@article{bayer_cysecbert_2024,
title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
volume = {27},
issn = {2471-2566},
url = {https://doi.org/10.1145/3652594},
doi = {10.1145/3652594},
abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
number = {2},
journal = {ACM Transactions on Privacy and Security (TOPS)},
author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
month = apr,
year = {2024},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CYWARN, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
}

@inproceedings{kaufhold_11_2024,
address = {Karlsruhe, Germany},
title = {11. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
language = {de},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
year = {2024},
keywords = {HCI, UsableSec, Security, Projekt-CYLENCE},
}

@incollection{kaufhold_cultural_2024,
address = {Wiesbaden, Germany},
title = {Cultural {Violence} and {Peace} {Interventions} in {Social} {Media}},
abstract = {Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
keywords = {Crisis, HCI, SocialMedia, Peace, Projekt-CYLENCE},
}

@inproceedings{kaufhold_we_2024,
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
}

@article{hartwig_navigating_2024,
title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
issn = {1944-4079},
url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
doi = {10.1002/rhc3.12296},
abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
year = {2024},
note = {Publisher: John Wiley \& Sons, Ltd},
keywords = {Crisis, HCI, SocialMedia, Student, UsableSec, A-Paper, Ranking-ImpactFactor, Cyberwar, Projekt-NEBULA, Projekt-CYLENCE, Projekt-ATHENE},
}

@inproceedings{bayer_xai-attack_2024,
title = {{XAI}-{Attack}: {Utilizing} {Explainable} {AI} to {Find} {Incorrectly} {Learned} {Patterns} for {Black}-{Box} {Adversarial} {Example} {Creation}},
abstract = {Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method's potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.},
booktitle = {Proceedings of the 2024 {Joint} {International} {Conference} on {Computational} {Linguistics}, {Language} {Resources} and {Evaluation} ({LREC}-{COLING})},
author = {Bayer, Markus and Neiczer, Markus and Samsinger, Maximilian and Buchhold, Björn and Reuter, Christian},
year = {2024},
keywords = {UsableSec, Security, A-Paper, Ranking-CORE-B, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
}

@article{kaufhold_exploring_2024,
title = {Exploring the {Evolving} {Landscape} of {Human}-{Centred} {Crisis} {Informatics}: {Current} {Challenges} and {Future} {Trends}},
volume = {Accepted},
journal = {i-com - Journal of Interactive Media},
author = {Kaufhold, Marc-André},
year = {2024},
keywords = {AuswahlUsableSec, HCI, Projekt-ATHENE-CyAware, Projekt-CYLENCE, Projekt-emergenCITY},
}

@article{reuter_increasing_2023,
title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
volume = {96},
issn = {2212-4209},
url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
journal = {International Journal of Disaster Risk Reduction (IJDRR)},
author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
year = {2023},
keywords = {AuswahlCrisis, Crisis, SocialMedia, Student, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY, Projekt-NEBULA, Projekt-CYLENCE},
}

@inproceedings{kaufhold_cylence_2023,
address = {Rapperswil, Switzerland},
title = {{CYLENCE}: {Strategies} and {Tools} for {Cross}-{Media} {Reporting}, {Detection}, and {Treatment} of {Cyberbullying} and {Hatespeech} in {Law} {Enforcement} {Agencies}},
url = {https://dl.gi.de/items/0e0efe8f-64bf-400c-85f7-02b65f83189d},
doi = {10.18420/muc2023-mci-ws01-211},
abstract = {Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.},
language = {de},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Bayer, Markus and Bäumler, Julian and Reuter, Christian and Stieglitz, Stefan and Basyurt, Ali Sercan and Mirabaie, Milad and Fuchß, Christoph and Eyilmez, Kaan},
year = {2023},
keywords = {HCI, UsableSec, Projekt-CYLENCE},
}