Prävention transnational organisierter Kriminalität in der internationalen Politik. Dazu führen wir zunächst in die Definition und die Grundlagen in diesem Bereich ein, auch im Hinblick auf eine Einordnung in Debatten der Internationalen Beziehungen, bevor einzelne Politikbereiche – Drogenhandel, Menschenhandel und -schmuggel, Waffenhandel, Geldwäsche und Terrorismusfinanzierung, Konfliktmineralien – vorgestellt werden. Die Schlussfolgerungen bieten einen Ausblick in weitere Teilbereiche und erläutern die Rolle von staatlichen und nicht-staatlichen Akteuren in der Bekämpfung transnational organisierter Kriminalität.},
booktitle = {Handbuch {Internationale} {Beziehungen}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Jakobi, Anja P. and Haunschild, Jasmin},
editor = {Sauer, Frank and von Hauff, Luba and Masala, Carlo},
year = {2024},
doi = {10.1007/978-3-658-33953-1_40},
keywords = {Peace},
pages = {1013--1037},
}

@inproceedings{eberz-eder_hybrid_2024,
title = {Hybrid {Cloud} {Infrastrukturen} - {Edge} {Computing} und {KI}-basierte {Anwendungen} in der {Landwirtschaft} für resiliente und effektive {Produktions}- und {Biodiversitätsmaßnahmen}},
url = {https://dl.gi.de/server/api/core/bitstreams/14f9629e-9e3e-4252-b9d5-b2c8016d9a01/content},
abstract = {Mobile Erhebung semantisch modellierter Daten und deren Auswertung im Feld durch Hybrid Cloud Computing sind Grundlage des Resilienten Smart Farmings im Projekt GeoBox. Eine skalierbare Architektur und semantische Datenmodellierung ermöglichen Management betrieblicher Software-Container, flexible Anpassung an neue Aufgaben, und die Realisierung einfach nutzbarer externer Services, vorgestellt am Beispiel eines Resistenz-Beratungs-Chatbots und von Blühstreifen als Biodiversitätsmaßnahme.},
booktitle = {44. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
publisher = {Gesellschaft für Informatik},
author = {Eberz-Eder, Daniel and Kuntke, Franz and Reuter, Christian and Bernardi, Ansgar and Kadi, Ahmad and Brill, Gerwin and Martini, Daniel and Kleinhenz, Benno},
year = {2024},
keywords = {Security, UsableSec, Projekt-AgriRegio, Projekt-GeoBox, RSF},
}

@inproceedings{ruller_collaboration_2024,
address = {New York, NY, USA},
series = {{CSCW} {Companion} '24},
title = {The {Collaboration} {Paradox}: {Confronting} {Colonial} {Legacies} in {South}-{North} {Projects}},
isbn = {979-8-4007-1114-5},
url = {https://doi.org/10.1145/3678884.3687138},
doi = {10.1145/3678884.3687138},
abstract = {This special interest group invites participants to critically examine the complex interplay between interventionist Information and Communication Technology (ICT) projects and (historical) contexts of conflict and colonialism. It aims to open conversations on the multitude of challenges, barriers, and lessons learned around South-North collaborations, particularly in contexts with a colonial past and present, including researchers and research participants safety, data "security", applied ethics, and methodologies. This SIG aims at jointly developing ideas on how we, as academic researchers, can navigate and reframe the power dynamics inherent in global South-North collaborations.},
booktitle = {Companion {Publication} of the 2024 {Conference} on {Computer}-{Supported} {Cooperative} {Work} and {Social} {Computing}},
publisher = {Association for Computing Machinery},
author = {Rüller, Sarah and Aal, Konstantin "Kosta" and Guntrum, Laura and Talhouk, Reem and Lazem, Shaimaa and Wulf, Volker and Randall, Dave},
year = {2024},
note = {event-place: San Jose, Costa Rica},
keywords = {Peace, Projekt-TraCe},
pages = {669--671},
}

@inproceedings{putz_pairsonic_2024,
title = {{PairSonic}: {Helping} {Groups} {Securely} {Exchange} {Contact} {Information}},
url = {https://dl.acm.org/doi/10.1145/3678884.3681818},
doi = {10.1145/3678884.3681818},
abstract = {Securely exchanging contact information is essential for establishing trustworthy communication channels that facilitate effective online collaboration. However, current methods are neither user-friendly nor scalable for large groups of users. In response, we introduce PairSonic, a novel group pairing protocol that extends trust from physical encounters to online communication. PairSonic simplifies the pairing process by automating the tedious verification tasks of previous methods through an acoustic out-of-band channel using smartphones' built-in hardware. Our protocol not only facilitates connecting users for computer-supported collaboration, but also provides a more user-friendly and scalable solution to the authentication ceremonies currently used in end-to-end encrypted messengers like Signal or WhatsApp. PairSonic is available as open-source software: https://github.com/seemoo-lab/pairsonic},
booktitle = {{CSCW} '24 {Companion}: {Conference} {Companion} {Publication} of the 2024 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
author = {Putz, Florentin and Haesler, Steffen and Völkl, Thomas and Gehring, Maximilian and Rollshausen, Nils and Hollick, Matthias},
year = {2024},
note = {Place: San Jose, Costa Rica},
keywords = {HCI, Projekt-emergenCITY, Security, UsableSec},
}

@inproceedings{kaufhold_11_2024,
address = {Karlsruhe, Germany},
title = {11. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
url = {https://dl.gi.de/items/6a526522-0cbf-4672-af8d-d7580cf97f92},
doi = {10.18420/muc2024-mci-ws13-101},
abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.},
language = {de},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
year = {2024},
keywords = {HCI, Security, UsableSec, Projekt-CYLENCE},
}

@inproceedings{baumler_towards_2024,
address = {Karlsruhe, Germany},
title = {Towards an {Online} {Hate} {Speech} {Classification} {Scheme} for {German} {Law} {Enforcement} and {Reporting} {Centers}: {Insights} from {Research} and {Practice}},
url = {https://dl.gi.de/items/2fa0ec97-d562-41d2-bab9-0b0539432c87},
doi = {10.18420/muc2024-mci-ws13-124},
abstract = {In Germany, both law enforcement agencies and dedicated reporting centers engage in various activities to counter illegal online hate speech. Due to the high volume of such content and against the background of limited resources, their personnel can be confronted with the issue of information overload. To mitigate this issue, technologies for information filtering, classification, prioritization, and visualization offer great potential. However, domainspecific classification schemes that differentiate subtypes of online hate speech are a prerequisite for the development of such assistive tools. There is a gap in research with regard to an empirically substantiated classification scheme for subtypes of hate speech for the German law enforcement and reporting center domain. Based on a review of relevant computer science publications (N=24) and qualitative interviews with practitioners (N=18), this work investigates practice-relevant subtypes of hate speech and finds that it is primarily differentiated with regard to targeted group affiliations, the conveyance of an immediate security threat, and criminal relevance. It contributes to the state of research with an empirically grounded online hate speech classification scheme for German law enforcement agencies and reporting centers (C1) and five implications for the user-centered design of hate speech classification tools (C2).},
language = {en},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Bäumler, Julian and Kaufhold, Marc-André and Voronin, Georg and Reuter, Christian},
year = {2024},
keywords = {HCI, Projekt-ATHENE-CyAware, UsableSec, Projekt-CYLENCE},
}

@inproceedings{kaufhold_towards_2024,
address = {Karlsruhe, Germany},
title = {Towards a {Security} {Advisory} {Content} {Retrieval} and {Extraction} {System} for {Computer} {Emergency} {Response} {Teams}},
url = {https://dl.gi.de/items/6ee00080-4245-44c0-ae9c-1a9cdea7fa3a},
doi = {10.18420/muc2024-mci-ws13-133},
abstract = {Computer Emergency Response Teams provide advisory, preventive, and reactive cybersecurity services for authorities, citizens, and businesses. However, their responsibility of establishing cyber situational awareness by monitoring and analyzing security advisories and vulnerabilities has become challenging due to the growing volume of information disseminated through public channels. Thus, this paper presents the preliminary design of a system for automatically retrieving and extracting security advisory documents from Common Security Advisory Framework (CSAF), HTML, and RSS sources. The evaluation with various security advisory sources (N=53) shows that the developed system can retrieve 90\% of the published advisory documents, which is a significant improvement over systems only relying on the retrieval from RSS feeds (30\%).},
language = {en},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Bäumler, Julian and Koukal, Nicolai and Reuter, Christian},
year = {2024},
keywords = {HCI, Projekt-ATHENE-CyAware, UsableSec, Projekt-CYLENCE},
}

@inproceedings{chandran_encrypted_2024,
address = {Salt Lake City, USA},
title = {Encrypted {MultiChannel} {Communication} ({EMC2}): {Johnny} should use secret sharing},
url = {https://dl.acm.org/doi/10.1145/3689943.3695051},
doi = {10.1145/3689943.3695051},
abstract = {Nowadays, the problem of point-to-point encryption is solved by
the wide adaptation of protocols like TLS. However, challenges
persist for End-to-End Encryption (E2EE). Current E2EE solutions,
such as PGP and secure messengers like Signal, suffer from issues
like 1) low usability, 2) small user base, 3) dependence on central
service providers, and 4) susceptibility to backdoors. Concerns over
legally mandated backdoors are rising as the US and EU are propos-
ing new surveillance regulations requiring chat monitoring. We
present a new E2EE solution called Encrypted MultiChannel Com-
munication ( EMC2), based on 𝑛-out-of-𝑛 secret sharing. EMC2 splits
messages into multiple secret shares and sends them through in-
dependent channels. We show that multiple independent channels
exist between users and EMC2 provides E2EE with no single point of
trust, no setup, and is understandable by the general public. Our so-
lution complements existing tools and strengthens the case against
legally enforced backdoors by demonstrating their ineffectiveness.},
booktitle = {23. {Workshop} on {Privacy} in the {Electronic} {Society} ({WPES}'24)},
publisher = {ACM},
author = {Chandran, Gowri R. and Demuth, Kilian and Edalatnejad, Kasra and Linsner, Sebastian and Reuter, Christian and Schneider, Thomas},
month = oct,
year = {2024},
keywords = {UsableSec},
pages = {34--39},
}

@inproceedings{hartwig_nebula_2024,
address = {München},
title = {{NEBULA}: {Nutzerzentrierte} {KI}-basierte {Erkennung} von {Fake} {News} und {Fehlinformationen}},
url = {https://peasec.de/paper/2024/2024_HartwigBiselliSchneiderReuter_NEBULA_BfSTagungsband.pdf},
abstract = {Die Verbreitung falscher und irreführender Informationen – insbesondere über soziale Medien wie TikTok,
Twitter, Facebook und Co. – nehmen eine immer größer werdende Relevanz in sicherheitsrelevanten
Situationen ein. Gerade im Kontext des russischen Angriffskrieges gegen die Ukraine spielen derartige
Plattformen eine besondere Rolle, indem gefälschte Videos oder Inhalte mit falscher zeitlicher Einordnung
in kürzester Zeit viral gehen und somit das Potential für Verunsicherung und Meinungsmanipulation
bergen. Problematisch sind dabei nicht nur absichtliche, sondern auch unabsichtlich irreführende
Informationen.
Ziel des interdisziplinären BMBF-Projekts NEBULA (Laufzeit: 1.7.2022-30.6.2025) ist die transparente, KI-
basierte Erkennung von Falsch- und Fehlinformationen in sicherheitsrelevanten Situationen sowie die
zielgruppengerechte Darstellung der Detektionsergebnisse zur Förderung der Medienkompetenz. Die
nutzerzentrierten Ansätze adressieren dabei sowohl Behörden und Organisationen mit Sicherheitsaufgaben
(BOS) in der akkuraten Lagebilderstellung und Krisenkommunikation, als auch vulnerable Personengruppen
durch partizipative Entwicklung von technischen Unterstützungswerkzeugen. Innerhalb des Projekts
entstehen Demonstratoren in Form von Smartphone-Apps, Browser-Plugins und Webanwendungen, um
Einzelpersonen und Behörden dazu zu befähigen, Falsch- und Fehlinformationen eigenständig kritisch zu
reflektieren und Umgangsstrategien zur Informationseinordnung anzueignen.},
booktitle = {Aktuelle {Themen} und {Herausforderungen} behördlicher {Risikokommunikation} - {Tagungsband}},
publisher = {Bundesamt für Strahlenschutz},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {Crisis, Projekt-NEBULA},
}

@inproceedings{bayer_xai-attack_2024,
address = {Torino, Italia},
title = {{XAI}-{Attack}: {Utilizing} {Explainable} {AI} to {Find} {Incorrectly} {Learned} {Patterns} for {Black}-{Box} {Adversarial} {Example} {Creation}},
url = {https://aclanthology.org/2024.lrec-main.1542},
abstract = {Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method's potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.},
booktitle = {Proceedings of the 2024 {Joint} {International} {Conference} on {Computational} {Linguistics}, {Language} {Resources} and {Evaluation} ({LREC}-{COLING})},
publisher = {ELRA and ICCL},
author = {Bayer, Markus and Neiczer, Markus and Samsinger, Maximilian and Buchhold, Björn and Reuter, Christian},
month = may,
year = {2024},
keywords = {Ranking-CORE-A, Projekt-ATHENE-CyAware, Security, UsableSec, Projekt-CYLENCE},
pages = {17725--17738},
}

@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {979-8-4007-0330-0},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {HCI, A-Paper, Projekt-ATHENE-CyAware, Security, UsableSec, Projekt-CYLENCE, Projekt-CYWARN, Selected, AuswahlUsableSec, Ranking-CORE-A*, AuswahlKaufhold},
}

@inproceedings{hartwig_adolescents_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
isbn = {979-8-4007-0330-0},
url = {https://peasec.de/paper/2024/2024_HartwigBiselliSchneiderReuter_MisinfoTikTok_CHI.pdf},
doi = {10.1145/3613904.3642264},
abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {HCI, Projekt-NEBULA, A-Paper, Security, UsableSec, Projekt-ATHENE-PriVis, AuswahlCrisis, Selected, Ranking-CORE-A*},
}

@inproceedings{guntrum_keyboard_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {Keyboard {Fighters}: {The} {Use} of {ICTs} by {Activists} in {Times} of {Military} {Coup} in {Myanmar}},
isbn = {979-8-4007-0330-0},
url = {https://doi.org/10.1145/3613904.3642279},
doi = {10.1145/3613904.3642279},
abstract = {Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.},
booktitle = {Proceedings of the {CHI} {Conference} on {Human} {Factors} in {Computing} {Systems}},
publisher = {Association for Computing Machinery},
author = {Guntrum, Laura},
year = {2024},
keywords = {HCI, Peace, Projekt-TraCe, A-Paper, Projekt-ATHENE, Selected, Ranking-CORE-A*},
}

@techreport{reuter_informatik_2024,
address = {FIfF-Kommunikation},
title = {Informatik für den {Frieden}: {Perspektive} von {PEASEC} zu 40 {Jahren} {FIfF}},
url = {https://peasec.de/paper/2024/2024_Reuteretal_InformatikFuerFrieden_fiff.pdf},
abstract = {Fortschritte in Wissenschaft und Technik, besonders der Informatik, spielen im Kontext von Frieden und Sicherheit eine essenzielle Rolle. Der Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) an der Technischen Universität Darmstadt verbindet Informatik mit Friedens-, Konflikt- und Sicherheitsforschung.},
author = {Reuter, Christian and Franken, Jonas and Reinhold, Thomas and Kuehn, Philipp and Kaufhold, Marc-André and Riebe, Thea and Hartwig, Katrin and Biselli, Tom and Schmid, Stefka and Guntrum, Laura and Haesler, Steffen},
year = {2024},
keywords = {Peace, Security},
}

@techreport{reuter_technologie_2024,
address = {Wissenschaft und Frieden},
title = {​​{Technologie} und die {Transformation} {Politischer} {Gewalt}},
url = {http://www.peasec.de/paper/2024/2024_ReuterRiebeGuntrum_TechnologieTransformationPolitischeGewalt_WundF.pdf},
abstract = {Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS.
Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2024},
keywords = {Peace, Projekt-TraCe},
}