Unsere Forschung wird zum einen aus Landesmitteln der TU Darmstadt sowie zu großen Teilen in drittmittelfinanzierten (BMBF, HMWK, DFG und BMEL) Forschungsprojekten realisiert.

Aktuelle Projekte

ATHENE-SecFOCI: Security of Fiber-Optic Critical Infrastructures (01.01.2024-31.12.2027, BMBF+HMWK)

Data-transmitting technologies have become a focus point for public security concerns since the NordStream sabotages, the BalticConnector incident, and various critical communication infrastructure outages in recent years. The project SecFOCI aims to assess, map, and counter emerging vulnerabilities in the material internet infrastructure, explicitly focusing on fiber-optic critical infrastructures (FOCI):

  1. Assessment: SecFOCI aims to systematize knowledge about the security of cables by conceptualizing fiber optics as critical infrastructures. It aims to understand current protection measures, their incorporation into security strategies, and their representation in research. The project also explores potential future developments that could impact the security of FOCI and maps the literature landscape to identify structural characteristics.
  2. Mapping: Next, it strengthens technical and empirical analysis of FOCI by identifying threat scenarios, mapping the material internet using graph theory and network analysis, applying scenarios to assess the consequences of physical infrastructure failures, and developing a visual simulation tool for stress testing.
  3. Countering: Lastly, the project aims to provide actionable recommendations for operators and authorities to enhance the resilience of global and regional transmission networks, create readable visualizations of vulnerabilities in the material internet backbone, and synthesize security and protection strategies.

SecFOCI acknowledges the multidisciplinary nature of the research subject, combining perspectives from cyber security, engineering, political science, geography, economics, and history. It emphasizes the need to bridge the gap between security-related internet research on the physical and logical layers of digital networks and aims to contribute to understanding the structural origins of fiber-optic data cable networks. The approach involves five work packages covering systematic literature analysis, design and analysis of network models, scenario analysis, user studies, surveys, and interviews.

ATHENE – Nationales Forschungszentrum für angewandte Cybersicherheit (seit 1.1.2019, BMBF+HMWK) – Website

Das Nationale Forschungs­zentrum für angewandte Cyber­sicher­heit ATHENE ist eine Forschungseinrichtung der Fraunhofer-Institute SIT und IGD sowie der Hochschulen TU Darmstadt und Hochschule Darmstadt. In einem bisher einzigartigen und innovativen Kooperations­modell von universitärer und außeruniversitärer Forschung betreibt ATHENE Spitzenforschung zum Wohl von Wirtschaft, Gesellschaft und Staat und setzt Impulse in der Wissenschaft. Das Forschungs­zentrum arbeitet agil und effizient und kann so auch kurzfristig auf neue He­raus­for­de­rung­en und veränderte Bedroh­ungs­lagen reagieren. ATHENE wird gefördert vom Bundesministerium für Bildung und Forschung (BMBF) und vom Hessischen Ministerium für Wissenschaft und Kunst (HMWK) und hat seinen Standort in der Wissen­schafts­stadt Darmstadt, Deutschlands erster Adresse für Cyber­sicher­heits­for­schung.

2024

  • Jasmin Haunschild, Laura Guntrum, Sofía Cerrillo, Franziska Bujara, Christian Reuter (2024)
    Towards a Digitally Mediated Transitional Justice Process? An Analysis of Colombian Transitional Justice Organisations’ Posting Behaviour on Facebook
    Peace and Conflict Studies .
    [BibTeX] [Abstract]

    In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.

    @article{haunschild_towards_2024,
    title = {Towards a {Digitally} {Mediated} {Transitional} {Justice} {Process}? {An} {Analysis} of {Colombian} {Transitional} {Justice} {Organisations}’ {Posting} {Behaviour} on {Facebook}},
    abstract = {In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.},
    journal = {Peace and Conflict Studies},
    author = {Haunschild, Jasmin and Guntrum, Laura and Cerrillo, Sofía and Bujara, Franziska and Reuter, Christian},
    year = {2024},
    keywords = {SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban},
    }

  • Franz Kuntke (2024)
    Resilient Smart Farming: Crisis-Capable Information and Communication Technologies for Agriculture
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{kuntke_resilient_2024,
    address = {Wiesbaden, Germany},
    title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
    publisher = {Springer Vieweg},
    author = {Kuntke, Franz},
    year = {2024},
    keywords = {Crisis, HCI, UsableSec, Security, RSF, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{haunschild_enhancing_2024,
    address = {Darmstadt, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{haunschild_enhancing_2024-1,
    address = {Wiesbaden, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Springer Vieweg},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Felix Burger, Jasmin Haunschild, Christian Reuter (2024)
    Understanding Crisis Preparedness: Insights from Personal Values, Beliefs, Social Norms, and Personal Norms
    Proceedings of the 17th International Conference on Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract]

    In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants‘ beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.

    @inproceedings{burger_understanding_2024,
    title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
    abstract = {In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants' beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.},
    booktitle = {Proceedings of the 17th {International} {Conference} on {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Burger, Felix and Haunschild, Jasmin and Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Student},
    }

    2023

  • Stefka Schmid, Laura Guntrum, Steffen Haesler, Lisa Schultheiß, Christian Reuter (2023)
    Digital Volunteers During the COVID-19 Pandemic: Care Work on Social Media for Socio-technical Resilience
    Weizenbaum Journal of the Digital Society ;3(1). doi:10.34669/WI.WJDS/3.3.6
    [BibTeX] [Abstract] [Download PDF]

    Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.

    @article{schmid_digital_2023,
    title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
    volume = {3},
    issn = {2748-5625},
    url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
    doi = {10.34669/WI.WJDS/3.3.6},
    abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.},
    number = {1},
    journal = {Weizenbaum Journal of the Digital Society},
    author = {Schmid, Stefka and Guntrum, Laura and Haesler, Steffen and Schultheiß, Lisa and Reuter, Christian},
    month = may,
    year = {2023},
    keywords = {Crisis, HCI, SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-TraCe},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;12(1):31–58. doi:10.1007/s42597-023-00099-7
    [BibTeX] [Abstract] [Download PDF]

    While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.

    @article{reinhold_preventing_2023,
    title = {Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack},
    volume = {12},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00099-7},
    doi = {10.1007/s42597-023-00099-7},
    abstract = {While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = apr,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {31--58},
    }

  • Philipp Kuehn, Mike Schmidt, Markus Bayer, Christian Reuter (2023)
    ThreatCrawl: A BERT-based Focused Crawler for the Cybersecurity Domain
    2023.
    [BibTeX] [Abstract] [Download PDF]

    Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.

    @techreport{kuehn_threatcrawl_2023,
    title = {{ThreatCrawl}: {A} {BERT}-based {Focused} {Crawler} for the {Cybersecurity} {Domain}},
    shorttitle = {{ThreatCrawl}},
    url = {http://arxiv.org/abs/2304.11960},
    abstract = {Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.},
    number = {arXiv:2304.11960},
    urldate = {2023-04-27},
    institution = {arXiv},
    author = {Kuehn, Philipp and Schmidt, Mike and Bayer, Markus and Reuter, Christian},
    month = apr,
    year = {2023},
    note = {arXiv:2304.11960 [cs]},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Philipp Kuehn, David N. Relke, Christian Reuter (2023)
    Common vulnerability scoring system prediction based on open source intelligence information sources
    Computers & Security . doi:10.1016/j.cose.2023.103286
    [BibTeX] [Abstract] [Download PDF]

    The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.

    @article{kuehn_common_2023,
    title = {Common vulnerability scoring system prediction based on open source intelligence information sources},
    url = {https://peasec.de/paper/2023/2023_KuehnRelkeReuter_CommonVulnerabilityScoringSystemOSINT_CompSec.pdf},
    doi = {10.1016/j.cose.2023.103286},
    abstract = {The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.},
    journal = {Computers \& Security},
    author = {Kuehn, Philipp and Relke, David N. and Reuter, Christian},
    year = {2023},
    keywords = {Student, UsableSec, Security, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Verena Zimmermann, Jasmin Haunschild, Alina Stöver, Nina Gerber (2023)
    Safe AND Secure Infrastructures? – Studying Human Aspects of Safety and Security Incidents with Experts from both Domains
    Mensch und Computer 2023 – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-225
    [BibTeX] [Abstract] [Download PDF]

    In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.

    @inproceedings{zimmermann_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe {AND} {Secure} {Infrastructures}? – {Studying} {Human} {Aspects} of {Safety} and {Security} {Incidents} with {Experts} from both {Domains}},
    url = {https://dl.gi.de/items/9c1d2bd5-229f-4db0-a764-6126cf92ef5f},
    doi = {10.18420/muc2023-mci-ws01-225},
    abstract = {In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.},
    language = {de},
    booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Stöver, Alina and Gerber, Nina},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    }

  • Stefka Schmid (2023)
    Safe and Secure? Visions of Military Human-Computer Interaction
    Mensch und Computer 2023 – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-365
    [BibTeX] [Abstract] [Download PDF]

    Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.

    @inproceedings{schmid_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe and {Secure}? {Visions} of {Military} {Human}-{Computer} {Interaction}},
    url = {https://dl.gi.de/items/841cc5bd-8e25-40de-804f-8fb4fedddf11},
    doi = {10.18420/muc2023-mci-ws01-365},
    abstract = {Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.},
    language = {de},
    booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Schmid, Stefka},
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Jonas Franken, Marco Zivkovic, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Das Netz hat Geschichte: Historisch-technische Analyse der kritischen Infrastrukturen in der Region Rhein/Main
    In: : INFORMATIK 2023: 53. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge). Bonn: Gesellschaft für Informatik e. V., , 1–6. doi:10.18420/inf2023_159
    [BibTeX] [Abstract] [Download PDF]

    Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.

    @incollection{franken_netz_2023,
    address = {Bonn},
    title = {Das {Netz} hat {Geschichte}: {Historisch}-technische {Analyse} der kritischen {Infrastrukturen} in der {Region} {Rhein}/{Main}},
    url = {https://peasec.de/paper/2023/2023_FrankenZivkovicThiessenEngelsReuter_NetzGeschichte_GI.pdf},
    abstract = {Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.},
    booktitle = {{INFORMATIK} 2023: 53. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Franken, Jonas and Zivkovic, Marco and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_159},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--6},
    }

  • Marco Zivkovic, Jonas Franken, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Infrastrukturen und historisches Wissen: Eine interdisziplinäre Analyse der Resilienz von Schienen- und Kabelnetzen
    Tagungsband Fachtagung Katastrophenforschung 2023 Leoben.
    [BibTeX] [Abstract] [Download PDF]

    Im Forschungsprojekt “ Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”“ wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.

    @inproceedings{zivkovic_infrastrukturen_2023,
    address = {Leoben},
    title = {Infrastrukturen und historisches {Wissen}: {Eine} interdisziplinäre {Analyse} der {Resilienz} von {Schienen}- und {Kabelnetzen}},
    isbn = {978-3-900397-11-1},
    url = {https://peasec.de/paper/2023/2023_ZivkovicFrankenThiessenEngelsReuter_InfrastrukturenHistorischesWissen_FKF23.pdf},
    abstract = {Im Forschungsprojekt " Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”" wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.},
    booktitle = {Tagungsband {Fachtagung} {Katastrophenforschung} 2023},
    publisher = {Disaster Competence Network Austria},
    author = {Zivkovic, Marco and Franken, Jonas and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-NetzGeschichte},
    }

  • Thomas Reinhold, Philipp Kuehn, Daniel Günther, Thomas Schneider, Christian Reuter (2023)
    ExTRUST: Reducing Exploit Stockpiles With a Privacy-Preserving Depletion Systems for Inter-State Relationships
    IEEE Transactions on Technology and Society ;4(2):158–170. doi:10.1109/TTS.2023.3280356
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.

    @article{reinhold_extrust_2023,
    title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
    volume = {4},
    url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
    doi = {10.1109/TTS.2023.3280356},
    abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
    number = {2},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Selected, Student, A-Paper, Peace, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    pages = {158--170},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2023)
    Preparedness Nudging for Warning Apps? A Mixed-Method Study Investigating Popularity and Effects of Preparedness Alerts in Warning Apps
    International Journal on Human-Computer Studies (IJHCS) ;172:102995. doi:https://doi.org/10.1016/j.ijhcs.2023.102995
    [BibTeX] [Abstract] [Download PDF]

    Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.

    @article{haunschild_preparedness_2023,
    title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
    volume = {172},
    issn = {1071-5819},
    url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
    doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
    abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, Student, A-Paper, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {102995},
    }

  • Thomas Reinhold, Helene Pleil, Christian Reuter (2023)
    Challenges for Cyber Arms Control: A Qualitative Expert Interview Study
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) ;16(3):289–310. doi:10.1007/s12399-023-00960-w
    [BibTeX] [Abstract] [Download PDF]

    The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.

    @article{reinhold_challenges_2023,
    title = {Challenges for {Cyber} {Arms} {Control}: {A} {Qualitative} {Expert} {Interview} {Study}},
    volume = {16},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-023-00960-w},
    doi = {10.1007/s12399-023-00960-w},
    abstract = {The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.},
    number = {3},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Pleil, Helene and Reuter, Christian},
    month = aug,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {289--310},
    }

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2023)
    A Survey on Data Augmentation for Text Classification
    ACM Computing Surveys (CSUR) ;55(7):1–39. doi:10.1145/3544558
    [BibTeX] [Abstract] [Download PDF]

    Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.

    @article{bayer_survey_2023,
    title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
    volume = {55},
    url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
    doi = {10.1145/3544558},
    abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
    number = {7},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--39},
    }

  • Steffen Haesler, Marc Wendelborn, Christian Reuter (2023)
    Getting the Residents‘ Attention: The Perception of Warning Channels in Smart Home Warning Systems
    Proceedings of the ACM Designing Interactive Systems Conference (DIS) New York, NY, USA. doi:10.1145/3563657.3596076
    [BibTeX] [Abstract] [Download PDF]

    About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.

    @inproceedings{haesler_getting_2023,
    address = {New York, NY, USA},
    series = {{DIS} '23},
    title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
    isbn = {978-1-4503-9893-0},
    url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
    doi = {10.1145/3563657.3596076},
    abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
    booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
    publisher = {Association for Computing Machinery},
    author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
    year = {2023},
    note = {event-place: Pittsburgh, PA, USA},
    keywords = {Crisis, HCI, Student, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1114--1127},
    }

  • Laura Guntrum, Sebastian Schwartz, Christian Reuter (2023)
    Dual-Use Technologies in the Context of Autonomous Driving: An Empirical Case Study From Germany
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00935-3
    [BibTeX] [Abstract] [Download PDF]

    The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.

    @article{guntrum_dual-use_2023,
    title = {Dual-{Use} {Technologies} in the {Context} of {Autonomous} {Driving}: {An} {Empirical} {Case} {Study} {From} {Germany}},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-022-00935-3},
    doi = {10.1007/s12399-022-00935-3},
    abstract = {The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Guntrum, Laura and Schwartz, Sebastian and Reuter, Christian},
    month = jan,
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Zur Debatte über die Einhegung eines Cyberwars: Analyse militärischer Cyberaktivitäten im Krieg Russlands gegen die Ukraine
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) . doi:10.1007/s42597-023-00094-y
    [BibTeX] [Abstract] [Download PDF]

    Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.

    @article{reinhold_zur_2023,
    title = {Zur {Debatte} über die {Einhegung} eines {Cyberwars}: {Analyse} militärischer {Cyberaktivitäten} im {Krieg} {Russlands} gegen die {Ukraine}},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00094-y},
    doi = {10.1007/s42597-023-00094-y},
    abstract = {Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = mar,
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Elise Özalp, Katrin Hartwig, Christian Reuter (2023)
    Trends in Explainable Artificial Intelligence for Non-Experts
    In: Peter Klimczak, Christer Petersen: AI – Limits and Prospects of Artificial Intelligence. Bielefeld: Transcript Verlag, , 223–243.
    [BibTeX] [Abstract] [Download PDF]

    In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.

    @incollection{ozalp_trends_2023,
    address = {Bielefeld},
    title = {Trends in {Explainable} {Artificial} {Intelligence} for {Non}-{Experts}},
    url = {https://www.transcript-verlag.de/978-3-8376-5732-6/ai-limits-and-prospects-of-artificial-intelligence/?c=313000019},
    abstract = {In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.},
    booktitle = {{AI} - {Limits} and {Prospects} of {Artificial} {Intelligence}},
    publisher = {Transcript Verlag},
    author = {Özalp, Elise and Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Petersen, Christer},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {223--243},
    }

  • Thea Riebe, Julian Bäumler, Marc-André Kaufhold, Christian Reuter (2023)
    Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design Perspective
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) . doi:10.1007/s10606-022-09453-4
    [BibTeX] [Abstract] [Download PDF]

    The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.

    @article{riebe_values_2023,
    title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
    url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
    doi = {10.1007/s10606-022-09453-4},
    abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Jasmin Haunschild, Leon Jung, Christian Reuter (2023)
    Dual-use in volunteer operations? Attitudes of computer science students regarding the establishment of a cyber security volunteer force
    In: Gerber Nina, Zimmermann Verena: International Symposium on Technikpsychologie (TecPsy). Sciendo, , 66–81.
    [BibTeX] [Abstract] [Download PDF]

    The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers are discussed.

    @incollection{haunschild_dual-use_2023,
    title = {Dual-use in volunteer operations? {Attitudes} of computer science students regarding the establishment of a cyber security volunteer force},
    isbn = {978-83-66675-89-6},
    url = {https://sciendo.com/chapter/9788366675896/10.2478/9788366675896-006},
    abstract = {The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative
    content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers
    are discussed.},
    booktitle = {International {Symposium} on {Technikpsychologie} ({TecPsy})},
    publisher = {Sciendo},
    author = {Haunschild, Jasmin and Jung, Leon and Reuter, Christian},
    editor = {Nina, Gerber and Verena, Zimmermann},
    year = {2023},
    keywords = {Crisis, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {66--81},
    }

  • Jonas Franken, Franziska Schneider, Christian Reuter (2023)
    The Internet’s Plumbing Consists of Garden Hoses: A Critical Analysis of the Advantages and Pitfalls of Metaphors Use for Critical Maritime Infrastructures
    Dreizack 23 Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_internets_2023,
    address = {Kiel},
    title = {The {Internet}’s {Plumbing} {Consists} of {Garden} {Hoses}: {A} {Critical} {Analysis} of the {Advantages} and {Pitfalls} of {Metaphors} {Use} for {Critical} {Maritime} {Infrastructures}},
    url = {https://peasec.de/paper/2023/2023_FrankenSchneiderReuter_MetaphernMarKRITIS_Dreizack23.pdf},
    booktitle = {Dreizack 23},
    publisher = {The Kiel Seapower Series},
    author = {Franken, Jonas and Schneider, Franziska and Reuter, Christian},
    editor = {Schilling, Henrik},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio, Projekt-NetzGeschichte},
    pages = {1--8},
    }

    2022

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Cultural Violence and Fragmentation on Social Media: Interventions and Countermeasures by Humans and Social Bots
    In: Myriam Dunn Cavelty, Andreas Wenger: Cyber Security Politics: Socio-Technological Transformations and Political Fragmentation. Routledge, , 48–63.
    [BibTeX] [Abstract] [Download PDF]

    Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.

    @incollection{haunschild_cultural_2022,
    title = {Cultural {Violence} and {Fragmentation} on {Social} {Media}: {Interventions} and {Countermeasures} by {Humans} and {Social} {Bots}},
    isbn = {978-0-367-62674-7},
    url = {https://peasec.de/paper/2022/2022_HaunschildKaufholdReuter_SocialMediaAndFragmentation_Routledge.pdf},
    abstract = {Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.},
    booktitle = {Cyber {Security} {Politics}: {Socio}-{Technological} {Transformations} and {Political} {Fragmentation}},
    publisher = {Routledge},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Cavelty, Myriam Dunn and Wenger, Andreas},
    year = {2022},
    keywords = {Crisis, SocialMedia, Peace, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {48--63},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    Nijmegen: The Radboud University Thesis Repository.
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022-1,
    address = {Nijmegen},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    url = {https://repository.ubn.ru.nl/handle/2066/253000},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    publisher = {The Radboud University Thesis Repository},
    author = {Reuter, Christian},
    year = {2022},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Towards a Cyber Weapons Assessment Model – Assessment of the Technical Features of Malicious Software
    IEEE Transactions on Technology and Society ;3(3):226–239. doi:10.1109/TTS.2021.3131817
    [BibTeX] [Abstract] [Download PDF]

    The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.

    @article{reinhold_towards_2022,
    title = {Towards a {Cyber} {Weapons} {Assessment} {Model} – {Assessment} of the {Technical} {Features} of {Malicious} {Software}},
    volume = {3},
    issn = {2637-6415},
    url = {https://peasec.de/paper/2021/2021_ReinholdReuter_CyberWeapons_IEEETransactionsTechnologySociety.pdf},
    doi = {10.1109/TTS.2021.3131817},
    abstract = {The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.},
    language = {en},
    number = {3},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = sep,
    year = {2022},
    keywords = {A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {226--239},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Armament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm
    1 ed. Springer. doi:https://doi.org/10.1007/978-3-031-11043-6
    [BibTeX] [Abstract] [Download PDF]

    Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed. The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part. This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.

    @book{schornig_armament_2022,
    edition = {1},
    title = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    isbn = {978-3-031-11043-6},
    url = {https://link.springer.com/book/10.1007/978-3-031-11043-6},
    abstract = {Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed.
    The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part.
    This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.},
    language = {en},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    }

  • Thomas Reinhold (2022)
    Arms Control for Artificial Intelligence
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 211–226. doi:https://doi.org/10.1007/978-3-031-11043-6_15
    [BibTeX] [Abstract] [Download PDF]

    With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.

    @incollection{reinhold_arms_2022,
    edition = {1},
    title = {Arms {Control} for {Artificial} {Intelligence}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_Reinhold_ ArmsControlforAI_AI-Book.pdf},
    abstract = {With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_15},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {211--226},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 145–158. doi:https://doi.org/10.1007/978-3-031-11043-6_11
    [BibTeX] [Abstract] [Download PDF]

    As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.

    @incollection{reinhold_cyber_2022,
    edition = {1},
    title = {Cyber {Weapons} and {Artificial} {Intelligence}: {Impact}, {Influence} and the {Challenges} for {Arms} {Control}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_ReinholdReuter_CyberWeaponsAIImpactInfluenceChallenges_AI-Book.pdf},
    abstract = {As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_11},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {145--158},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Introduction
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 1–9. doi:https://doi.org/10.1007/978-3-031-11043-6_1
    [BibTeX] [Abstract] [Download PDF]

    In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.

    @incollection{schornig_introduction_2022,
    edition = {1},
    title = {Introduction},
    isbn = {978-3-031-11043-6},
    url = {http://www.peasec.de/paper/2022/2022_SchoernigReinhold_Intro_AI-Book.pdf},
    abstract = {In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_1},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--9},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Perceptions and Use of Warning Apps – Did Recent Crises Lead to Changes in Germany?
    Mensch und Computer 2022 – Tagungsband New York. doi:10.1145/3543758.3543770
    [BibTeX] [Abstract] [Download PDF]

    Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.

    @inproceedings{haunschild_perceptions_2022,
    address = {New York},
    title = {Perceptions and {Use} of {Warning} {Apps} – {Did} {Recent} {Crises} {Lead} to {Changes} in {Germany}?},
    url = {http://www.peasec.de/paper/2022/2022_HaunschildKaufholdReuter_WarningAppsChangesGermany_MuC.pdf},
    doi = {10.1145/3543758.3543770},
    abstract = {Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.},
    language = {en},
    booktitle = {Mensch und {Computer} 2022 - {Tagungsband}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Sabrina Gabel, Lilian Reichert, Christian Reuter (2022)
    Discussing Conflict in Social Media – The Use of Twitter in the Jammu and Kashmir Conflict
    Media, War & Conflict ;15(4):1–26.
    [BibTeX] [Abstract] [Download PDF]

    Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani’s impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.

    @article{gabel_discussing_2022,
    title = {Discussing {Conflict} in {Social} {Media} – {The} {Use} of {Twitter} in the {Jammu} and {Kashmir} {Conflict}},
    volume = {15},
    url = {https://journals.sagepub.com/doi/full/10.1177/1750635220970997},
    abstract = {Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani's impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.},
    number = {4},
    journal = {Media, War \& Conflict},
    author = {Gabel, Sabrina and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, Ranking-ImpactFactor, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--26},
    }

  • Philipp Kuehn, Moritz Kerk, Marc Wendelborn, Christian Reuter (2022)
    Clustering of Threat Information to Mitigate Information Overload for Computer Emergency Response Teams
    2022.
    [BibTeX] [Abstract] [Download PDF]

    The constantly increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). In order to respond to new threats, CERTs need to gather information in a timely and comprehensive manner. However, the volume of information and sources can lead to information overload. This paper answers the question of how to reduce information overload for CERTs with the help of clustering methods. Conditions for such a framework were established and subsequently tested. In order to perform an evaluation, different types of evaluation metrics were introduced and selected in relation to the framework conditions. Furthermore, different vectorizations and distance measures in combination with the clustering methods were evaluated and interpreted. Two different ground-truth datasets were used for the evaluation, one containing threat messages and a dataset with messages from different news categories. The work shows that the K-means clustering method along with TF-IDF vectorization and cosine distance provide the best results in the domain of threat messages.

    @techreport{kuehn_clustering_2022,
    title = {Clustering of {Threat} {Information} to {Mitigate} {Information} {Overload} for {Computer} {Emergency} {Response} {Teams}},
    copyright = {arXiv.org perpetual, non-exclusive license},
    url = {https://arxiv.org/pdf/2210.14067.pdf},
    abstract = {The constantly increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). In order to respond to new threats, CERTs need to gather information in a timely and comprehensive manner. However, the volume of information and sources can lead to information overload. This paper answers the question of how to reduce information overload for CERTs with the help of clustering methods. Conditions for such a framework were established and subsequently tested. In order to perform an evaluation, different types of evaluation metrics were introduced and selected in relation to the framework conditions. Furthermore, different vectorizations and distance measures in combination with the clustering methods were evaluated and interpreted. Two different ground-truth datasets were used for the evaluation, one containing threat messages and a dataset with messages from different news categories. The work shows that the K-means clustering method along with TF-IDF vectorization and cosine distance provide the best results in the domain of threat messages.},
    language = {en},
    institution = {arXiv},
    author = {Kuehn, Philipp and Kerk, Moritz and Wendelborn, Marc and Reuter, Christian},
    year = {2022},
    note = {https://doi.org/10.48550/arXiv.2210.14067},
    keywords = {HCI, Student, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Jonas Franken (2022)
    Seekabel als Maritime Kritische Infrastruktur
    Dreizack 21: Von historischen bis zukünftigen Herausforderungen im maritimen Raum Laboe/Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_seekabel_2022,
    address = {Laboe/Kiel},
    title = {Seekabel als {Maritime} {Kritische} {Infrastruktur}},
    url = {https://www.kielseapowerseries.com/files/ispk/content/workshops/Dreizack/Sammelband zum Dreizack21.pdf},
    booktitle = {Dreizack 21: {Von} historischen bis zukünftigen {Herausforderungen} im maritimen {Raum}},
    author = {Franken, Jonas},
    editor = {Schilling, Henrik},
    year = {2022},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban},
    pages = {22--25},
    }

  • Philipp Kuehn, Julian Bäumler, Marc-André Kaufhold, Marc Wendelborn, Christian Reuter (2022)
    The Notion of Relevance in Cybersecurity: A Categorization of Security Tools and Deduction of Relevance Notions
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-220
    [BibTeX] [Abstract] [Download PDF]

    Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.

    @inproceedings{kuehn_notion_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Notion} of {Relevance} in {Cybersecurity}: {A} {Categorization} of {Security} {Tools} and {Deduction} of {Relevance} {Notions}},
    url = {https://dl.gi.de/handle/20.500.12116/39072},
    doi = {10.18420/muc2022-mci-ws01-220},
    abstract = {Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kuehn, Philipp and Bäumler, Julian and Kaufhold, Marc-André and Wendelborn, Marc and Reuter, Christian},
    year = {2022},
    keywords = {Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Christian Reuter, Luigi Lo Iacono, Alexander Benlian (2022)
    A Quarter Century of Usable Security and Privacy Research: Transparency, Tailorability, and the Road Ahead
    Behaviour & Information Technology (BIT) ;41(10):2035–2048. doi:10.1080/0144929X.2022.2080908
    [BibTeX] [Abstract] [Download PDF]

    In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.

    @article{reuter_quarter_2022,
    title = {A {Quarter} {Century} of {Usable} {Security} and {Privacy} {Research}: {Transparency}, {Tailorability}, and the {Road} {Ahead}},
    volume = {41},
    issn = {0144-929X},
    url = {https://www.tandfonline.com/toc/tbit20/41/10},
    doi = {10.1080/0144929X.2022.2080908},
    abstract = {In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.},
    number = {10},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {2035--2048},
    }

  • Denis Orlov, Simon Möller, Sven Düfler, Steffen Haesler, Christian Reuter (2022)
    Detecting a Crisis: Comparison of Self-Reported vs. Automated Internet Outage Measuring Methods
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-321
    [BibTeX] [Abstract] [Download PDF]

    Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.

    @inproceedings{orlov_detecting_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Detecting a {Crisis}: {Comparison} of {Self}-{Reported} vs. {Automated} {Internet} {Outage} {Measuring} {Methods}},
    url = {https://dl.gi.de/handle/20.500.12116/39089},
    doi = {10.18420/muc2022-mci-ws10-321},
    abstract = {Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Orlov, Denis and Möller, Simon and Düfler, Sven and Haesler, Steffen and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Book Review: Artificial Intelligence and The Future of Warfare, James Johnson (2021)
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00918-4
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics & International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.

    @article{reinhold_book_2022,
    title = {Book {Review}: {Artificial} {Intelligence} and {The} {Future} of {Warfare}, {James} {Johnson} (2021)},
    url = {https://link.springer.com/article/10.1007/s12399-022-00918-4},
    doi = {10.1007/s12399-022-00918-4},
    abstract = {Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics \& International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Reuter, Christian},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban},
    }

  • Christian Bueger, Tobias Liebetrau, Jonas Franken (2022)
    Security threats to undersea communications cables and infrastructure – consequences for the EU
    Brussels: European Parliament.
    [BibTeX] [Abstract] [Download PDF]

    The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.

    @book{bueger_security_2022,
    address = {Brussels},
    title = {Security threats to undersea communications cables and infrastructure – consequences for the {EU}},
    url = {https://www.europarl.europa.eu/thinktank/en/document/EXPO_IDA(2022)702557},
    abstract = {The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.},
    publisher = {European Parliament},
    author = {Bueger, Christian and Liebetrau, Tobias and Franken, Jonas},
    year = {2022},
    keywords = {Student, Security, Infrastructure, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Marc-André Kaufhold, Ali Sercan Basyurt, Kaan Eyilmez, Marc Stöttinger, Christian Reuter (2022)
    Cyber Threat Observatory: Design and Evaluation of an Interactive Dashboard for Computer Emergency Response Teams
    Proceedings of the European Conference on Information Systems (ECIS) Timisoara, Romania.
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.

    @inproceedings{kaufhold_cyber_2022,
    address = {Timisoara, Romania},
    title = {Cyber {Threat} {Observatory}: {Design} and {Evaluation} of an {Interactive} {Dashboard} for {Computer} {Emergency} {Response} {Teams}},
    url = {http://www.peasec.de/paper/2022/2022_KaufholdBasyurtEyilmezStoettingerReuter_CyberThreatObservatory_ECIS.pdf},
    abstract = {Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Kaufhold, Marc-André and Basyurt, Ali Sercan and Eyilmez, Kaan and Stöttinger, Marc and Reuter, Christian},
    year = {2022},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Marc-André Kaufhold, Julian Bäumler, Christian Reuter (2022)
    The Implementation of Protective Measures and Communication of Cybersecurity Alerts in Germany – A Representative Survey of the Population
    Mensch und Computer 2022 – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-228
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.

    @inproceedings{kaufhold_implementation_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Implementation} of {Protective} {Measures} and {Communication} of {Cybersecurity} {Alerts} in {Germany} - {A} {Representative} {Survey} of the {Population}},
    url = {https://dl.gi.de/handle/20.500.12116/39061},
    doi = {10.18420/muc2022-mci-ws01-228},
    abstract = {Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.},
    language = {en},
    booktitle = {Mensch und {Computer} 2022 - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kaufhold, Marc-André and Bäumler, Julian and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Markus Bayer, Philipp Kuehn, Ramin Shanehsaz, Christian Reuter (2022)
    CySecBERT: A Domain-Adapted Language Model for the Cybersecurity Domain
    2022. doi:10.48550/ARXIV.2212.02974
    [BibTeX] [Abstract] [Download PDF]

    The field of cybersecurity is evolving fast. Experts need to be informed about past, current and – in the best case – upcoming threats, because attacks are becoming more advanced, targets bigger and systems more complex. As this cannot be addressed manually, cybersecurity experts need to rely on machine learning techniques. In the texutual domain, pre-trained language models like BERT have shown to be helpful, by providing a good baseline for further fine-tuning. However, due to the domain-knowledge and many technical terms in cybersecurity general language models might miss the gist of textual information, hence doing more harm than good. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain, which can serve as a basic building block for cybersecurity systems that deal with natural language. The model is compared with other models based on 15 different domain-dependent extrinsic and intrinsic tasks as well as general tasks from the SuperGLUE benchmark. On the one hand, the results of the intrinsic tasks show that our model improves the internal representation space of words compared to the other models. On the other hand, the extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model is best in specific application scenarios, in contrast to the others. Furthermore, we show that our approach against catastrophic forgetting works, as the model is able to retrieve the previously trained domain-independent knowledge. The used dataset and trained model are made publicly available

    @techreport{bayer_cysecbert_2022,
    title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
    copyright = {arXiv.org perpetual, non-exclusive license},
    url = {https://arxiv.org/abs/2212.02974},
    abstract = {The field of cybersecurity is evolving fast. Experts need to be informed about past, current and - in the best case - upcoming threats, because attacks are becoming more advanced, targets bigger and systems more complex. As this cannot be addressed manually, cybersecurity experts need to rely on machine learning techniques. In the texutual domain, pre-trained language models like BERT have shown to be helpful, by providing a good baseline for further fine-tuning. However, due to the domain-knowledge and many technical terms in cybersecurity general language models might miss the gist of textual information, hence doing more harm than good. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain, which can serve as a basic building block for cybersecurity systems that deal with natural language. The model is compared with other models based on 15 different domain-dependent extrinsic and intrinsic tasks as well as general tasks from the SuperGLUE benchmark. On the one hand, the results of the intrinsic tasks show that our model improves the internal representation space of words compared to the other models. On the other hand, the extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model is best in specific application scenarios, in contrast to the others. Furthermore, we show that our approach against catastrophic forgetting works, as the model is able to retrieve the previously trained domain-independent knowledge. The used dataset and trained model are made publicly available},
    institution = {arXiv},
    author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
    year = {2022},
    doi = {10.48550/ARXIV.2212.02974},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Stefka Schmid (2022)
    Trustworthy and Explainable: A European Vision of (Weaponised) Artificial Intelligence
    Die Friedens-Warte / Journal of International Peace and Organization (JIPO) ;95(3-4):290–315. doi:10.35998/fw-2022-0013
    [BibTeX] [Abstract] [Download PDF]

    The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.

    @article{schmid_trustworthy_2022,
    title = {Trustworthy and {Explainable}: {A} {European} {Vision} of ({Weaponised}) {Artificial} {Intelligence}},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/article/10.35998/fw-2022-0013},
    doi = {10.35998/fw-2022-0013},
    abstract = {The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.},
    number = {3-4},
    journal = {Die Friedens-Warte / Journal of International Peace and Organization (JIPO)},
    author = {Schmid, Stefka},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    pages = {290--315},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    1 ed. Wiesbaden: Springer Vieweg. doi:https://doi.org/10.1007/978-3-658-39720-3
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022,
    address = {Wiesbaden},
    edition = {1},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    isbn = {978-3-658-39719-7},
    url = {https://link.springer.com/book/10.1007/978-3-658-39720-3},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    language = {en},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-658-39720-3},
    keywords = {Crisis, HCI, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jonas Franken, Thomas Reinhold, Lilian Reichert, Christian Reuter (2022)
    The Digital Divide in State Vulnerability to Submarine Communications Cable Failure
    International Journal of Critical Infrastructure Protection (IJCIP) ;38(100522):1–15. doi:10.1016/j.ijcip.2022.100522
    [BibTeX] [Abstract] [Download PDF]

    The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.

    @article{franken_digital_2022,
    title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
    volume = {38},
    url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
    doi = {10.1016/j.ijcip.2022.100522},
    abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
    number = {100522},
    journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
    author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Selected, Student, Security, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio},
    pages = {1--15},
    }

  • Verena Zimmermann, Jasmin Haunschild, Marita Unden, Paul Gerber, Nina Gerber (2022)
    Sicherheitsherausforderungen für Smart City-Infrastrukturen
    Wirtschaftsinformatik & Management . doi:10.1365/s35764-022-00396-5
    [BibTeX] [Abstract] [Download PDF]

    Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.

    @article{zimmermann_sicherheitsherausforderungen_2022,
    title = {Sicherheitsherausforderungen für {Smart} {City}-{Infrastrukturen}},
    url = {https://link.springer.com/content/pdf/10.1365/s35764-022-00396-5.pdf},
    doi = {10.1365/s35764-022-00396-5},
    abstract = {Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.},
    journal = {Wirtschaftsinformatik \& Management},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Unden, Marita and Gerber, Paul and Gerber, Nina},
    year = {2022},
    keywords = {UsableSec, Security, Projekt-ATHENE-SecUrban},
    }

    2021

  • Christian Reuter (2021)
    Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage)
    2 ed. Wiesbaden: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

    @book{reuter_sicherheitskritische_2021,
    address = {Wiesbaden},
    edition = {2},
    title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    isbn = {978-3-658-32795-8},
    url = {https://www.springer.com/de/book/9783658327941},
    abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, HCI, Selected, SocialMedia, UsableSec, Security, Projekt-KontiKat, Peace, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Kilian Demuth, Henri-Jacques Geiß, Christian Richter, Christian Reuter (2021)
    Nutzer, Sammler, Entscheidungsträger? Arten der Bürgerbeteiligung in Smart Cities
    HMD Praxis der Wirtschaftsinformatik ;58. doi:10.1365/s40702-021-00770-8
    [BibTeX] [Abstract] [Download PDF]

    Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.

    @article{haunschild_nutzer_2021,
    title = {Nutzer, {Sammler}, {Entscheidungsträger}? {Arten} der {Bürgerbeteiligung} in {Smart} {Cities}},
    volume = {58},
    url = {https://peasec.de/paper/2021/2021_HaunschildDemuthGeissRichterReuter_NutzerSammlerEntscheidungstragerBuergerbeteiligungSmartCities_HMD.pdf},
    doi = {10.1365/s40702-021-00770-8},
    abstract = {Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.},
    journal = {HMD Praxis der Wirtschaftsinformatik},
    author = {Haunschild, Jasmin and Demuth, Kilian and Geiß, Henri-Jacques and Richter, Christian and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Student, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Katrin Hartwig, Atlas Englisch, Jan Pelle Thomson, Christian Reuter (2021)
    Finding Secret Treasure? Improving Memorized Secrets Through Gamification
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481509
    [BibTeX] [Abstract] [Download PDF]

    Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom. Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000) to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of participants’ gaming frequency.

    @inproceedings{hartwig_finding_2021,
    address = {Karlsruhe, Germany},
    title = {Finding {Secret} {Treasure}? {Improving} {Memorized} {Secrets} {Through} {Gamification}},
    url = {https://peasec.de/paper/2021/2021_HartwigEnglischThomsonReuter_MemorizedSecretsThroughGamification_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481509},
    abstract = {Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom.
    Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have
    identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their
    relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar
    nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding
    efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000)
    to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates
    a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of
    participants’ gaming frequency.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Englisch, Atlas and Thomson, Jan Pelle and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {105--117},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Nudge or Restraint: How do People Assess Nudging in Cybersecurity – A Representative Study in Germany
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481514
    [BibTeX] [Abstract] [Download PDF]

    While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.

    @inproceedings{hartwig_nudge_2021,
    address = {Karlsruhe, Germany},
    title = {Nudge or {Restraint}: {How} do {People} {Assess} {Nudging} in {Cybersecurity} - {A} {Representative} {Study} in {Germany}},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_NudgingCybersecurityRepresentativeStudy_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481514},
    abstract = {While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2021},
    keywords = {UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {141--150},
    }

  • Thea Riebe, Tristan Wirth, Markus Bayer, Philipp Kuehn, Marc-André Kaufhold, Volker Knauthe, Stefan Guthe, Christian Reuter (2021)
    CySecAlert: An Alert Generation System for Cyber Security Events Using Open Source Intelligence Data
    Information and Communications Security (ICICS) . doi:10.1007/978-3-030-86890-1_24
    [BibTeX] [Abstract] [Download PDF]

    Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.

    @inproceedings{riebe_cysecalert_2021,
    title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
    url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
    doi = {10.1007/978-3-030-86890-1_24},
    abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
    booktitle = {Information and {Communications} {Security} ({ICICS})},
    author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {429--446},
    }

  • Thea Riebe, Marc-André Kaufhold, Christian Reuter (2021)
    The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479865
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

    @article{riebe_impact_2021,
    title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
    volume = {5},
    url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
    doi = {10.1145/3479865},
    abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold},
    }

  • Marc-André Kaufhold (2021)
    Information Refinement Technologies for Crisis Informatics: User Expectations and Design Principles for Social Media and Mobile Apps
    Wiesbaden, Germany: Springer Vieweg. doi:10.1007/978-3-658-33341-6
    [BibTeX] [Abstract] [Download PDF]

    Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.

    @book{kaufhold_information_2021,
    address = {Wiesbaden, Germany},
    title = {Information {Refinement} {Technologies} for {Crisis} {Informatics}: {User} {Expectations} and {Design} {Principles} for {Social} {Media} and {Mobile} {Apps}},
    isbn = {978-3-658-33343-0},
    url = {https://www.springer.com/gp/book/9783658333430},
    abstract = {Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.},
    publisher = {Springer Vieweg},
    author = {Kaufhold, Marc-André},
    year = {2021},
    doi = {10.1007/978-3-658-33341-6},
    keywords = {Crisis, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlKaufhold, Dissertation},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Bridging from Crisis to Everyday Life – An Analysis of User Reviews of the Warning App NINA and the COVID-19 Information Apps CoroBuddy and DarfIchDas
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481745
    [BibTeX] [Abstract] [Download PDF]

    During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.

    @inproceedings{haunschild_bridging_2021,
    address = {Virtual Event, USA},
    title = {Bridging from {Crisis} to {Everyday} {Life} – {An} {Analysis} of {User} {Reviews} of the {Warning} {App} {NINA} and the {COVID}-19 {Information} {Apps} {CoroBuddy} and {DarfIchDas}},
    url = {https://peasec.de/paper/2021/2021_HaunschildReuter_UserReviewsWarningCovidApps_CSCWComp.pdf},
    doi = {10.1145/3462204.3481745},
    abstract = {During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {72--78},
    }

  • Marc-André Kaufhold, Markus Bayer, Daniel Hartung, Christian Reuter (2021)
    Design and Evaluation of Deep Learning Models for Real-Time Credibility Assessment in Twitter
    30th International Conference on Artificial Neural Networks (ICANN2021) Bratislava. doi:https://doi.org/10.1007/978-3-030-86383-8_32
    [BibTeX] [Abstract] [Download PDF]

    Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.

    @inproceedings{kaufhold_design_2021,
    address = {Bratislava},
    title = {Design and {Evaluation} of {Deep} {Learning} {Models} for {Real}-{Time} {Credibility} {Assessment} in {Twitter}},
    url = {https://peasec.de/paper/2021/2021_KaufholdBayerHartungReuter_DeepLearningCredibilityAssessmentTwitter_ICANN.pdf},
    doi = {https://doi.org/10.1007/978-3-030-86383-8_32},
    abstract = {Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.},
    booktitle = {30th {International} {Conference} on {Artificial} {Neural} {Networks} ({ICANN2021})},
    author = {Kaufhold, Marc-André and Bayer, Markus and Hartung, Daniel and Reuter, Christian},
    year = {2021},
    keywords = {Student, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--13},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Perceptions of Police Technology Use and Attitudes Towards the Police – A Representative Survey of the German Population
    Mensch und Computer – Workshopband Bonn. doi:10.18420/muc2021-mci-ws08-255
    [BibTeX] [Abstract] [Download PDF]

    Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.

    @inproceedings{haunschild_perceptions_2021,
    address = {Bonn},
    title = {Perceptions of {Police} {Technology} {Use} and {Attitudes} {Towards} the {Police} - {A} {Representative} {Survey} of the {German} {Population}},
    volume = {Mensch und Computer 2021 - Workshopband},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildReuter_PoliceTechnologyUseSurvey_MuC-WS.pdf},
    doi = {10.18420/muc2021-mci-ws08-255},
    abstract = {Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2021)
    Information Overload in Crisis Management: Bilingual Evaluation of Embedding Models for Clustering Social Media Posts in Emergencies
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.

    @inproceedings{bayer_information_2021,
    title = {Information {Overload} in {Crisis} {Management}: {Bilingual} {Evaluation} of {Embedding} {Models} for {Clustering} {Social} {Media} {Posts} in {Emergencies}},
    url = {https://peasec.de/paper/2021/2021_BayerKaufholdReuter_InformationOverloadInCrisisManagementBilingualEvaluation_ECIS.pdf},
    abstract = {Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--18},
    }

  • Steffen Haesler, Ragnark Mogk, Florentin Putz, Kevin T. Logan, Nadja Thiessen, Katharina Kleinschnitger, Lars Baumgärtner, Jan-Philipp Stroscher, Christian Reuter, Michele Knodt, Matthias Hollick (2021)
    Connected Self-Organized Citizens in Crises: An Interdisciplinary Resilience Concept for Neighborhoods
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481749
    [BibTeX] [Abstract] [Download PDF]

    When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.

    @inproceedings{haesler_connected_2021,
    address = {Virtual Event, USA},
    title = {Connected {Self}-{Organized} {Citizens} in {Crises}: {An} {Interdisciplinary} {Resilience} {Concept} for {Neighborhoods}},
    url = {https://peasec.de/paper/2021/2021_Haesleretal_ConnectedSelfOrganizedCitizensinCrises_CSCWComp.pdf},
    doi = {10.1145/3462204.3481749},
    abstract = {When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haesler, Steffen and Mogk, Ragnark and Putz, Florentin and Logan, Kevin T. and Thiessen, Nadja and Kleinschnitger, Katharina and Baumgärtner, Lars and Stroscher, Jan-Philipp and Reuter, Christian and Knodt, Michele and Hollick, Matthias},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Steffen Haesler, Stefka Schmid, Annemike Sophia Vierneisel, Christian Reuter (2021)
    Stronger Together: How Neighborhood Groups Build up a Virtual Network during the COVID-19 Pandemic
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2).
    [BibTeX] [Abstract] [Download PDF]

    During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.

    @article{haesler_stronger_2021,
    title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
    volume = {5},
    url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
    abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn
    Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.1755787
    [BibTeX] [Abstract] [Download PDF]

    Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.

    @article{riebe_measuring_2021,
    title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
    volume = {32},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
    doi = {10.1080/10242694.2020.1755787},
    abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
    number = {7},
    journal = {Defence and Peace Economics},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {773--785},
    }

  • Philipp Kuehn, Markus Bayer, Marc Wendelborn, Christian Reuter (2021)
    OVANA: An Approach to Analyze and Improve the Information Quality of Vulnerability Databases
    Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES 2021) . doi:10.1145/3465481.3465744
    [BibTeX] [Abstract] [Download PDF]

    Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.

    @inproceedings{kuehn_ovana_2021,
    title = {{OVANA}: {An} {Approach} to {Analyze} and {Improve} the {Information} {Quality} of {Vulnerability} {Databases}},
    isbn = {978-1-4503-9051-4},
    url = {https://peasec.de/paper/2021/2021_KuehnBayerWendelbornReuter_OVANAQualityVulnerabilityDatabases_ARES.pdf},
    doi = {10.1145/3465481.3465744},
    abstract = {Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.},
    booktitle = {Proceedings of the 16th {International} {Conference} on {Availability}, {Reliability} and {Security} ({ARES} 2021)},
    publisher = {ACM},
    author = {Kuehn, Philipp and Bayer, Markus and Wendelborn, Marc and Reuter, Christian},
    year = {2021},
    keywords = {Security, Peace, Ranking-CORE-B, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--11},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2021)
    Citizens‘ Perceived Information Responsibilities and Information Challenges During the COVID-19 Pandemic
    GoodIT ’21: Proceedings of the Conference on Information Technology for Social Good . doi:10.1145/3462203.3475886
    [BibTeX] [Abstract] [Download PDF]

    In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens‘ perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens‘ needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens‘ desire to stay informed.

    @inproceedings{haunschild_citizens_2021,
    title = {Citizens' {Perceived} {Information} {Responsibilities} and {Information} {Challenges} {During} the {COVID}-19 {Pandemic}},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildPauliReuter_InformationResponsibilitiesCovid19_GoodIT.pdf},
    doi = {10.1145/3462203.3475886},
    abstract = {In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens' perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens' needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens' desire to stay informed.},
    booktitle = {{GoodIT} '21: {Proceedings} of the {Conference} on {Information} {Technology} for {Social} {Good}},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {151--156},
    }

  • Rolf Egert, Nina Gerber, Jasmin Haunschild, Philipp Kuehn, Verena Zimmermann (2021)
    Towards Resilient Critical Infrastructures – Motivating Users to Contribute to Smart Grid Resilience
    i-com – Journal of Interactive Media ;20(2):161–175. doi:10.1515/icom-2021-0021
    [BibTeX] [Abstract] [Download PDF]

    Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers – capable of producing and consuming electricity – who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.

    @article{egert_towards_2021,
    series = {i-com},
    title = {Towards {Resilient} {Critical} {Infrastructures} - {Motivating} {Users} to {Contribute} to {Smart} {Grid} {Resilience}},
    volume = {20},
    url = {https://www.degruyter.com/document/doi/10.1515/icom-2021-0021/html},
    doi = {10.1515/icom-2021-0021},
    abstract = {Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers - capable of producing and consuming electricity - who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.},
    number = {2},
    journal = {i-com - Journal of Interactive Media},
    author = {Egert, Rolf and Gerber, Nina and Haunschild, Jasmin and Kuehn, Philipp and Zimmermann, Verena},
    year = {2021},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {161--175},
    }

    2020

  • Thea Riebe, Jasmin Haunschild, Felix Divo, Matthias Lang, Gerbert Roitburd, Jonas Franken, Christian Reuter (2020)
    Die Veränderung der Vorratsdatenspeicherung in Europa
    Datenschutz und Datensicherheit – DuD ;44(5):316–321. doi:10.1007/s11623-020-1275-3
    [BibTeX] [Abstract] [Download PDF]

    Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.

    @article{riebe_veranderung_2020,
    title = {Die {Veränderung} der {Vorratsdatenspeicherung} in {Europa}},
    volume = {44},
    url = {https://www.peasec.de/paper/2020/2020_Riebeetal_VDSinEuropa_DuD.pdf},
    doi = {10.1007/s11623-020-1275-3},
    abstract = {Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.},
    number = {5},
    journal = {Datenschutz und Datensicherheit - DuD},
    author = {Riebe, Thea and Haunschild, Jasmin and Divo, Felix and Lang, Matthias and Roitburd, Gerbert and Franken, Jonas and Reuter, Christian},
    year = {2020},
    keywords = {Student, Security, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-ATHENE-SecUrban},
    pages = {316--321},
    }

  • Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter (2020)
    Warning the Public: A Survey on Attitudes, Expectations and Use of Mobile Crisis Apps in Germany
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.

    @inproceedings{kaufhold_warning_2020,
    title = {Warning the {Public}: {A} {Survey} on {Attitudes}, {Expectations} and {Use} of {Mobile} {Crisis} {Apps} in {Germany}},
    url = {http://www.peasec.de/paper/2020/2020_KaufholdHaunschildReuter_WarningthePublic_ECIS.pdf},
    abstract = {As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    publisher = {AIS},
    author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, A-Paper, Ranking-VHB-B, Ranking-WKWI-A, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-ATHENE-FANCY, Projekt-emergenCITY},
    }

  • Steffen Haesler, Stefka Schmid, Christian Reuter (2020)
    Crisis Volunteering Nerds: Three Months After COVID-19 Hackathon \#WirVsVirus
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424584
    [BibTeX] [Abstract] [Download PDF]

    The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.

    @inproceedings{haesler_crisis_2020,
    title = {Crisis {Volunteering} {Nerds}: {Three} {Months} {After} {COVID}-19 {Hackathon} \#{WirVsVirus}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424584},
    doi = {10.1145/3406324.3424584},
    abstract = {The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    publisher = {ACM},
    author = {Haesler, Steffen and Schmid, Stefka and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--56},
    }

  • Christian Reuter, Marc-André Kaufhold, Tina Comes, Michèle Knodt, Max Mühlhäuser (2020)
    Mobile Resilience: Designing Mobile Interactive Systems for Societal and Technical Resilience
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424590
    [BibTeX] [Abstract] [Download PDF]

    Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.

    @inproceedings{reuter_mobile_2020,
    title = {Mobile {Resilience}: {Designing} {Mobile} {Interactive} {Systems} for {Societal} and {Technical} {Resilience}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424590},
    doi = {10.1145/3406324.3424590},
    abstract = {Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    author = {Reuter, Christian and Kaufhold, Marc-André and Comes, Tina and Knodt, Michèle and Mühlhäuser, Max},
    year = {2020},
    keywords = {Crisis, HCI, SocialMedia, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {1--3},
    }

  • Christian Reuter, Jasmin Haunschild, Matthias Hollick, Max Mühlhäuser, Joachim Vogt, Michael Kreutzer (2020)
    Towards Secure Urban Infrastructures: Cyber Security Challenges to Information and Communication Technology in Smart Cities
    Mensch und Computer 2020 – Workshopband Magdeburg. doi:10.18420/muc2020-ws117-408
    [BibTeX] [Abstract] [Download PDF]

    The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.

    @inproceedings{reuter_towards_2020,
    address = {Magdeburg},
    title = {Towards {Secure} {Urban} {Infrastructures}: {Cyber} {Security} {Challenges} to {Information} and {Communication} {Technology} in {Smart} {Cities}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/33550/muc2020-ws-408.pdf},
    doi = {10.18420/muc2020-ws117-408},
    abstract = {The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.},
    booktitle = {Mensch und {Computer} 2020 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Reuter, Christian and Haunschild, Jasmin and Hollick, Matthias and Mühlhäuser, Max and Vogt, Joachim and Kreutzer, Michael},
    editor = {Hansen, C. and Nürnberger, A. and Preim, B.},
    year = {2020},
    keywords = {Crisis, UsableSec, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--7},
    }

  • Philipp Kuehn, Thea Riebe, Lynn Apelt, Max Jansen, Christian Reuter (2020)
    Sharing of Cyber Threat Intelligence between States
    S+F Sicherheit und Frieden / Peace and Security ;38(1):22–28. doi:10.5771/0175-274X-2020-1-22
    [BibTeX] [Abstract] [Download PDF]

    Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.

    @article{kuehn_sharing_2020,
    title = {Sharing of {Cyber} {Threat} {Intelligence} between {States}},
    volume = {38},
    url = {http://www.peasec.de/paper/2020/2020_KuehnRiebeApeltJansenReuter_SharingCyberThreatIntelligence_SF.pdf},
    doi = {10.5771/0175-274X-2020-1-22},
    abstract = {Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.},
    number = {1},
    journal = {S+F Sicherheit und Frieden / Peace and Security},
    author = {Kuehn, Philipp and Riebe, Thea and Apelt, Lynn and Jansen, Max and Reuter, Christian},
    year = {2020},
    keywords = {Student, Security, Peace, Projekt-DualUse, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {22--28},
    }

  • Christian Reuter, Jürgen Altmann, Malte Göttsche, Mirko Himmel (2020)
    Zur naturwissenschaftlich-technischen Friedens- und Konfliktforschung – Aktuelle Herausforderungen und Bewertung der Empfehlungen des Wissenschaftsrats
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;9(1):143–154. doi:10.1007/s42597-020-00035-z
    [BibTeX] [Abstract] [Download PDF]

    ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.

    @article{reuter_zur_2020,
    title = {Zur naturwissenschaftlich-technischen {Friedens}- und {Konfliktforschung} – {Aktuelle} {Herausforderungen} und {Bewertung} der {Empfehlungen} des {Wissenschaftsrats}},
    volume = {9},
    url = {https://link.springer.com/content/pdf/10.1007/s42597-020-00035-z.pdf},
    doi = {10.1007/s42597-020-00035-z},
    abstract = {ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2020},
    keywords = {Security, Peace, Projekt-CROSSING, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {143--154},
    }

  • Christian Reuter (2020)
    Towards IT Peace Research: Challenges at the Intersection of Peace and Conflict Research and Computer Science
    S+F Sicherheit und Frieden / Peace and Security ;38(1):10–16. doi:10.5771/0175-274X-2020-1-10
    [BibTeX] [Abstract] [Download PDF]

    Advances in science and technology, including information technology (IT), play a crucial role in the context of peace and security. However, research on the intersection of peace and conflict research as well as computer science is not well established yet. This article highlights the need for further work in the area of research “IT peace research”, which includes both empirical research on the role of IT in peace and security, as well as technical research to design technologies and applications. Based on the elaboration of the disciplines, central challenges, such as insecurity, actors, attribution and laws, are outlined.

    @article{reuter_towards_2020-1,
    title = {Towards {IT} {Peace} {Research}: {Challenges} at the {Intersection} of {Peace} and {Conflict} {Research} and {Computer} {Science}},
    volume = {38},
    url = {https://www.nomos-elibrary.de/10.5771/0175-274X-2020-1-10.pdf},
    doi = {10.5771/0175-274X-2020-1-10},
    abstract = {Advances in science and technology, including information technology (IT), play a crucial role in the context of peace and security. However, research on the intersection of peace and conflict research as well as computer science is not well established yet. This article highlights the need for further work in the area of research “IT peace research”, which includes both empirical research on the role of IT in peace and security, as well as technical research to design technologies and applications. Based on the elaboration of the disciplines, central challenges, such as insecurity, actors, attribution and laws, are outlined.},
    number = {1},
    journal = {S+F Sicherheit und Frieden / Peace and Security},
    author = {Reuter, Christian},
    year = {2020},
    keywords = {Security, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {10--16},
    }

  • Thomas Reinhold (2020)
    Verfassungs- und völkerrechtliche Fragen im militärischen Cyber- und Informationsraum unter besonderer Berücksichtigung des Parlamentsvorbehalts, der Zurechenbarkeit von Cyberangriffen sowie einer möglichen Anpassung nationaler und internationaler Normen
    In: : Deutscher Bundestag, Verteidigungsausschuss. Deutscher Bundestag, Verteidigungsausschuss, , 1–9.
    [BibTeX] [Download PDF]

    @incollection{reinhold_verfassungs-_2020,
    title = {Verfassungs- und völkerrechtliche {Fragen} im militärischen {Cyber}- und {Informationsraum} unter besonderer {Berücksichtigung} des {Parlamentsvorbehalts}, der {Zurechenbarkeit} von {Cyberangriffen} sowie einer möglichen {Anpassung} nationaler und internationaler {Normen}},
    url = {https://www.bundestag.de/resource/blob/824622/67fc9db4f856a8445355562500d2a134/stellungnahme-Thomas-Reinhold_15-03-2021-data.pdf},
    booktitle = {Deutscher {Bundestag}, {Verteidigungsausschuss}},
    publisher = {Deutscher Bundestag, Verteidigungsausschuss},
    author = {Reinhold, Thomas},
    year = {2020},
    keywords = {Security, Peace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {1--9},
    }

  • Marc-André Kaufhold (2020)
    Information Refinement Technologies for Crisis Informatics: User Expectations and Design Implications for Social Media and Mobile Apps in Crisis
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt.
    [BibTeX] [Abstract] [Download PDF]

    In den letzten 20 Jahren haben sich mobile Technologien und soziale Medien nicht nur im Alltag, sondern auch in Krisensituationen etabliert. Insbesondere großflächige Ereignisse wie der Hurrikan Sandy (2012) oder das mitteleuropäische Hochwasser (2013) haben gezeigt, dass sich die Bevölkerung aktiv mit Informations- und Kommunikationstechnologie (IKT) an der Schadensbewältigung beteiligt (Reuter, Hughes, et al., 2018). Daraus ist das Forschungsfeld der Kriseninformatik entstanden, welches Wissen der Informatik und Gesellschaftswissenschaften kombiniert und zudem in Disziplinen wie der MenschMaschine-Interaktion (HCI), Computerunterstützten Gruppenarbeit (CSCW) und Wirtschaftsinformatik (WI) verankert ist. Während die Bevölkerung IKT einsetzt, um die Unsicherheiten in Krisen zu bewältigen, nutzen Behörden und Organisationen mit Sicherheitsaufgaben (BOS), etwa Feuerwehr und Polizei, öffentliche Daten, um das Situationsbewusstsein und die Entscheidungsfindung für eine bessere Schadensbewältigung zu verbessern (Palen & Anderson, 2016). Noch größere Katastrophen wie die aktuelle COVID-19-Pandemie verstärken dabei die Herausforderungen der Kriseninformatik (Xie et al., 2020). Für BOS stellt die umfangreiche Menge heterogener und semantisch verknüpfter Daten, auch Social Big Data genannt (Olshannikova et al., 2017), eine große Herausforderung im Hinblick auf die Qualität, Quantität und den Zugriff auf relevante Informationen dar. Um ein Situationsbewusstsein und nutzbare Informationen, d. h. die richtigen Informationen zur richtigen Zeit bei der richtigen Person, zu erhalten (Zade et al., 2018), müssen Informationen auf die Bedingungen des Ereignisses, organisationale Anforderungen, soziale Rahmenbedingungen und technische Möglichkeiten verfeinert werden. Diese Dissertation kombiniert das methodische Framework der Designfallstudien (Wulf et al., 2011) mit den Prinzipien der Design-Science-Forschung (Hevner et al., 2004), um das Thema der Informationsverfeinerung (Information Refinement) in vier Phasen zu untersuchen, wovon jede unterschiedliche Forschungsbeiträge hervorbringt. Die Arbeit begutachtet zunächst Nutzungs-, Rollen- und Wahrnehmungsmuster in der Kriseninformatik und stellt die Potenziale sozialer Medien zur öffentlichen Teilhabe an der Krisenbewältigung heraus. Die empirische Studien mit der deutschen Bevölkerung zeigen die positiven Einstellungen und die steigende Nutzung mobiler und sozialer Technologien in Krisen, stellen aber auch Barrieren heraus und zeigen die Erwartung, dass BOS in soziale Medien aktiv sind. Die Ergebnisse fundieren das Design innovativer IKT-Artefakte, darunter visuelle Bevölkerungsrichtlinien für soziale Medien in Krisen (SMG), ein Web-Interface für BOS zur Aggregation mobiler und sozialer Daten (ESI), ein Algorithmus zur Extraktion relevanter Informationen in sozialen Medien (SMO), und eine mobile App für die bidirektionale Kommunikation zwischen BOS und Bevölkerung (112.social). Die Evaluation der Artefakte involviert EndnutzerInnen aus dem Anwendungsfeld des Krisenmanagements, um potenziale für Verbesserungen und zukünftige Forschung zu identifizieren. Die Arbeit schließt mit einem Framework zur Informationsverfeinerung für die Kriseninformatik ab, welche die event-, gesellschafts-, organisation- und technologiebasierte Perspektive integriert.

    @book{kaufhold_information_2020,
    address = {Darmstadt, Germany},
    title = {Information {Refinement} {Technologies} for {Crisis} {Informatics}: {User} {Expectations} and {Design} {Implications} for {Social} {Media} and {Mobile} {Apps} in {Crisis}},
    url = {https://doi.org/10.26083/tuprints-00017474},
    abstract = {In den letzten 20 Jahren haben sich mobile Technologien und soziale Medien nicht nur im Alltag, sondern auch in Krisensituationen etabliert. Insbesondere großflächige Ereignisse wie der Hurrikan Sandy (2012) oder das mitteleuropäische Hochwasser (2013) haben gezeigt, dass sich die Bevölkerung aktiv mit Informations- und Kommunikationstechnologie (IKT) an der Schadensbewältigung beteiligt (Reuter, Hughes, et al., 2018). Daraus ist das Forschungsfeld der Kriseninformatik entstanden, welches Wissen der Informatik und Gesellschaftswissenschaften kombiniert und zudem in Disziplinen wie der MenschMaschine-Interaktion (HCI), Computerunterstützten Gruppenarbeit (CSCW) und Wirtschaftsinformatik (WI) verankert ist. Während die Bevölkerung IKT einsetzt, um die Unsicherheiten in Krisen zu bewältigen, nutzen Behörden und Organisationen mit Sicherheitsaufgaben (BOS), etwa Feuerwehr und Polizei, öffentliche Daten, um das Situationsbewusstsein und die Entscheidungsfindung für eine bessere Schadensbewältigung zu verbessern (Palen \& Anderson, 2016). Noch größere Katastrophen wie die aktuelle COVID-19-Pandemie verstärken dabei die Herausforderungen der Kriseninformatik (Xie et al., 2020). Für BOS stellt die umfangreiche Menge heterogener und semantisch verknüpfter Daten, auch Social Big Data genannt (Olshannikova et al., 2017), eine große Herausforderung im Hinblick auf die Qualität, Quantität und den Zugriff auf relevante Informationen dar. Um ein Situationsbewusstsein und nutzbare Informationen, d. h. die richtigen Informationen zur richtigen Zeit bei der richtigen Person, zu erhalten (Zade et al., 2018), müssen Informationen auf die Bedingungen des Ereignisses, organisationale Anforderungen, soziale Rahmenbedingungen und technische Möglichkeiten verfeinert werden. Diese Dissertation kombiniert das methodische Framework der Designfallstudien (Wulf et al., 2011) mit den Prinzipien der Design-Science-Forschung (Hevner et al., 2004), um das Thema der Informationsverfeinerung (Information Refinement) in vier Phasen zu untersuchen, wovon jede unterschiedliche Forschungsbeiträge hervorbringt. Die Arbeit begutachtet zunächst Nutzungs-, Rollen- und Wahrnehmungsmuster in der Kriseninformatik und stellt die Potenziale sozialer Medien zur öffentlichen Teilhabe an der Krisenbewältigung heraus. Die empirische Studien mit der deutschen Bevölkerung zeigen die positiven Einstellungen und die steigende Nutzung mobiler und sozialer Technologien in Krisen, stellen aber auch Barrieren heraus und zeigen die Erwartung, dass BOS in soziale Medien aktiv sind. Die Ergebnisse fundieren das Design innovativer IKT-Artefakte, darunter visuelle Bevölkerungsrichtlinien für soziale Medien in Krisen (SMG), ein Web-Interface für BOS zur Aggregation mobiler und sozialer Daten (ESI), ein Algorithmus zur Extraktion relevanter Informationen in sozialen Medien (SMO), und eine mobile App für die bidirektionale Kommunikation zwischen BOS und Bevölkerung (112.social). Die Evaluation der Artefakte involviert EndnutzerInnen aus dem Anwendungsfeld des Krisenmanagements, um potenziale für Verbesserungen und zukünftige Forschung zu identifizieren. Die Arbeit schließt mit einem Framework zur Informationsverfeinerung für die Kriseninformatik ab, welche die event-, gesellschafts-, organisation- und technologiebasierte Perspektive integriert.},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt},
    author = {Kaufhold, Marc-André},
    year = {2020},
    keywords = {Crisis, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Dissertation},
    }

  • Marc-André Kaufhold, Markus Bayer, Christian Reuter (2020)
    Rapid relevance classification of social media posts in disasters and emergencies: A system and evaluation featuring active, incremental and online learning
    Information Processing & Management (IPM) ;57(1):1–32.
    [BibTeX] [Abstract] [Download PDF]

    The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.

    @article{kaufhold_rapid_2020,
    title = {Rapid relevance classification of social media posts in disasters and emergencies: {A} system and evaluation featuring active, incremental and online learning},
    volume = {57},
    url = {https://peasec.de/paper/2020/2020_KaufholdBayerReuter_RapidRelevanceClassification_IPM.pdf},
    abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.},
    number = {1},
    journal = {Information Processing \& Management (IPM)},
    author = {Kaufhold, Marc-André and Bayer, Markus and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Ranking-WKWI-B, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--32},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2020)
    Sticking with Landlines? Citizens‘ and Police Social Media Use and Expectation During Emergencies
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) (Best Paper Social Impact Award) Potsdam, Germany. doi:10.30844/wi_2020_o2-haunschild
    [BibTeX] [Abstract] [Download PDF]

    Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens‘ perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens‘ perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services‘ social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.

    @inproceedings{haunschild_sticking_2020,
    address = {Potsdam, Germany},
    title = {Sticking with {Landlines}? {Citizens}' and {Police} {Social} {Media} {Use} and {Expectation} {During} {Emergencies}},
    url = {http://www.peasec.de/paper/2020/2020_HaunschildKaufholdReuter_SocialMediaPoliceSurvey_WI.pdf},
    doi = {10.30844/wi_2020_o2-haunschild},
    abstract = {Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens' perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens' perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services' social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI}) ({Best} {Paper} {Social} {Impact} {Award})},
    publisher = {AIS Electronic Library (AISel)},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, Ranking-CORE-C, Ranking-VHB-C, Ranking-WKWI-A, Projekt-MAKI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--16},
    }

    ATHENE-PriVis: Visualization-based Technologies as Enablers for Privacy Sovereignty Online (01.01.2023-31.12.2026, BMBF+HMWK)

    ATHENE-PriVis: Visualization-based Technologies as Enablers for Privacy Sovereignty Online
    (01.01.2023-31.12.2026)

    Current digital environments present a highly complex landscape regarding privacy. In online contexts such as social networks, mobile devices, or Internet-of-Things (IoT) devices, privacy losses or violations are not always trivial to perceive and decide upon. This complicates the design of privacy regulations and leaves online providers with ample scope to design and implement their  products to collect, store, process and disclose end-users’ personal information, hence endangering end-users’ data and privacy sovereignty. While regulations such as the General Data Protection Regulation (GDPR) aim to strengthen users’ rights to privacy sovereignty, current approaches that aim to make use of this regulation in order to promote the conscious handling of personal information online fall short of the desired effects in three important ways. (1) Privacy-enhancing regulations and technical solutions lack comprehensibility and usability for end-users. (2) The inherent connections among individuals and their personal data lead to the fact that a person’s privacy is not only affected by their own decisions, but also by those of other individuals or organizations. (3) In current research and practice, there is a lack of strategies for addressing privacy sovereignty needs that are tailored to individual circumstances, e.g., individual with little IT competence. Hence, the overarching goal of the research project “Visualization-based Technologies as Enablers for Privacy Sovereignty Online” (PriVis) is to develop prototypes of user interfaces employing personalized visualization-based Transparency-enhancing technologies (TETs) based on a detailed evaluation of user needs when interacting with the digital world. Personalized visualization-based TETs are defined as “transparency-enhancing technologies which incorporate information visualization techniques to increase the perceived transparency of personal data for users and are customizable for different user groups.”

    ATHENE – Nationales Forschungszentrum für angewandte Cybersicherheit (seit 1.1.2019, BMBF+HMWK) – Website

    Das Nationale Forschungs­zentrum für angewandte Cyber­sicher­heit ATHENE ist eine Forschungseinrichtung der Fraunhofer-Institute SIT und IGD sowie der Hochschulen TU Darmstadt und Hochschule Darmstadt. In einem bisher einzigartigen und innovativen Kooperations­modell von universitärer und außeruniversitärer Forschung betreibt ATHENE Spitzenforschung zum Wohl von Wirtschaft, Gesellschaft und Staat und setzt Impulse in der Wissenschaft. Das Forschungs­zentrum arbeitet agil und effizient und kann so auch kurzfristig auf neue He­raus­for­de­rung­en und veränderte Bedroh­ungs­lagen reagieren. ATHENE wird gefördert vom Bundesministerium für Bildung und Forschung (BMBF) und vom Hessischen Ministerium für Wissenschaft und Kunst (HMWK) und hat seinen Standort in der Wissen­schafts­stadt Darmstadt, Deutschlands erster Adresse für Cyber­sicher­heits­for­schung.

    2024

  • Jasmin Haunschild, Laura Guntrum, Sofía Cerrillo, Franziska Bujara, Christian Reuter (2024)
    Towards a Digitally Mediated Transitional Justice Process? An Analysis of Colombian Transitional Justice Organisations’ Posting Behaviour on Facebook
    Peace and Conflict Studies .
    [BibTeX] [Abstract]

    In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.

    @article{haunschild_towards_2024,
    title = {Towards a {Digitally} {Mediated} {Transitional} {Justice} {Process}? {An} {Analysis} of {Colombian} {Transitional} {Justice} {Organisations}’ {Posting} {Behaviour} on {Facebook}},
    abstract = {In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.},
    journal = {Peace and Conflict Studies},
    author = {Haunschild, Jasmin and Guntrum, Laura and Cerrillo, Sofía and Bujara, Franziska and Reuter, Christian},
    year = {2024},
    keywords = {SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban},
    }

  • Franz Kuntke (2024)
    Resilient Smart Farming: Crisis-Capable Information and Communication Technologies for Agriculture
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{kuntke_resilient_2024,
    address = {Wiesbaden, Germany},
    title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
    publisher = {Springer Vieweg},
    author = {Kuntke, Franz},
    year = {2024},
    keywords = {Crisis, HCI, UsableSec, Security, RSF, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{haunschild_enhancing_2024,
    address = {Darmstadt, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{haunschild_enhancing_2024-1,
    address = {Wiesbaden, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Springer Vieweg},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Felix Burger, Jasmin Haunschild, Christian Reuter (2024)
    Understanding Crisis Preparedness: Insights from Personal Values, Beliefs, Social Norms, and Personal Norms
    Proceedings of the 17th International Conference on Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract]

    In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants‘ beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.

    @inproceedings{burger_understanding_2024,
    title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
    abstract = {In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants' beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.},
    booktitle = {Proceedings of the 17th {International} {Conference} on {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Burger, Felix and Haunschild, Jasmin and Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Student},
    }

    2023

  • Stefka Schmid, Laura Guntrum, Steffen Haesler, Lisa Schultheiß, Christian Reuter (2023)
    Digital Volunteers During the COVID-19 Pandemic: Care Work on Social Media for Socio-technical Resilience
    Weizenbaum Journal of the Digital Society ;3(1). doi:10.34669/WI.WJDS/3.3.6
    [BibTeX] [Abstract] [Download PDF]

    Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.

    @article{schmid_digital_2023,
    title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
    volume = {3},
    issn = {2748-5625},
    url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
    doi = {10.34669/WI.WJDS/3.3.6},
    abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.},
    number = {1},
    journal = {Weizenbaum Journal of the Digital Society},
    author = {Schmid, Stefka and Guntrum, Laura and Haesler, Steffen and Schultheiß, Lisa and Reuter, Christian},
    month = may,
    year = {2023},
    keywords = {Crisis, HCI, SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-TraCe},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;12(1):31–58. doi:10.1007/s42597-023-00099-7
    [BibTeX] [Abstract] [Download PDF]

    While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.

    @article{reinhold_preventing_2023,
    title = {Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack},
    volume = {12},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00099-7},
    doi = {10.1007/s42597-023-00099-7},
    abstract = {While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = apr,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {31--58},
    }

  • Philipp Kuehn, Mike Schmidt, Markus Bayer, Christian Reuter (2023)
    ThreatCrawl: A BERT-based Focused Crawler for the Cybersecurity Domain
    2023.
    [BibTeX] [Abstract] [Download PDF]

    Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.

    @techreport{kuehn_threatcrawl_2023,
    title = {{ThreatCrawl}: {A} {BERT}-based {Focused} {Crawler} for the {Cybersecurity} {Domain}},
    shorttitle = {{ThreatCrawl}},
    url = {http://arxiv.org/abs/2304.11960},
    abstract = {Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.},
    number = {arXiv:2304.11960},
    urldate = {2023-04-27},
    institution = {arXiv},
    author = {Kuehn, Philipp and Schmidt, Mike and Bayer, Markus and Reuter, Christian},
    month = apr,
    year = {2023},
    note = {arXiv:2304.11960 [cs]},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Philipp Kuehn, David N. Relke, Christian Reuter (2023)
    Common vulnerability scoring system prediction based on open source intelligence information sources
    Computers & Security . doi:10.1016/j.cose.2023.103286
    [BibTeX] [Abstract] [Download PDF]

    The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.

    @article{kuehn_common_2023,
    title = {Common vulnerability scoring system prediction based on open source intelligence information sources},
    url = {https://peasec.de/paper/2023/2023_KuehnRelkeReuter_CommonVulnerabilityScoringSystemOSINT_CompSec.pdf},
    doi = {10.1016/j.cose.2023.103286},
    abstract = {The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.},
    journal = {Computers \& Security},
    author = {Kuehn, Philipp and Relke, David N. and Reuter, Christian},
    year = {2023},
    keywords = {Student, UsableSec, Security, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Verena Zimmermann, Jasmin Haunschild, Alina Stöver, Nina Gerber (2023)
    Safe AND Secure Infrastructures? – Studying Human Aspects of Safety and Security Incidents with Experts from both Domains
    Mensch und Computer 2023 – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-225
    [BibTeX] [Abstract] [Download PDF]

    In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.

    @inproceedings{zimmermann_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe {AND} {Secure} {Infrastructures}? – {Studying} {Human} {Aspects} of {Safety} and {Security} {Incidents} with {Experts} from both {Domains}},
    url = {https://dl.gi.de/items/9c1d2bd5-229f-4db0-a764-6126cf92ef5f},
    doi = {10.18420/muc2023-mci-ws01-225},
    abstract = {In today’s digitalized and interconnected world, the traditionally distinct concepts security and safety are increasingly intertwined. For example, a cyber attack on a hospital can negatively impact the patients’ physical safety. Thus, security research and practice should consider these interactions. To explore human-related challenges at the intersection of safety and security, we conducted three focus group workshops with N= 16 experts from both domains. We introduced two scenarios leading to a power outage, one with a safety-related cause (snow storm) and one with a security-related cause (cyber attack). The experts discussed interactions, differences and parallels in coping with the scenarios. Additionally, potential solutions for building response capacity by including volunteers were explored. The findings indicate similar consequences resulting from the safety- vs. security-related incidents. However, the experts identified relevant differences in the challenges preparing for and coping with the scenarios. While security-related challenges included the incalculable time horizon, impact and cascading effects as well as lack of emergency plans and training, safety challengesmainly concerned accessibility of the affected area. The implications for future work are discussed.},
    language = {de},
    booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Stöver, Alina and Gerber, Nina},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    }

  • Stefka Schmid (2023)
    Safe and Secure? Visions of Military Human-Computer Interaction
    Mensch und Computer 2023 – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-365
    [BibTeX] [Abstract] [Download PDF]

    Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.

    @inproceedings{schmid_safe_2023,
    address = {Rapperswil, Switzerland},
    title = {Safe and {Secure}? {Visions} of {Military} {Human}-{Computer} {Interaction}},
    url = {https://dl.gi.de/items/841cc5bd-8e25-40de-804f-8fb4fedddf11},
    doi = {10.18420/muc2023-mci-ws01-365},
    abstract = {Safety-critical human-computer interaction has focused on technology use in life-critical situations, including military operations. Due to the practical relevance of HCI and disciplinary debates about human-centered design, this literature review studies HCI scholarships’ visions of military human-computer interaction. Through text analysis and categorization of publications, it is found that interaction is envisioned to take place in the context of both missionoriented operational (e.g., target detection) as well as organizational tasks (e.g., military training). While artificial intelligence, virtual/augmented reality, and robots are most frequently defined as technological environments, goals, such as situation awareness, enjoyment, and trust are predominantly associated with them. Considering scholarly references to application contexts and different factors of the context of use allows to systematically approach how military human-computer interaction is imagined. Offering insight into research trends in HCI, this first overview of research endeavors also contributes to interdisciplinary debates, such as Security Studies and technology assessment.},
    language = {de},
    booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Schmid, Stefka},
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Jonas Franken, Marco Zivkovic, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Das Netz hat Geschichte: Historisch-technische Analyse der kritischen Infrastrukturen in der Region Rhein/Main
    In: : INFORMATIK 2023: 53. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge). Bonn: Gesellschaft für Informatik e. V., , 1–6. doi:10.18420/inf2023_159
    [BibTeX] [Abstract] [Download PDF]

    Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.

    @incollection{franken_netz_2023,
    address = {Bonn},
    title = {Das {Netz} hat {Geschichte}: {Historisch}-technische {Analyse} der kritischen {Infrastrukturen} in der {Region} {Rhein}/{Main}},
    url = {https://peasec.de/paper/2023/2023_FrankenZivkovicThiessenEngelsReuter_NetzGeschichte_GI.pdf},
    abstract = {Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.},
    booktitle = {{INFORMATIK} 2023: 53. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Franken, Jonas and Zivkovic, Marco and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_159},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--6},
    }

  • Marco Zivkovic, Jonas Franken, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Infrastrukturen und historisches Wissen: Eine interdisziplinäre Analyse der Resilienz von Schienen- und Kabelnetzen
    Tagungsband Fachtagung Katastrophenforschung 2023 Leoben.
    [BibTeX] [Abstract] [Download PDF]

    Im Forschungsprojekt “ Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”“ wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.

    @inproceedings{zivkovic_infrastrukturen_2023,
    address = {Leoben},
    title = {Infrastrukturen und historisches {Wissen}: {Eine} interdisziplinäre {Analyse} der {Resilienz} von {Schienen}- und {Kabelnetzen}},
    isbn = {978-3-900397-11-1},
    url = {https://peasec.de/paper/2023/2023_ZivkovicFrankenThiessenEngelsReuter_InfrastrukturenHistorischesWissen_FKF23.pdf},
    abstract = {Im Forschungsprojekt " Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”" wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.},
    booktitle = {Tagungsband {Fachtagung} {Katastrophenforschung} 2023},
    publisher = {Disaster Competence Network Austria},
    author = {Zivkovic, Marco and Franken, Jonas and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-NetzGeschichte},
    }

  • Thomas Reinhold, Philipp Kuehn, Daniel Günther, Thomas Schneider, Christian Reuter (2023)
    ExTRUST: Reducing Exploit Stockpiles With a Privacy-Preserving Depletion Systems for Inter-State Relationships
    IEEE Transactions on Technology and Society ;4(2):158–170. doi:10.1109/TTS.2023.3280356
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.

    @article{reinhold_extrust_2023,
    title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
    volume = {4},
    url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
    doi = {10.1109/TTS.2023.3280356},
    abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
    number = {2},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Selected, Student, A-Paper, Peace, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    pages = {158--170},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2023)
    Preparedness Nudging for Warning Apps? A Mixed-Method Study Investigating Popularity and Effects of Preparedness Alerts in Warning Apps
    International Journal on Human-Computer Studies (IJHCS) ;172:102995. doi:https://doi.org/10.1016/j.ijhcs.2023.102995
    [BibTeX] [Abstract] [Download PDF]

    Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.

    @article{haunschild_preparedness_2023,
    title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
    volume = {172},
    issn = {1071-5819},
    url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
    doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
    abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, Student, A-Paper, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {102995},
    }

  • Thomas Reinhold, Helene Pleil, Christian Reuter (2023)
    Challenges for Cyber Arms Control: A Qualitative Expert Interview Study
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) ;16(3):289–310. doi:10.1007/s12399-023-00960-w
    [BibTeX] [Abstract] [Download PDF]

    The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.

    @article{reinhold_challenges_2023,
    title = {Challenges for {Cyber} {Arms} {Control}: {A} {Qualitative} {Expert} {Interview} {Study}},
    volume = {16},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-023-00960-w},
    doi = {10.1007/s12399-023-00960-w},
    abstract = {The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.},
    number = {3},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Pleil, Helene and Reuter, Christian},
    month = aug,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {289--310},
    }

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2023)
    A Survey on Data Augmentation for Text Classification
    ACM Computing Surveys (CSUR) ;55(7):1–39. doi:10.1145/3544558
    [BibTeX] [Abstract] [Download PDF]

    Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.

    @article{bayer_survey_2023,
    title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
    volume = {55},
    url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
    doi = {10.1145/3544558},
    abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
    number = {7},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--39},
    }

  • Steffen Haesler, Marc Wendelborn, Christian Reuter (2023)
    Getting the Residents‘ Attention: The Perception of Warning Channels in Smart Home Warning Systems
    Proceedings of the ACM Designing Interactive Systems Conference (DIS) New York, NY, USA. doi:10.1145/3563657.3596076
    [BibTeX] [Abstract] [Download PDF]

    About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.

    @inproceedings{haesler_getting_2023,
    address = {New York, NY, USA},
    series = {{DIS} '23},
    title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
    isbn = {978-1-4503-9893-0},
    url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
    doi = {10.1145/3563657.3596076},
    abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
    booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
    publisher = {Association for Computing Machinery},
    author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
    year = {2023},
    note = {event-place: Pittsburgh, PA, USA},
    keywords = {Crisis, HCI, Student, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1114--1127},
    }

  • Laura Guntrum, Sebastian Schwartz, Christian Reuter (2023)
    Dual-Use Technologies in the Context of Autonomous Driving: An Empirical Case Study From Germany
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00935-3
    [BibTeX] [Abstract] [Download PDF]

    The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.

    @article{guntrum_dual-use_2023,
    title = {Dual-{Use} {Technologies} in the {Context} of {Autonomous} {Driving}: {An} {Empirical} {Case} {Study} {From} {Germany}},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-022-00935-3},
    doi = {10.1007/s12399-022-00935-3},
    abstract = {The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Guntrum, Laura and Schwartz, Sebastian and Reuter, Christian},
    month = jan,
    year = {2023},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Thomas Reinhold, Christian Reuter (2023)
    Zur Debatte über die Einhegung eines Cyberwars: Analyse militärischer Cyberaktivitäten im Krieg Russlands gegen die Ukraine
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) . doi:10.1007/s42597-023-00094-y
    [BibTeX] [Abstract] [Download PDF]

    Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.

    @article{reinhold_zur_2023,
    title = {Zur {Debatte} über die {Einhegung} eines {Cyberwars}: {Analyse} militärischer {Cyberaktivitäten} im {Krieg} {Russlands} gegen die {Ukraine}},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00094-y},
    doi = {10.1007/s42597-023-00094-y},
    abstract = {Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = mar,
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    }

  • Elise Özalp, Katrin Hartwig, Christian Reuter (2023)
    Trends in Explainable Artificial Intelligence for Non-Experts
    In: Peter Klimczak, Christer Petersen: AI – Limits and Prospects of Artificial Intelligence. Bielefeld: Transcript Verlag, , 223–243.
    [BibTeX] [Abstract] [Download PDF]

    In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.

    @incollection{ozalp_trends_2023,
    address = {Bielefeld},
    title = {Trends in {Explainable} {Artificial} {Intelligence} for {Non}-{Experts}},
    url = {https://www.transcript-verlag.de/978-3-8376-5732-6/ai-limits-and-prospects-of-artificial-intelligence/?c=313000019},
    abstract = {In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.},
    booktitle = {{AI} - {Limits} and {Prospects} of {Artificial} {Intelligence}},
    publisher = {Transcript Verlag},
    author = {Özalp, Elise and Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Petersen, Christer},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {223--243},
    }

  • Thea Riebe, Julian Bäumler, Marc-André Kaufhold, Christian Reuter (2023)
    Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design Perspective
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) . doi:10.1007/s10606-022-09453-4
    [BibTeX] [Abstract] [Download PDF]

    The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.

    @article{riebe_values_2023,
    title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
    url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
    doi = {10.1007/s10606-022-09453-4},
    abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Jasmin Haunschild, Leon Jung, Christian Reuter (2023)
    Dual-use in volunteer operations? Attitudes of computer science students regarding the establishment of a cyber security volunteer force
    In: Gerber Nina, Zimmermann Verena: International Symposium on Technikpsychologie (TecPsy). Sciendo, , 66–81.
    [BibTeX] [Abstract] [Download PDF]

    The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers are discussed.

    @incollection{haunschild_dual-use_2023,
    title = {Dual-use in volunteer operations? {Attitudes} of computer science students regarding the establishment of a cyber security volunteer force},
    isbn = {978-83-66675-89-6},
    url = {https://sciendo.com/chapter/9788366675896/10.2478/9788366675896-006},
    abstract = {The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative
    content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers
    are discussed.},
    booktitle = {International {Symposium} on {Technikpsychologie} ({TecPsy})},
    publisher = {Sciendo},
    author = {Haunschild, Jasmin and Jung, Leon and Reuter, Christian},
    editor = {Nina, Gerber and Verena, Zimmermann},
    year = {2023},
    keywords = {Crisis, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {66--81},
    }

  • Jonas Franken, Franziska Schneider, Christian Reuter (2023)
    The Internet’s Plumbing Consists of Garden Hoses: A Critical Analysis of the Advantages and Pitfalls of Metaphors Use for Critical Maritime Infrastructures
    Dreizack 23 Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_internets_2023,
    address = {Kiel},
    title = {The {Internet}’s {Plumbing} {Consists} of {Garden} {Hoses}: {A} {Critical} {Analysis} of the {Advantages} and {Pitfalls} of {Metaphors} {Use} for {Critical} {Maritime} {Infrastructures}},
    url = {https://peasec.de/paper/2023/2023_FrankenSchneiderReuter_MetaphernMarKRITIS_Dreizack23.pdf},
    booktitle = {Dreizack 23},
    publisher = {The Kiel Seapower Series},
    author = {Franken, Jonas and Schneider, Franziska and Reuter, Christian},
    editor = {Schilling, Henrik},
    year = {2023},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio, Projekt-NetzGeschichte},
    pages = {1--8},
    }

    2022

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Cultural Violence and Fragmentation on Social Media: Interventions and Countermeasures by Humans and Social Bots
    In: Myriam Dunn Cavelty, Andreas Wenger: Cyber Security Politics: Socio-Technological Transformations and Political Fragmentation. Routledge, , 48–63.
    [BibTeX] [Abstract] [Download PDF]

    Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.

    @incollection{haunschild_cultural_2022,
    title = {Cultural {Violence} and {Fragmentation} on {Social} {Media}: {Interventions} and {Countermeasures} by {Humans} and {Social} {Bots}},
    isbn = {978-0-367-62674-7},
    url = {https://peasec.de/paper/2022/2022_HaunschildKaufholdReuter_SocialMediaAndFragmentation_Routledge.pdf},
    abstract = {Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.},
    booktitle = {Cyber {Security} {Politics}: {Socio}-{Technological} {Transformations} and {Political} {Fragmentation}},
    publisher = {Routledge},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Cavelty, Myriam Dunn and Wenger, Andreas},
    year = {2022},
    keywords = {Crisis, SocialMedia, Peace, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {48--63},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    Nijmegen: The Radboud University Thesis Repository.
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022-1,
    address = {Nijmegen},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    url = {https://repository.ubn.ru.nl/handle/2066/253000},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    publisher = {The Radboud University Thesis Repository},
    author = {Reuter, Christian},
    year = {2022},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Towards a Cyber Weapons Assessment Model – Assessment of the Technical Features of Malicious Software
    IEEE Transactions on Technology and Society ;3(3):226–239. doi:10.1109/TTS.2021.3131817
    [BibTeX] [Abstract] [Download PDF]

    The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.

    @article{reinhold_towards_2022,
    title = {Towards a {Cyber} {Weapons} {Assessment} {Model} – {Assessment} of the {Technical} {Features} of {Malicious} {Software}},
    volume = {3},
    issn = {2637-6415},
    url = {https://peasec.de/paper/2021/2021_ReinholdReuter_CyberWeapons_IEEETransactionsTechnologySociety.pdf},
    doi = {10.1109/TTS.2021.3131817},
    abstract = {The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.},
    language = {en},
    number = {3},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = sep,
    year = {2022},
    keywords = {A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {226--239},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Armament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm
    1 ed. Springer. doi:https://doi.org/10.1007/978-3-031-11043-6
    [BibTeX] [Abstract] [Download PDF]

    Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed. The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part. This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.

    @book{schornig_armament_2022,
    edition = {1},
    title = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    isbn = {978-3-031-11043-6},
    url = {https://link.springer.com/book/10.1007/978-3-031-11043-6},
    abstract = {Looking at a variety of armament sectors, the book examines how Artificial Intelligence (AI) impacts the fields of armament and arms control, how existing arms control measures will be affected by AI, and what new approaches based on AI have been or are currently developed.
    The significant increase in computing power, the increasing reliance on software, and the advent of (narrow) AI and deep-learning algorithms all have the potential to lead to disruptive changes for military operations and warfare, rendering many classical arms control instruments less effective, or even useless. On the other hand, AI might lead to completely new arms control approaches, raising the effectiveness and reliability of new verification measures. To provide a common understanding, the book starts by presenting a general introduction to the state of the art in artificial intelligence and arms control, and how the two topics are interrelated. The second part of the book looks at examples from various fields of weapon technology, including weapons of mass destruction (WMD), conventional armament, and emerging technologies. The final section offers a cross-cutting perspective based on the examples presented in the second part.
    This volume will appeal to students and scholars of international relations, as well as policy-makers and practitioners interested in a better understanding of peace and security studies in general, and armament and arms control in particular with a strong focus on AI.},
    language = {en},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    }

  • Thomas Reinhold (2022)
    Arms Control for Artificial Intelligence
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 211–226. doi:https://doi.org/10.1007/978-3-031-11043-6_15
    [BibTeX] [Abstract] [Download PDF]

    With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.

    @incollection{reinhold_arms_2022,
    edition = {1},
    title = {Arms {Control} for {Artificial} {Intelligence}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_Reinhold_ ArmsControlforAI_AI-Book.pdf},
    abstract = {With military weapon systems getting more and more improved by artificial intelligence and states competing about the leading role in this development, the question arises how arms control measures can be applied to decrease this equipment spiral. The ongoing debates on cyber weapons have already highlighted the problems with controlling or limiting digital technologies, not to mention the dual use problems. While still in an early stage, this chapter develops possible approaches for AI arms control by considering the different life cycle steps of a typical AI enabled system, based on lessons learned from other arms control approaches. It will discuss the different starting points, their arms control potential as well as its limitations to provide a holistic perspective for necessary further develops and debates.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_15},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {211--226},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 145–158. doi:https://doi.org/10.1007/978-3-031-11043-6_11
    [BibTeX] [Abstract] [Download PDF]

    As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.

    @incollection{reinhold_cyber_2022,
    edition = {1},
    title = {Cyber {Weapons} and {Artificial} {Intelligence}: {Impact}, {Influence} and the {Challenges} for {Arms} {Control}},
    isbn = {978-3-031-11043-6},
    url = {https://peasec.de/paper/2022/2022_ReinholdReuter_CyberWeaponsAIImpactInfluenceChallenges_AI-Book.pdf},
    abstract = {As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter will analyze this development and highlight the increasing tendency towards AI enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyberattacks and the problems for developing arms control measures for this “technology fusion”. However, the article also ventures an outlook how AI methods can help to mitigate these challenges if applied for arms control measures itself.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_11},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {145--158},
    }

  • Niklas Schörnig, Thomas Reinhold (2022)
    Introduction
    In: Niklas Schörnig, Thomas ReinholdArmament, Arms Control and Artificial Intelligence – The Janus-faced Nature of Machine Learning in the Military Realm. 1 ed. Springer, , 1–9. doi:https://doi.org/10.1007/978-3-031-11043-6_1
    [BibTeX] [Abstract] [Download PDF]

    In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.

    @incollection{schornig_introduction_2022,
    edition = {1},
    title = {Introduction},
    isbn = {978-3-031-11043-6},
    url = {http://www.peasec.de/paper/2022/2022_SchoernigReinhold_Intro_AI-Book.pdf},
    abstract = {In 1987, Allan Din published the seminal book “Arms and Artificial Intelligence,” in which he argued that the future military use of AI would be a double-edged sword. Warning about control failures and accidental war on one hand, Din also pointed out the potential of AI to enhance arms control. 35 years later, what was a niche technology in Din’s day has since become one of the most influential technologies in both the civilian and military sectors. In addition, AI has evolved from sophisticated yet deterministic expert systems to machine learning algorithms. Today, AI is about to be introduced in almost every branch of the military, with a variety of implications for arms control. This book reflects the work of the individual authors and identifies common themes and areas where AI can be used for the greater good or where its use calls for particular vigilance. It offers an essential primer for interested readers, while also encouraging experts from the arms control community to dig more deeply into the issues.},
    language = {en},
    booktitle = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
    publisher = {Springer},
    author = {Schörnig, Niklas and Reinhold, Thomas},
    editor = {Schörnig, Niklas and Reinhold, Thomas},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-031-11043-6_1},
    keywords = {Security, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--9},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Perceptions and Use of Warning Apps – Did Recent Crises Lead to Changes in Germany?
    Mensch und Computer 2022 – Tagungsband New York. doi:10.1145/3543758.3543770
    [BibTeX] [Abstract] [Download PDF]

    Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.

    @inproceedings{haunschild_perceptions_2022,
    address = {New York},
    title = {Perceptions and {Use} of {Warning} {Apps} – {Did} {Recent} {Crises} {Lead} to {Changes} in {Germany}?},
    url = {http://www.peasec.de/paper/2022/2022_HaunschildKaufholdReuter_WarningAppsChangesGermany_MuC.pdf},
    doi = {10.1145/3543758.3543770},
    abstract = {Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.},
    language = {en},
    booktitle = {Mensch und {Computer} 2022 - {Tagungsband}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Sabrina Gabel, Lilian Reichert, Christian Reuter (2022)
    Discussing Conflict in Social Media – The Use of Twitter in the Jammu and Kashmir Conflict
    Media, War & Conflict ;15(4):1–26.
    [BibTeX] [Abstract] [Download PDF]

    Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani’s impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.

    @article{gabel_discussing_2022,
    title = {Discussing {Conflict} in {Social} {Media} – {The} {Use} of {Twitter} in the {Jammu} and {Kashmir} {Conflict}},
    volume = {15},
    url = {https://journals.sagepub.com/doi/full/10.1177/1750635220970997},
    abstract = {Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani's impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.},
    number = {4},
    journal = {Media, War \& Conflict},
    author = {Gabel, Sabrina and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, Ranking-ImpactFactor, Peace, Projekt-ATHENE-SecUrban},
    pages = {1--26},
    }

  • Philipp Kuehn, Moritz Kerk, Marc Wendelborn, Christian Reuter (2022)
    Clustering of Threat Information to Mitigate Information Overload for Computer Emergency Response Teams
    2022.
    [BibTeX] [Abstract] [Download PDF]

    The constantly increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). In order to respond to new threats, CERTs need to gather information in a timely and comprehensive manner. However, the volume of information and sources can lead to information overload. This paper answers the question of how to reduce information overload for CERTs with the help of clustering methods. Conditions for such a framework were established and subsequently tested. In order to perform an evaluation, different types of evaluation metrics were introduced and selected in relation to the framework conditions. Furthermore, different vectorizations and distance measures in combination with the clustering methods were evaluated and interpreted. Two different ground-truth datasets were used for the evaluation, one containing threat messages and a dataset with messages from different news categories. The work shows that the K-means clustering method along with TF-IDF vectorization and cosine distance provide the best results in the domain of threat messages.

    @techreport{kuehn_clustering_2022,
    title = {Clustering of {Threat} {Information} to {Mitigate} {Information} {Overload} for {Computer} {Emergency} {Response} {Teams}},
    copyright = {arXiv.org perpetual, non-exclusive license},
    url = {https://arxiv.org/pdf/2210.14067.pdf},
    abstract = {The constantly increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). In order to respond to new threats, CERTs need to gather information in a timely and comprehensive manner. However, the volume of information and sources can lead to information overload. This paper answers the question of how to reduce information overload for CERTs with the help of clustering methods. Conditions for such a framework were established and subsequently tested. In order to perform an evaluation, different types of evaluation metrics were introduced and selected in relation to the framework conditions. Furthermore, different vectorizations and distance measures in combination with the clustering methods were evaluated and interpreted. Two different ground-truth datasets were used for the evaluation, one containing threat messages and a dataset with messages from different news categories. The work shows that the K-means clustering method along with TF-IDF vectorization and cosine distance provide the best results in the domain of threat messages.},
    language = {en},
    institution = {arXiv},
    author = {Kuehn, Philipp and Kerk, Moritz and Wendelborn, Marc and Reuter, Christian},
    year = {2022},
    note = {https://doi.org/10.48550/arXiv.2210.14067},
    keywords = {HCI, Student, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Jonas Franken (2022)
    Seekabel als Maritime Kritische Infrastruktur
    Dreizack 21: Von historischen bis zukünftigen Herausforderungen im maritimen Raum Laboe/Kiel.
    [BibTeX] [Download PDF]

    @inproceedings{franken_seekabel_2022,
    address = {Laboe/Kiel},
    title = {Seekabel als {Maritime} {Kritische} {Infrastruktur}},
    url = {https://www.kielseapowerseries.com/files/ispk/content/workshops/Dreizack/Sammelband zum Dreizack21.pdf},
    booktitle = {Dreizack 21: {Von} historischen bis zukünftigen {Herausforderungen} im maritimen {Raum}},
    author = {Franken, Jonas},
    editor = {Schilling, Henrik},
    year = {2022},
    keywords = {Student, Security, Projekt-ATHENE-SecUrban},
    pages = {22--25},
    }

  • Philipp Kuehn, Julian Bäumler, Marc-André Kaufhold, Marc Wendelborn, Christian Reuter (2022)
    The Notion of Relevance in Cybersecurity: A Categorization of Security Tools and Deduction of Relevance Notions
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-220
    [BibTeX] [Abstract] [Download PDF]

    Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.

    @inproceedings{kuehn_notion_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Notion} of {Relevance} in {Cybersecurity}: {A} {Categorization} of {Security} {Tools} and {Deduction} of {Relevance} {Notions}},
    url = {https://dl.gi.de/handle/20.500.12116/39072},
    doi = {10.18420/muc2022-mci-ws01-220},
    abstract = {Proper cybersecurity requires timely information to defend the IT infrastructure. In a dynamic field like cybersecurity, gathering up-to-date information is usually a manual, time-consuming, and exhaustive task. Automatic and usable approaches are supposed to be a solution to this problem, but for this, they require a notion of information relevance to distinguish relevant from irrelevant information. First, on the basis of a literature review, this paper proposes a novel cybersecurity tool categorization based on corresponding tool types with their respective definitions and core features. Second, it elaborates information used in each category and deduces notions of relevance. Third, it outlines how these findings informed the design of a security dashboard to guide computer emergency response team staff in identifying current threats in open source intelligence sources while mitigating information overload.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kuehn, Philipp and Bäumler, Julian and Kaufhold, Marc-André and Wendelborn, Marc and Reuter, Christian},
    year = {2022},
    keywords = {Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Christian Reuter, Luigi Lo Iacono, Alexander Benlian (2022)
    A Quarter Century of Usable Security and Privacy Research: Transparency, Tailorability, and the Road Ahead
    Behaviour & Information Technology (BIT) ;41(10):2035–2048. doi:10.1080/0144929X.2022.2080908
    [BibTeX] [Abstract] [Download PDF]

    In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.

    @article{reuter_quarter_2022,
    title = {A {Quarter} {Century} of {Usable} {Security} and {Privacy} {Research}: {Transparency}, {Tailorability}, and the {Road} {Ahead}},
    volume = {41},
    issn = {0144-929X},
    url = {https://www.tandfonline.com/toc/tbit20/41/10},
    doi = {10.1080/0144929X.2022.2080908},
    abstract = {In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.},
    number = {10},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {2035--2048},
    }

  • Denis Orlov, Simon Möller, Sven Düfler, Steffen Haesler, Christian Reuter (2022)
    Detecting a Crisis: Comparison of Self-Reported vs. Automated Internet Outage Measuring Methods
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-321
    [BibTeX] [Abstract] [Download PDF]

    Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.

    @inproceedings{orlov_detecting_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Detecting a {Crisis}: {Comparison} of {Self}-{Reported} vs. {Automated} {Internet} {Outage} {Measuring} {Methods}},
    url = {https://dl.gi.de/handle/20.500.12116/39089},
    doi = {10.18420/muc2022-mci-ws10-321},
    abstract = {Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Orlov, Denis and Möller, Simon and Düfler, Sven and Haesler, Steffen and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Thomas Reinhold, Christian Reuter (2022)
    Book Review: Artificial Intelligence and The Future of Warfare, James Johnson (2021)
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) . doi:10.1007/s12399-022-00918-4
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics & International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.

    @article{reinhold_book_2022,
    title = {Book {Review}: {Artificial} {Intelligence} and {The} {Future} of {Warfare}, {James} {Johnson} (2021)},
    url = {https://link.springer.com/article/10.1007/s12399-022-00918-4},
    doi = {10.1007/s12399-022-00918-4},
    abstract = {Technological and scientific progress, especially the rapid development of information technology (IT), plays a crucial role in peace and security issuesFootnote1. Artificial Intelligence (AI) is one example. AI is a sub-discipline of computer science, dealing with computer systems capable of performing tasks which require human intelligenceFootnote2. According to James Johnson, PhD, Lecturer in Strategic Studies in the Department of Politics \& International Relations at the University of Aberdeen and author of the book Artificial Intelligence and the Future of Warfare, the hype around this has made it easy to overstate the opportunities and challenges posed by the development and deployment of AI in the military sphere. The author argues, that “speculations about super intelligent AI or the threat of superman AI to humanity” are entirely disconnected from today’s capabilities of AI. The book aims to address this problem by deciphering “proven capabilities and applications from mere speculation”, with a strong focus on the challenges AI poses to strategic stability, nuclear deterrence and how AI might influence nuclear weapon systems. The author concludes with implications and policy recommendations on how states could manage the escalatory risks posed by AI.},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Reuter, Christian},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban},
    }

  • Christian Bueger, Tobias Liebetrau, Jonas Franken (2022)
    Security threats to undersea communications cables and infrastructure – consequences for the EU
    Brussels: European Parliament.
    [BibTeX] [Abstract] [Download PDF]

    The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.

    @book{bueger_security_2022,
    address = {Brussels},
    title = {Security threats to undersea communications cables and infrastructure – consequences for the {EU}},
    url = {https://www.europarl.europa.eu/thinktank/en/document/EXPO_IDA(2022)702557},
    abstract = {The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.},
    publisher = {European Parliament},
    author = {Bueger, Christian and Liebetrau, Tobias and Franken, Jonas},
    year = {2022},
    keywords = {Student, Security, Infrastructure, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Marc-André Kaufhold, Ali Sercan Basyurt, Kaan Eyilmez, Marc Stöttinger, Christian Reuter (2022)
    Cyber Threat Observatory: Design and Evaluation of an Interactive Dashboard for Computer Emergency Response Teams
    Proceedings of the European Conference on Information Systems (ECIS) Timisoara, Romania.
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.

    @inproceedings{kaufhold_cyber_2022,
    address = {Timisoara, Romania},
    title = {Cyber {Threat} {Observatory}: {Design} and {Evaluation} of an {Interactive} {Dashboard} for {Computer} {Emergency} {Response} {Teams}},
    url = {http://www.peasec.de/paper/2022/2022_KaufholdBasyurtEyilmezStoettingerReuter_CyberThreatObservatory_ECIS.pdf},
    abstract = {Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Kaufhold, Marc-André and Basyurt, Ali Sercan and Eyilmez, Kaan and Stöttinger, Marc and Reuter, Christian},
    year = {2022},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Marc-André Kaufhold, Julian Bäumler, Christian Reuter (2022)
    The Implementation of Protective Measures and Communication of Cybersecurity Alerts in Germany – A Representative Survey of the Population
    Mensch und Computer 2022 – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws01-228
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.

    @inproceedings{kaufhold_implementation_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {The {Implementation} of {Protective} {Measures} and {Communication} of {Cybersecurity} {Alerts} in {Germany} - {A} {Representative} {Survey} of the {Population}},
    url = {https://dl.gi.de/handle/20.500.12116/39061},
    doi = {10.18420/muc2022-mci-ws01-228},
    abstract = {Despite the merits of digitization in private and professional spaces, critical infrastructures and societies are increasingly exposed to cyberattacks. We conducted a representative survey with German citizens (N=1,093) to examine how they assess the current and future cyber threat situation as well as possible protective measures in cyberspace. Furthermore, we asked what information and channels citizens need to be aware of cyber threats. Our findings indicate that large proportions of the German population feel inadequately informed about cyber threats and tend to only apply enforced security measures by programs (e.g., updates) and services (e.g., two-factor authentication). Furthermore, institutions such as state-level Computer Emergency Response Teams (CERTs) are relatively unknown among the population and respondents showed little confidence in German security authorities to cope with largescale attacks and ultimately protect citizens. Still, our participants prefer to receive cybersecurity information via installed security applications, television channels, or emergency warning apps.},
    language = {en},
    booktitle = {Mensch und {Computer} 2022 - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Kaufhold, Marc-André and Bäumler, Julian and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Markus Bayer, Philipp Kuehn, Ramin Shanehsaz, Christian Reuter (2022)
    CySecBERT: A Domain-Adapted Language Model for the Cybersecurity Domain
    2022. doi:10.48550/ARXIV.2212.02974
    [BibTeX] [Abstract] [Download PDF]

    The field of cybersecurity is evolving fast. Experts need to be informed about past, current and – in the best case – upcoming threats, because attacks are becoming more advanced, targets bigger and systems more complex. As this cannot be addressed manually, cybersecurity experts need to rely on machine learning techniques. In the texutual domain, pre-trained language models like BERT have shown to be helpful, by providing a good baseline for further fine-tuning. However, due to the domain-knowledge and many technical terms in cybersecurity general language models might miss the gist of textual information, hence doing more harm than good. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain, which can serve as a basic building block for cybersecurity systems that deal with natural language. The model is compared with other models based on 15 different domain-dependent extrinsic and intrinsic tasks as well as general tasks from the SuperGLUE benchmark. On the one hand, the results of the intrinsic tasks show that our model improves the internal representation space of words compared to the other models. On the other hand, the extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model is best in specific application scenarios, in contrast to the others. Furthermore, we show that our approach against catastrophic forgetting works, as the model is able to retrieve the previously trained domain-independent knowledge. The used dataset and trained model are made publicly available

    @techreport{bayer_cysecbert_2022,
    title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
    copyright = {arXiv.org perpetual, non-exclusive license},
    url = {https://arxiv.org/abs/2212.02974},
    abstract = {The field of cybersecurity is evolving fast. Experts need to be informed about past, current and - in the best case - upcoming threats, because attacks are becoming more advanced, targets bigger and systems more complex. As this cannot be addressed manually, cybersecurity experts need to rely on machine learning techniques. In the texutual domain, pre-trained language models like BERT have shown to be helpful, by providing a good baseline for further fine-tuning. However, due to the domain-knowledge and many technical terms in cybersecurity general language models might miss the gist of textual information, hence doing more harm than good. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain, which can serve as a basic building block for cybersecurity systems that deal with natural language. The model is compared with other models based on 15 different domain-dependent extrinsic and intrinsic tasks as well as general tasks from the SuperGLUE benchmark. On the one hand, the results of the intrinsic tasks show that our model improves the internal representation space of words compared to the other models. On the other hand, the extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model is best in specific application scenarios, in contrast to the others. Furthermore, we show that our approach against catastrophic forgetting works, as the model is able to retrieve the previously trained domain-independent knowledge. The used dataset and trained model are made publicly available},
    institution = {arXiv},
    author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
    year = {2022},
    doi = {10.48550/ARXIV.2212.02974},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Stefka Schmid (2022)
    Trustworthy and Explainable: A European Vision of (Weaponised) Artificial Intelligence
    Die Friedens-Warte / Journal of International Peace and Organization (JIPO) ;95(3-4):290–315. doi:10.35998/fw-2022-0013
    [BibTeX] [Abstract] [Download PDF]

    The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.

    @article{schmid_trustworthy_2022,
    title = {Trustworthy and {Explainable}: {A} {European} {Vision} of ({Weaponised}) {Artificial} {Intelligence}},
    volume = {95},
    url = {https://elibrary.bwv-verlag.de/article/10.35998/fw-2022-0013},
    doi = {10.35998/fw-2022-0013},
    abstract = {The European Union (EU) has undertaken policies which address the research and development of artificial intelligence (AI). In light of debates of technology assessment which focus on risks for humans and questions of control of AI, the EU has propagated an ethical, human-centred approach of the application of AI. It is important to identify how the EU envisions AI as this may guide emerging norms in AI governance and today’s research and development of (weaponised) AI. Building on works of Human-Computer Interaction (HCI), this work derives the actor’s understanding of human-AI interaction, including conceptualisations of explainability, interpretability, and risks. Analysis of EU documents on the implementation of AI as a general-purpose technology and for military application reveals that explainability and risk identification are crucial elements for trust, which itself is a necessary component in the uptake of AI. Interdisciplinary approaches allow for a more detailed understanding of actors’ fundamental views on human control of AI, which further contributes to debates on technology assessment in professionalised political contexts.},
    number = {3-4},
    journal = {Die Friedens-Warte / Journal of International Peace and Organization (JIPO)},
    author = {Schmid, Stefka},
    year = {2022},
    keywords = {Peace, Projekt-ATHENE-SecUrban, Projekt-TraCe},
    pages = {290--315},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    1 ed. Wiesbaden: Springer Vieweg. doi:https://doi.org/10.1007/978-3-658-39720-3
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022,
    address = {Wiesbaden},
    edition = {1},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    isbn = {978-3-658-39719-7},
    url = {https://link.springer.com/book/10.1007/978-3-658-39720-3},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    language = {en},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-658-39720-3},
    keywords = {Crisis, HCI, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jonas Franken, Thomas Reinhold, Lilian Reichert, Christian Reuter (2022)
    The Digital Divide in State Vulnerability to Submarine Communications Cable Failure
    International Journal of Critical Infrastructure Protection (IJCIP) ;38(100522):1–15. doi:10.1016/j.ijcip.2022.100522
    [BibTeX] [Abstract] [Download PDF]

    The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.

    @article{franken_digital_2022,
    title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
    volume = {38},
    url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
    doi = {10.1016/j.ijcip.2022.100522},
    abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
    number = {100522},
    journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
    author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
    year = {2022},
    keywords = {Selected, Student, Security, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-AgriRegio},
    pages = {1--15},
    }

  • Verena Zimmermann, Jasmin Haunschild, Marita Unden, Paul Gerber, Nina Gerber (2022)
    Sicherheitsherausforderungen für Smart City-Infrastrukturen
    Wirtschaftsinformatik & Management . doi:10.1365/s35764-022-00396-5
    [BibTeX] [Abstract] [Download PDF]

    Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.

    @article{zimmermann_sicherheitsherausforderungen_2022,
    title = {Sicherheitsherausforderungen für {Smart} {City}-{Infrastrukturen}},
    url = {https://link.springer.com/content/pdf/10.1365/s35764-022-00396-5.pdf},
    doi = {10.1365/s35764-022-00396-5},
    abstract = {Viele Städte entwickeln sich hin zu einer „Smart City“. Der Trend birgt einerseits vielfältige Potenziale für Effizienz, Nachhaltigkeit und Sicherheit. Auf der anderen Seite ergeben sich neue Herausforderungen für den Schutz städtischer Infrastrukturen und der darin befindlichen Daten vor Ausfällen und (Cyber‑)Angriffen, die in ihrer Komplexität bisher nur wenig untersucht sind.},
    journal = {Wirtschaftsinformatik \& Management},
    author = {Zimmermann, Verena and Haunschild, Jasmin and Unden, Marita and Gerber, Paul and Gerber, Nina},
    year = {2022},
    keywords = {UsableSec, Security, Projekt-ATHENE-SecUrban},
    }

    2021

  • Christian Reuter (2021)
    Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage)
    2 ed. Wiesbaden: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

    @book{reuter_sicherheitskritische_2021,
    address = {Wiesbaden},
    edition = {2},
    title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    isbn = {978-3-658-32795-8},
    url = {https://www.springer.com/de/book/9783658327941},
    abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, HCI, Selected, SocialMedia, UsableSec, Security, Projekt-KontiKat, Peace, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Kilian Demuth, Henri-Jacques Geiß, Christian Richter, Christian Reuter (2021)
    Nutzer, Sammler, Entscheidungsträger? Arten der Bürgerbeteiligung in Smart Cities
    HMD Praxis der Wirtschaftsinformatik ;58. doi:10.1365/s40702-021-00770-8
    [BibTeX] [Abstract] [Download PDF]

    Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.

    @article{haunschild_nutzer_2021,
    title = {Nutzer, {Sammler}, {Entscheidungsträger}? {Arten} der {Bürgerbeteiligung} in {Smart} {Cities}},
    volume = {58},
    url = {https://peasec.de/paper/2021/2021_HaunschildDemuthGeissRichterReuter_NutzerSammlerEntscheidungstragerBuergerbeteiligungSmartCities_HMD.pdf},
    doi = {10.1365/s40702-021-00770-8},
    abstract = {Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.},
    journal = {HMD Praxis der Wirtschaftsinformatik},
    author = {Haunschild, Jasmin and Demuth, Kilian and Geiß, Henri-Jacques and Richter, Christian and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Student, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Katrin Hartwig, Atlas Englisch, Jan Pelle Thomson, Christian Reuter (2021)
    Finding Secret Treasure? Improving Memorized Secrets Through Gamification
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481509
    [BibTeX] [Abstract] [Download PDF]

    Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom. Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000) to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of participants’ gaming frequency.

    @inproceedings{hartwig_finding_2021,
    address = {Karlsruhe, Germany},
    title = {Finding {Secret} {Treasure}? {Improving} {Memorized} {Secrets} {Through} {Gamification}},
    url = {https://peasec.de/paper/2021/2021_HartwigEnglischThomsonReuter_MemorizedSecretsThroughGamification_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481509},
    abstract = {Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom.
    Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have
    identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their
    relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar
    nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding
    efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000)
    to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates
    a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of
    participants’ gaming frequency.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Englisch, Atlas and Thomson, Jan Pelle and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {105--117},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Nudge or Restraint: How do People Assess Nudging in Cybersecurity – A Representative Study in Germany
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481514
    [BibTeX] [Abstract] [Download PDF]

    While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.

    @inproceedings{hartwig_nudge_2021,
    address = {Karlsruhe, Germany},
    title = {Nudge or {Restraint}: {How} do {People} {Assess} {Nudging} in {Cybersecurity} - {A} {Representative} {Study} in {Germany}},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_NudgingCybersecurityRepresentativeStudy_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481514},
    abstract = {While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2021},
    keywords = {UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {141--150},
    }

  • Thea Riebe, Tristan Wirth, Markus Bayer, Philipp Kuehn, Marc-André Kaufhold, Volker Knauthe, Stefan Guthe, Christian Reuter (2021)
    CySecAlert: An Alert Generation System for Cyber Security Events Using Open Source Intelligence Data
    Information and Communications Security (ICICS) . doi:10.1007/978-3-030-86890-1_24
    [BibTeX] [Abstract] [Download PDF]

    Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.

    @inproceedings{riebe_cysecalert_2021,
    title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
    url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
    doi = {10.1007/978-3-030-86890-1_24},
    abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
    booktitle = {Information and {Communications} {Security} ({ICICS})},
    author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {429--446},
    }

  • Thea Riebe, Marc-André Kaufhold, Christian Reuter (2021)
    The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479865
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

    @article{riebe_impact_2021,
    title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
    volume = {5},
    url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
    doi = {10.1145/3479865},
    abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold},
    }

  • Marc-André Kaufhold (2021)
    Information Refinement Technologies for Crisis Informatics: User Expectations and Design Principles for Social Media and Mobile Apps
    Wiesbaden, Germany: Springer Vieweg. doi:10.1007/978-3-658-33341-6
    [BibTeX] [Abstract] [Download PDF]

    Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.

    @book{kaufhold_information_2021,
    address = {Wiesbaden, Germany},
    title = {Information {Refinement} {Technologies} for {Crisis} {Informatics}: {User} {Expectations} and {Design} {Principles} for {Social} {Media} and {Mobile} {Apps}},
    isbn = {978-3-658-33343-0},
    url = {https://www.springer.com/gp/book/9783658333430},
    abstract = {Marc-André Kaufhold explores user expectations and design implications for the utilization of new media in crisis management and response. He develops a novel framework for information refinement, which integrates the event, organisational, societal, and technological perspectives of crises. Therefore, he reviews the state of the art on crisis informatics and empirically examines the use, potentials and barriers of both social media and mobile apps. Based on these insights, he designs and evaluates ICT concepts and artifacts with the aim to overcome the issues of information overload and quality in large-scale crises, concluding with practical and theoretical implications for technology adaptation and design.},
    publisher = {Springer Vieweg},
    author = {Kaufhold, Marc-André},
    year = {2021},
    doi = {10.1007/978-3-658-33341-6},
    keywords = {Crisis, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlKaufhold, Dissertation},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Bridging from Crisis to Everyday Life – An Analysis of User Reviews of the Warning App NINA and the COVID-19 Information Apps CoroBuddy and DarfIchDas
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481745
    [BibTeX] [Abstract] [Download PDF]

    During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.

    @inproceedings{haunschild_bridging_2021,
    address = {Virtual Event, USA},
    title = {Bridging from {Crisis} to {Everyday} {Life} – {An} {Analysis} of {User} {Reviews} of the {Warning} {App} {NINA} and the {COVID}-19 {Information} {Apps} {CoroBuddy} and {DarfIchDas}},
    url = {https://peasec.de/paper/2021/2021_HaunschildReuter_UserReviewsWarningCovidApps_CSCWComp.pdf},
    doi = {10.1145/3462204.3481745},
    abstract = {During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {72--78},
    }

  • Marc-André Kaufhold, Markus Bayer, Daniel Hartung, Christian Reuter (2021)
    Design and Evaluation of Deep Learning Models for Real-Time Credibility Assessment in Twitter
    30th International Conference on Artificial Neural Networks (ICANN2021) Bratislava. doi:https://doi.org/10.1007/978-3-030-86383-8_32
    [BibTeX] [Abstract] [Download PDF]

    Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.

    @inproceedings{kaufhold_design_2021,
    address = {Bratislava},
    title = {Design and {Evaluation} of {Deep} {Learning} {Models} for {Real}-{Time} {Credibility} {Assessment} in {Twitter}},
    url = {https://peasec.de/paper/2021/2021_KaufholdBayerHartungReuter_DeepLearningCredibilityAssessmentTwitter_ICANN.pdf},
    doi = {https://doi.org/10.1007/978-3-030-86383-8_32},
    abstract = {Social media have an enormous impact on modern life but are prone to the dissemination of false information. In several domains, such as crisis management or political communication, it is of utmost importance to detect false and to promote credible information. Although educational measures might help individuals to detect false information, the sheer volume of social big data, which sometimes need to be anal- ysed under time-critical constraints, calls for automated and (near) real- time assessment methods. Hence, this paper reviews existing approaches before designing and evaluating three deep learning models (MLP, RNN, BERT) for real-time credibility assessment using the example of Twitter posts. While our BERT implementation achieved best results with an accuracy of up to 87.07\% and an F1 score of 0.8764 when using meta- data, text, and user features, MLP and RNN showed lower classification quality but better performance for real-time application. Furthermore, the paper contributes with a novel dataset for credibility assessment.},
    booktitle = {30th {International} {Conference} on {Artificial} {Neural} {Networks} ({ICANN2021})},
    author = {Kaufhold, Marc-André and Bayer, Markus and Hartung, Daniel and Reuter, Christian},
    year = {2021},
    keywords = {Student, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--13},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Perceptions of Police Technology Use and Attitudes Towards the Police – A Representative Survey of the German Population
    Mensch und Computer – Workshopband Bonn. doi:10.18420/muc2021-mci-ws08-255
    [BibTeX] [Abstract] [Download PDF]

    Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.

    @inproceedings{haunschild_perceptions_2021,
    address = {Bonn},
    title = {Perceptions of {Police} {Technology} {Use} and {Attitudes} {Towards} the {Police} - {A} {Representative} {Survey} of the {German} {Population}},
    volume = {Mensch und Computer 2021 - Workshopband},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildReuter_PoliceTechnologyUseSurvey_MuC-WS.pdf},
    doi = {10.18420/muc2021-mci-ws08-255},
    abstract = {Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2021)
    Information Overload in Crisis Management: Bilingual Evaluation of Embedding Models for Clustering Social Media Posts in Emergencies
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.

    @inproceedings{bayer_information_2021,
    title = {Information {Overload} in {Crisis} {Management}: {Bilingual} {Evaluation} of {Embedding} {Models} for {Clustering} {Social} {Media} {Posts} in {Emergencies}},
    url = {https://peasec.de/paper/2021/2021_BayerKaufholdReuter_InformationOverloadInCrisisManagementBilingualEvaluation_ECIS.pdf},
    abstract = {Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--18},
    }

  • Steffen Haesler, Ragnark Mogk, Florentin Putz, Kevin T. Logan, Nadja Thiessen, Katharina Kleinschnitger, Lars Baumgärtner, Jan-Philipp Stroscher, Christian Reuter, Michele Knodt, Matthias Hollick (2021)
    Connected Self-Organized Citizens in Crises: An Interdisciplinary Resilience Concept for Neighborhoods
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481749
    [BibTeX] [Abstract] [Download PDF]

    When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.

    @inproceedings{haesler_connected_2021,
    address = {Virtual Event, USA},
    title = {Connected {Self}-{Organized} {Citizens} in {Crises}: {An} {Interdisciplinary} {Resilience} {Concept} for {Neighborhoods}},
    url = {https://peasec.de/paper/2021/2021_Haesleretal_ConnectedSelfOrganizedCitizensinCrises_CSCWComp.pdf},
    doi = {10.1145/3462204.3481749},
    abstract = {When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haesler, Steffen and Mogk, Ragnark and Putz, Florentin and Logan, Kevin T. and Thiessen, Nadja and Kleinschnitger, Katharina and Baumgärtner, Lars and Stroscher, Jan-Philipp and Reuter, Christian and Knodt, Michele and Hollick, Matthias},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Steffen Haesler, Stefka Schmid, Annemike Sophia Vierneisel, Christian Reuter (2021)
    Stronger Together: How Neighborhood Groups Build up a Virtual Network during the COVID-19 Pandemic
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2).
    [BibTeX] [Abstract] [Download PDF]

    During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.

    @article{haesler_stronger_2021,
    title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
    volume = {5},
    url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
    abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn
    Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.1755787
    [BibTeX] [Abstract] [Download PDF]

    Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.

    @article{riebe_measuring_2021,
    title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
    volume = {32},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
    doi = {10.1080/10242694.2020.1755787},
    abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
    number = {7},
    journal = {Defence and Peace Economics},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {773--785},
    }

  • Philipp Kuehn, Markus Bayer, Marc Wendelborn, Christian Reuter (2021)
    OVANA: An Approach to Analyze and Improve the Information Quality of Vulnerability Databases
    Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES 2021) . doi:10.1145/3465481.3465744
    [BibTeX] [Abstract] [Download PDF]

    Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.

    @inproceedings{kuehn_ovana_2021,
    title = {{OVANA}: {An} {Approach} to {Analyze} and {Improve} the {Information} {Quality} of {Vulnerability} {Databases}},
    isbn = {978-1-4503-9051-4},
    url = {https://peasec.de/paper/2021/2021_KuehnBayerWendelbornReuter_OVANAQualityVulnerabilityDatabases_ARES.pdf},
    doi = {10.1145/3465481.3465744},
    abstract = {Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.},
    booktitle = {Proceedings of the 16th {International} {Conference} on {Availability}, {Reliability} and {Security} ({ARES} 2021)},
    publisher = {ACM},
    author = {Kuehn, Philipp and Bayer, Markus and Wendelborn, Marc and Reuter, Christian},
    year = {2021},
    keywords = {Security, Peace, Ranking-CORE-B, AuswahlPeace, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {1--11},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2021)
    Citizens‘ Perceived Information Responsibilities and Information Challenges During the COVID-19 Pandemic
    GoodIT ’21: Proceedings of the Conference on Information Technology for Social Good . doi:10.1145/3462203.3475886
    [BibTeX] [Abstract] [Download PDF]

    In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens‘ perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens‘ needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens‘ desire to stay informed.

    @inproceedings{haunschild_citizens_2021,
    title = {Citizens' {Perceived} {Information} {Responsibilities} and {Information} {Challenges} {During} the {COVID}-19 {Pandemic}},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildPauliReuter_InformationResponsibilitiesCovid19_GoodIT.pdf},
    doi = {10.1145/3462203.3475886},
    abstract = {In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens' perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens' needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens' desire to stay informed.},
    booktitle = {{GoodIT} '21: {Proceedings} of the {Conference} on {Information} {Technology} for {Social} {Good}},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {151--156},
    }

  • Rolf Egert, Nina Gerber, Jasmin Haunschild, Philipp Kuehn, Verena Zimmermann (2021)
    Towards Resilient Critical Infrastructures – Motivating Users to Contribute to Smart Grid Resilience
    i-com – Journal of Interactive Media ;20(2):161–175. doi:10.1515/icom-2021-0021
    [BibTeX] [Abstract] [Download PDF]

    Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers – capable of producing and consuming electricity – who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.

    @article{egert_towards_2021,
    series = {i-com},
    title = {Towards {Resilient} {Critical} {Infrastructures} - {Motivating} {Users} to {Contribute} to {Smart} {Grid} {Resilience}},
    volume = {20},
    url = {https://www.degruyter.com/document/doi/10.1515/icom-2021-0021/html},
    doi = {10.1515/icom-2021-0021},
    abstract = {Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers - capable of producing and consuming electricity - who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.},
    number = {2},
    journal = {i-com - Journal of Interactive Media},
    author = {Egert, Rolf and Gerber, Nina and Haunschild, Jasmin and Kuehn, Philipp and Zimmermann, Verena},
    year = {2021},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {161--175},
    }

    2020

  • Thea Riebe, Jasmin Haunschild, Felix Divo, Matthias Lang, Gerbert Roitburd, Jonas Franken, Christian Reuter (2020)
    Die Veränderung der Vorratsdatenspeicherung in Europa
    Datenschutz und Datensicherheit – DuD ;44(5):316–321. doi:10.1007/s11623-020-1275-3
    [BibTeX] [Abstract] [Download PDF]

    Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.

    @article{riebe_veranderung_2020,
    title = {Die {Veränderung} der {Vorratsdatenspeicherung} in {Europa}},
    volume = {44},
    url = {https://www.peasec.de/paper/2020/2020_Riebeetal_VDSinEuropa_DuD.pdf},
    doi = {10.1007/s11623-020-1275-3},
    abstract = {Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.},
    number = {5},
    journal = {Datenschutz und Datensicherheit - DuD},
    author = {Riebe, Thea and Haunschild, Jasmin and Divo, Felix and Lang, Matthias and Roitburd, Gerbert and Franken, Jonas and Reuter, Christian},
    year = {2020},
    keywords = {Student, Security, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-ATHENE-SecUrban},
    pages = {316--321},
    }

  • Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter (2020)
    Warning the Public: A Survey on Attitudes, Expectations and Use of Mobile Crisis Apps in Germany
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.

    @inproceedings{kaufhold_warning_2020,
    title = {Warning the {Public}: {A} {Survey} on {Attitudes}, {Expectations} and {Use} of {Mobile} {Crisis} {Apps} in {Germany}},
    url = {http://www.peasec.de/paper/2020/2020_KaufholdHaunschildReuter_WarningthePublic_ECIS.pdf},
    abstract = {As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    publisher = {AIS},
    author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, A-Paper, Ranking-VHB-B, Ranking-WKWI-A, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-ATHENE-FANCY, Projekt-emergenCITY},
    }

  • Steffen Haesler, Stefka Schmid, Christian Reuter (2020)
    Crisis Volunteering Nerds: Three Months After COVID-19 Hackathon \#WirVsVirus
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424584
    [BibTeX] [Abstract] [Download PDF]

    The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.

    @inproceedings{haesler_crisis_2020,
    title = {Crisis {Volunteering} {Nerds}: {Three} {Months} {After} {COVID}-19 {Hackathon} \#{WirVsVirus}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424584},
    doi = {10.1145/3406324.3424584},
    abstract = {The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    publisher = {ACM},
    author = {Haesler, Steffen and Schmid, Stefka and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--56},
    }

  • Christian Reuter, Marc-André Kaufhold, Tina Comes, Michèle Knodt, Max Mühlhäuser (2020)
    Mobile Resilience: Designing Mobile Interactive Systems for Societal and Technical Resilience
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424590
    [BibTeX] [Abstract] [Download PDF]

    Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.

    @inproceedings{reuter_mobile_2020,
    title = {Mobile {Resilience}: {Designing} {Mobile} {Interactive} {Systems} for {Societal} and {Technical} {Resilience}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424590},
    doi = {10.1145/3406324.3424590},
    abstract = {Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    author = {Reuter, Christian and Kaufhold, Marc-André and Comes, Tina and Knodt, Michèle and Mühlhäuser, Max},
    year = {2020},
    keywords = {Crisis, HCI, SocialMedia, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {1--3},
    }

  • Christian Reuter, Jasmin Haunschild, Matthias Hollick, Max Mühlhäuser, Joachim Vogt, Michael Kreutzer (2020)
    Towards Secure Urban Infrastructures: Cyber Security Challenges to Information and Communication Technology in Smart Cities
    Mensch und Computer 2020 – Workshopband Magdeburg. doi:10.18420/muc2020-ws117-408
    [BibTeX] [Abstract] [Download PDF]

    The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.

    @inproceedings{reuter_towards_2020,
    address = {Magdeburg},
    title = {Towards {Secure} {Urban} {Infrastructures}: {Cyber} {Security} {Challenges} to {Information} and {Communication} {Technology} in {Smart} {Cities}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/33550/muc2020-ws-408.pdf},
    doi = {10.18420/muc2020-ws117-408},
    abstract = {The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.},
    booktitle = {Mensch und {Computer} 2020 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Reuter, Christian and Haunschild, Jasmin and Hollick, Matthias and Mühlhäuser, Max and Vogt, Joachim and Kreutzer, Michael},
    editor = {Hansen, C. and Nürnberger, A. and Preim, B.},
    year = {2020},
    keywords = {Crisis, UsableSec, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--7},
    }

  • Philipp Kuehn, Thea Riebe, Lynn Apelt, Max Jansen, Christian Reuter (2020)
    Sharing of Cyber Threat Intelligence between States
    S+F Sicherheit und Frieden / Peace and Security ;38(1):22–28. doi:10.5771/0175-274X-2020-1-22
    [BibTeX] [Abstract] [Download PDF]

    Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.

    @article{kuehn_sharing_2020,
    title = {Sharing of {Cyber} {Threat} {Intelligence} between {States}},
    volume = {38},
    url = {http://www.peasec.de/paper/2020/2020_KuehnRiebeApeltJansenReuter_SharingCyberThreatIntelligence_SF.pdf},
    doi = {10.5771/0175-274X-2020-1-22},
    abstract = {Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.},
    number = {1},
    journal = {S+F Sicherheit und Frieden / Peace and Security},
    author = {Kuehn, Philipp and Riebe, Thea and Apelt, Lynn and Jansen, Max and Reuter, Christian},
    year = {2020},
    keywords = {Student, Security, Peace, Projekt-DualUse, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {22--28},
    }

  • Christian Reuter, Jürgen Altmann, Malte Göttsche, Mirko Himmel (2020)
    Zur naturwissenschaftlich-technischen Friedens- und Konfliktforschung – Aktuelle Herausforderungen und Bewertung der Empfehlungen des Wissenschaftsrats
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;9(1):143–154. doi:10.1007/s42597-020-00035-z
    [BibTeX] [Abstract] [Download PDF]

    ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.

    @article{reuter_zur_2020,
    title = {Zur naturwissenschaftlich-technischen {Friedens}- und {Konfliktforschung} – {Aktuelle} {Herausforderungen} und {Bewertung} der {Empfehlungen} des {Wissenschaftsrats}},
    volume = {9},
    url = {https://link.springer.com/content/pdf/10.1007/s42597-020-00035-z.pdf},
    doi = {10.1007/s42597-020-00035-z},
    abstract = {ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2020},
    keywords = {Security, Peace, Projekt-CROSSING, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {143--154},
    }

  • Christian Reuter (2020)
    Towards IT Peace Research: Challenges at the Intersection of Peace and Conflict Research and Computer Science
    S+F Sicherheit und Frieden / Peace and Security ;38(1):10–16. doi:10.5771/0175-274X-2020-1-10
    [BibTeX] [Abstract] [Download PDF]

    Advances in science and technology, including information technology (IT), play a crucial role in the context of peace and security. However, research on the intersection of peace and conflict research as well as computer science is not well established yet. This article highlights the need for further work in the area of research “IT peace research”, which includes both empirical research on the role of IT in peace and security, as well as technical research to design technologies and applications. Based on the elaboration of the disciplines, central challenges, such as insecurity, actors, attribution and laws, are outlined.

    @article{reuter_towards_2020-1,
    title = {Towards {IT} {Peace} {Research}: {Challenges} at the {Intersection} of {Peace} and {Conflict} {Research} and {Computer} {Science}},
    volume = {38},
    url = {https://www.nomos-elibrary.de/10.5771/0175-274X-2020-1-10.pdf},
    doi = {10.5771/0175-274X-2020-1-10},
    abstract = {Advances in science and technology, including information technology (IT), play a crucial role in the context of peace and security. However, research on the intersection of peace and conflict research as well as computer science is not well established yet. This article highlights the need for further work in the area of research “IT peace research”, which includes both empirical research on the role of IT in peace and security, as well as technical research to design technologies and applications. Based on the elaboration of the disciplines, central challenges, such as insecurity, actors, attribution and laws, are outlined.},
    number = {1},
    journal = {S+F Sicherheit und Frieden / Peace and Security},
    author = {Reuter, Christian},
    year = {2020},
    keywords = {Security, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {10--16},
    }

  • Thomas Reinhold (2020)
    Verfassungs- und völkerrechtliche Fragen im militärischen Cyber- und Informationsraum unter besonderer Berücksichtigung des Parlamentsvorbehalts, der Zurechenbarkeit von Cyberangriffen sowie einer möglichen Anpassung nationaler und internationaler Normen
    In: : Deutscher Bundestag, Verteidigungsausschuss. Deutscher Bundestag, Verteidigungsausschuss, , 1–9.
    [BibTeX] [Download PDF]

    @incollection{reinhold_verfassungs-_2020,
    title = {Verfassungs- und völkerrechtliche {Fragen} im militärischen {Cyber}- und {Informationsraum} unter besonderer {Berücksichtigung} des {Parlamentsvorbehalts}, der {Zurechenbarkeit} von {Cyberangriffen} sowie einer möglichen {Anpassung} nationaler und internationaler {Normen}},
    url = {https://www.bundestag.de/resource/blob/824622/67fc9db4f856a8445355562500d2a134/stellungnahme-Thomas-Reinhold_15-03-2021-data.pdf},
    booktitle = {Deutscher {Bundestag}, {Verteidigungsausschuss}},
    publisher = {Deutscher Bundestag, Verteidigungsausschuss},
    author = {Reinhold, Thomas},
    year = {2020},
    keywords = {Security, Peace, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {1--9},
    }

  • Marc-André Kaufhold (2020)
    Information Refinement Technologies for Crisis Informatics: User Expectations and Design Implications for Social Media and Mobile Apps in Crisis
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt.
    [BibTeX] [Abstract] [Download PDF]

    In den letzten 20 Jahren haben sich mobile Technologien und soziale Medien nicht nur im Alltag, sondern auch in Krisensituationen etabliert. Insbesondere großflächige Ereignisse wie der Hurrikan Sandy (2012) oder das mitteleuropäische Hochwasser (2013) haben gezeigt, dass sich die Bevölkerung aktiv mit Informations- und Kommunikationstechnologie (IKT) an der Schadensbewältigung beteiligt (Reuter, Hughes, et al., 2018). Daraus ist das Forschungsfeld der Kriseninformatik entstanden, welches Wissen der Informatik und Gesellschaftswissenschaften kombiniert und zudem in Disziplinen wie der MenschMaschine-Interaktion (HCI), Computerunterstützten Gruppenarbeit (CSCW) und Wirtschaftsinformatik (WI) verankert ist. Während die Bevölkerung IKT einsetzt, um die Unsicherheiten in Krisen zu bewältigen, nutzen Behörden und Organisationen mit Sicherheitsaufgaben (BOS), etwa Feuerwehr und Polizei, öffentliche Daten, um das Situationsbewusstsein und die Entscheidungsfindung für eine bessere Schadensbewältigung zu verbessern (Palen & Anderson, 2016). Noch größere Katastrophen wie die aktuelle COVID-19-Pandemie verstärken dabei die Herausforderungen der Kriseninformatik (Xie et al., 2020). Für BOS stellt die umfangreiche Menge heterogener und semantisch verknüpfter Daten, auch Social Big Data genannt (Olshannikova et al., 2017), eine große Herausforderung im Hinblick auf die Qualität, Quantität und den Zugriff auf relevante Informationen dar. Um ein Situationsbewusstsein und nutzbare Informationen, d. h. die richtigen Informationen zur richtigen Zeit bei der richtigen Person, zu erhalten (Zade et al., 2018), müssen Informationen auf die Bedingungen des Ereignisses, organisationale Anforderungen, soziale Rahmenbedingungen und technische Möglichkeiten verfeinert werden. Diese Dissertation kombiniert das methodische Framework der Designfallstudien (Wulf et al., 2011) mit den Prinzipien der Design-Science-Forschung (Hevner et al., 2004), um das Thema der Informationsverfeinerung (Information Refinement) in vier Phasen zu untersuchen, wovon jede unterschiedliche Forschungsbeiträge hervorbringt. Die Arbeit begutachtet zunächst Nutzungs-, Rollen- und Wahrnehmungsmuster in der Kriseninformatik und stellt die Potenziale sozialer Medien zur öffentlichen Teilhabe an der Krisenbewältigung heraus. Die empirische Studien mit der deutschen Bevölkerung zeigen die positiven Einstellungen und die steigende Nutzung mobiler und sozialer Technologien in Krisen, stellen aber auch Barrieren heraus und zeigen die Erwartung, dass BOS in soziale Medien aktiv sind. Die Ergebnisse fundieren das Design innovativer IKT-Artefakte, darunter visuelle Bevölkerungsrichtlinien für soziale Medien in Krisen (SMG), ein Web-Interface für BOS zur Aggregation mobiler und sozialer Daten (ESI), ein Algorithmus zur Extraktion relevanter Informationen in sozialen Medien (SMO), und eine mobile App für die bidirektionale Kommunikation zwischen BOS und Bevölkerung (112.social). Die Evaluation der Artefakte involviert EndnutzerInnen aus dem Anwendungsfeld des Krisenmanagements, um potenziale für Verbesserungen und zukünftige Forschung zu identifizieren. Die Arbeit schließt mit einem Framework zur Informationsverfeinerung für die Kriseninformatik ab, welche die event-, gesellschafts-, organisation- und technologiebasierte Perspektive integriert.

    @book{kaufhold_information_2020,
    address = {Darmstadt, Germany},
    title = {Information {Refinement} {Technologies} for {Crisis} {Informatics}: {User} {Expectations} and {Design} {Implications} for {Social} {Media} and {Mobile} {Apps} in {Crisis}},
    url = {https://doi.org/10.26083/tuprints-00017474},
    abstract = {In den letzten 20 Jahren haben sich mobile Technologien und soziale Medien nicht nur im Alltag, sondern auch in Krisensituationen etabliert. Insbesondere großflächige Ereignisse wie der Hurrikan Sandy (2012) oder das mitteleuropäische Hochwasser (2013) haben gezeigt, dass sich die Bevölkerung aktiv mit Informations- und Kommunikationstechnologie (IKT) an der Schadensbewältigung beteiligt (Reuter, Hughes, et al., 2018). Daraus ist das Forschungsfeld der Kriseninformatik entstanden, welches Wissen der Informatik und Gesellschaftswissenschaften kombiniert und zudem in Disziplinen wie der MenschMaschine-Interaktion (HCI), Computerunterstützten Gruppenarbeit (CSCW) und Wirtschaftsinformatik (WI) verankert ist. Während die Bevölkerung IKT einsetzt, um die Unsicherheiten in Krisen zu bewältigen, nutzen Behörden und Organisationen mit Sicherheitsaufgaben (BOS), etwa Feuerwehr und Polizei, öffentliche Daten, um das Situationsbewusstsein und die Entscheidungsfindung für eine bessere Schadensbewältigung zu verbessern (Palen \& Anderson, 2016). Noch größere Katastrophen wie die aktuelle COVID-19-Pandemie verstärken dabei die Herausforderungen der Kriseninformatik (Xie et al., 2020). Für BOS stellt die umfangreiche Menge heterogener und semantisch verknüpfter Daten, auch Social Big Data genannt (Olshannikova et al., 2017), eine große Herausforderung im Hinblick auf die Qualität, Quantität und den Zugriff auf relevante Informationen dar. Um ein Situationsbewusstsein und nutzbare Informationen, d. h. die richtigen Informationen zur richtigen Zeit bei der richtigen Person, zu erhalten (Zade et al., 2018), müssen Informationen auf die Bedingungen des Ereignisses, organisationale Anforderungen, soziale Rahmenbedingungen und technische Möglichkeiten verfeinert werden. Diese Dissertation kombiniert das methodische Framework der Designfallstudien (Wulf et al., 2011) mit den Prinzipien der Design-Science-Forschung (Hevner et al., 2004), um das Thema der Informationsverfeinerung (Information Refinement) in vier Phasen zu untersuchen, wovon jede unterschiedliche Forschungsbeiträge hervorbringt. Die Arbeit begutachtet zunächst Nutzungs-, Rollen- und Wahrnehmungsmuster in der Kriseninformatik und stellt die Potenziale sozialer Medien zur öffentlichen Teilhabe an der Krisenbewältigung heraus. Die empirische Studien mit der deutschen Bevölkerung zeigen die positiven Einstellungen und die steigende Nutzung mobiler und sozialer Technologien in Krisen, stellen aber auch Barrieren heraus und zeigen die Erwartung, dass BOS in soziale Medien aktiv sind. Die Ergebnisse fundieren das Design innovativer IKT-Artefakte, darunter visuelle Bevölkerungsrichtlinien für soziale Medien in Krisen (SMG), ein Web-Interface für BOS zur Aggregation mobiler und sozialer Daten (ESI), ein Algorithmus zur Extraktion relevanter Informationen in sozialen Medien (SMO), und eine mobile App für die bidirektionale Kommunikation zwischen BOS und Bevölkerung (112.social). Die Evaluation der Artefakte involviert EndnutzerInnen aus dem Anwendungsfeld des Krisenmanagements, um potenziale für Verbesserungen und zukünftige Forschung zu identifizieren. Die Arbeit schließt mit einem Framework zur Informationsverfeinerung für die Kriseninformatik ab, welche die event-, gesellschafts-, organisation- und technologiebasierte Perspektive integriert.},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt},
    author = {Kaufhold, Marc-André},
    year = {2020},
    keywords = {Crisis, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Dissertation},
    }

  • Marc-André Kaufhold, Markus Bayer, Christian Reuter (2020)
    Rapid relevance classification of social media posts in disasters and emergencies: A system and evaluation featuring active, incremental and online learning
    Information Processing & Management (IPM) ;57(1):1–32.
    [BibTeX] [Abstract] [Download PDF]

    The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.

    @article{kaufhold_rapid_2020,
    title = {Rapid relevance classification of social media posts in disasters and emergencies: {A} system and evaluation featuring active, incremental and online learning},
    volume = {57},
    url = {https://peasec.de/paper/2020/2020_KaufholdBayerReuter_RapidRelevanceClassification_IPM.pdf},
    abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.},
    number = {1},
    journal = {Information Processing \& Management (IPM)},
    author = {Kaufhold, Marc-André and Bayer, Markus and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Ranking-WKWI-B, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--32},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2020)
    Sticking with Landlines? Citizens‘ and Police Social Media Use and Expectation During Emergencies
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) (Best Paper Social Impact Award) Potsdam, Germany. doi:10.30844/wi_2020_o2-haunschild
    [BibTeX] [Abstract] [Download PDF]

    Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens‘ perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens‘ perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services‘ social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.

    @inproceedings{haunschild_sticking_2020,
    address = {Potsdam, Germany},
    title = {Sticking with {Landlines}? {Citizens}' and {Police} {Social} {Media} {Use} and {Expectation} {During} {Emergencies}},
    url = {http://www.peasec.de/paper/2020/2020_HaunschildKaufholdReuter_SocialMediaPoliceSurvey_WI.pdf},
    doi = {10.30844/wi_2020_o2-haunschild},
    abstract = {Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens' perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens' perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services' social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI}) ({Best} {Paper} {Social} {Impact} {Award})},
    publisher = {AIS Electronic Library (AISel)},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, Ranking-CORE-C, Ranking-VHB-C, Ranking-WKWI-A, Projekt-MAKI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--16},
    }

    emergenCITY: Die Resiliente Digitale Stadt (1.1.2020-31.12.2023, HMWK)

    emergenCITY – Die Resiliente Digitale Stadt (1.1.2020-31.12.2026, HMWK)

    https://www.emergencity.de/

    Die TU Darmstadt kann im Rahmen des hessischen Forschungsförderungsprogramms LOEWE ein neues Zentrum etablieren – es trägt den Titel „Die Resiliente Digitale Stadt” und wird bis Ende 2023 mit insgesamt 17,4 Millionen Euro gefördert. Dies gab das Hessische Wissenschaftsministerium bekannt.

    Das LOEWE-Zentrum „emergenCITY“ („Resiliente Digitale Stadt“) wird Lösungen erarbeiten, die in Krisenfällen einen Notbetrieb für und mit Informations- und Kommunikationstechnologien sicherstellen, schnelle Hilfe ermöglichen und eine effiziente Rückkehr zur Normalität unterstützen. Dazu muss sich die Technologie bereits im Normalbetrieb kontinuierlich „selbst-vorbereitend“ auf Krisensituationen einstellen und diese autonom detektieren, so Hollick. In Notlagen sollen überlebenswichtige Dienste beschleunigt bereitgestellt werden. Das gewonnene Erfahrungswissen soll helfen, bei künftigen kritischen Situationen besser vorbereitet zu sein.

    Das ist auch dringend erforderlich: Im Jahr 2050 werden zwei Drittel der Weltbevölkerung in Städten leben. Für das Wachstum von Städten sind anpassungsfähige und effiziente Infrastrukturen unerlässlich. Digitale Städte der Zukunft nutzen vermehrt Informations- und Kommunikationstechnologien, um vernetzte Infrastrukturen etwa in den Bereichen Energie, Verkehr, Gesundheit, Staat und Verwaltung bereitzustellen. Die Abhängigkeit dieser Systeme aus Informations- und Kommunikationstechnologien nimmt stetig zu – und sie werden durch Naturereignisse, menschliches und technisches Versagen sowie Gewalt und Terror verwundbar.

    PEASEC ist Teil von emergenCITY. Teams von 23 Professorinnen und Professoren aus Informatik, Elektrotechnik und Informationstechnik, Maschinenbau, Gesellschafts- und Geschichtswissenschaften, Architektur, Wirtschaftswissenschaften sowie Rechtswissenschaften werden gemeinsam im universitären Verbund forschen – die Federführung hat die TU Darmstadt (Prof. Hollick), Partner sind die Universität Kassel und die Universität Marburg. Zusammen mit der Digitalstadt Darmstadt wird ein emergenCITY-Lab zur praxisnahen Erprobung von Lösungen etabliert. Das Bundesamt für Bevölkerungsschutz und Katastrophenhilfe bringt als weiterer Partner die gesamtheitliche Behörden- und Anwendungssicht ein.

    2024

  • Steffen Haesler, Christian Reuter (2024)
    Moderne Technologien und Resilienz
    In: Andreas H. Karsten, Stefan Voßschmidt: Resilienz und Schockereignisse. Kohlhammer.
    [BibTeX]

    @incollection{haesler_moderne_2024,
    title = {Moderne {Technologien} und {Resilienz}},
    booktitle = {Resilienz und {Schockereignisse}},
    publisher = {Kohlhammer},
    author = {Haesler, Steffen and Reuter, Christian},
    editor = {Karsten, Andreas H. and Voßschmidt, Stefan},
    year = {2024},
    keywords = {HCI, UsableSec, Security, Projekt-emergenCITY},
    }

  • Franz Kuntke (2024)
    Resilient Smart Farming: Crisis-Capable Information and Communication Technologies for Agriculture
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{kuntke_resilient_2024,
    address = {Wiesbaden, Germany},
    title = {Resilient {Smart} {Farming}: {Crisis}-{Capable} {Information} and {Communication} {Technologies} for {Agriculture}},
    publisher = {Springer Vieweg},
    author = {Kuntke, Franz},
    year = {2024},
    keywords = {Crisis, HCI, UsableSec, Security, RSF, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt.
    [BibTeX]

    @book{haunschild_enhancing_2024,
    address = {Darmstadt, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Jasmin Haunschild (2024)
    Enhancing Citizens’ Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{haunschild_enhancing_2024-1,
    address = {Wiesbaden, Germany},
    title = {Enhancing {Citizens}’ {Role} in {Public} {Safety}: {Interaction}, {Perception} and {Design} of {Mobile} {Warning} {Apps}},
    publisher = {Springer Vieweg},
    author = {Haunschild, Jasmin},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Felix Burger, Jasmin Haunschild, Christian Reuter (2024)
    Understanding Crisis Preparedness: Insights from Personal Values, Beliefs, Social Norms, and Personal Norms
    Proceedings of the 17th International Conference on Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract]

    In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants‘ beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.

    @inproceedings{burger_understanding_2024,
    title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
    abstract = {In disasters and crises, individual household preparedness is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey on resource-oriented crisis preparedness and participants’ values, a group of rather prepared and rather unprepared people was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. Quantitative analysis revealed a significant association between benevolence as a value and higher preparedness. Follow-up interviews (N=30) delved into participants' beliefs and norms, showing minimal group differences. While crisis preparedness is mildly positively viewed, strong negativity exists towards perceived “hoarders” or “preppers.” The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing the role of benevolence in fostering preparedness.},
    booktitle = {Proceedings of the 17th {International} {Conference} on {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Burger, Felix and Haunschild, Jasmin and Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Student},
    }

    2023

  • Stefka Schmid, Laura Guntrum, Steffen Haesler, Lisa Schultheiß, Christian Reuter (2023)
    Digital Volunteers During the COVID-19 Pandemic: Care Work on Social Media for Socio-technical Resilience
    Weizenbaum Journal of the Digital Society ;3(1). doi:10.34669/WI.WJDS/3.3.6
    [BibTeX] [Abstract] [Download PDF]

    Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.

    @article{schmid_digital_2023,
    title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
    volume = {3},
    issn = {2748-5625},
    url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
    doi = {10.34669/WI.WJDS/3.3.6},
    abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.},
    number = {1},
    journal = {Weizenbaum Journal of the Digital Society},
    author = {Schmid, Stefka and Guntrum, Laura and Haesler, Steffen and Schultheiß, Lisa and Reuter, Christian},
    month = may,
    year = {2023},
    keywords = {Crisis, HCI, SocialMedia, Student, Peace, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-TraCe},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2023)
    Preparedness Nudging for Warning Apps? A Mixed-Method Study Investigating Popularity and Effects of Preparedness Alerts in Warning Apps
    International Journal on Human-Computer Studies (IJHCS) ;172:102995. doi:https://doi.org/10.1016/j.ijhcs.2023.102995
    [BibTeX] [Abstract] [Download PDF]

    Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.

    @article{haunschild_preparedness_2023,
    title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
    volume = {172},
    issn = {1071-5819},
    url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
    doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
    abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
    journal = {International Journal on Human-Computer Studies (IJHCS)},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, Student, A-Paper, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {102995},
    }

  • Markus Bayer, Marc-André Kaufhold, Christian Reuter (2023)
    A Survey on Data Augmentation for Text Classification
    ACM Computing Surveys (CSUR) ;55(7):1–39. doi:10.1145/3544558
    [BibTeX] [Abstract] [Download PDF]

    Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.

    @article{bayer_survey_2023,
    title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
    volume = {55},
    url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
    doi = {10.1145/3544558},
    abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
    number = {7},
    journal = {ACM Computing Surveys (CSUR)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, Selected, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--39},
    }

  • Jasmin Haunschild, Leon Jung, Christian Reuter (2023)
    Dual-use in volunteer operations? Attitudes of computer science students regarding the establishment of a cyber security volunteer force
    In: Gerber Nina, Zimmermann Verena: International Symposium on Technikpsychologie (TecPsy). Sciendo, , 66–81.
    [BibTeX] [Abstract] [Download PDF]

    The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers are discussed.

    @incollection{haunschild_dual-use_2023,
    title = {Dual-use in volunteer operations? {Attitudes} of computer science students regarding the establishment of a cyber security volunteer force},
    isbn = {978-83-66675-89-6},
    url = {https://sciendo.com/chapter/9788366675896/10.2478/9788366675896-006},
    abstract = {The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative
    content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers
    are discussed.},
    booktitle = {International {Symposium} on {Technikpsychologie} ({TecPsy})},
    publisher = {Sciendo},
    author = {Haunschild, Jasmin and Jung, Leon and Reuter, Christian},
    editor = {Nina, Gerber and Verena, Zimmermann},
    year = {2023},
    keywords = {Crisis, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {66--81},
    }

  • Marc-André Kaufhold, Christian Reuter, Thomas Ludwig (2023)
    Big Data and Multi-platform Social Media Services in Disaster Management
    In: Amita Singh: International Handbook of Disaster Research. Singapore: Springer Nature Singapore, , 1–21.
    [BibTeX] [Abstract] [Download PDF]

    The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.

    @incollection{kaufhold_big_2023,
    address = {Singapore},
    title = {Big {Data} and {Multi}-platform {Social} {Media} {Services} in {Disaster} {Management}},
    isbn = {978-981-16-8800-3},
    url = {https://peasec.de/paper/2023/2023_KaufholdReuterLudwig_BigDataMultiPlatformSocialMediaDisaster_HandbookDisaster.pdf},
    abstract = {The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.},
    booktitle = {International {Handbook} of {Disaster} {Research}},
    publisher = {Springer Nature Singapore},
    author = {Kaufhold, Marc-André and Reuter, Christian and Ludwig, Thomas},
    editor = {Singh, Amita},
    year = {2023},
    keywords = {Crisis, HCI, Projekt-KOKOS, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {1--21},
    }

  • Christian Reuter, Marc-André Kaufhold (2023)
    Crisis Informatics
    In: Zheng Yan: Cambridge Handbook of Cyber Behavior. Cambridge University Press.
    [BibTeX] [Abstract]

    In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.

    @incollection{reuter_crisis_2023,
    title = {Crisis {Informatics}},
    isbn = {978-1-00-905708-0},
    abstract = {In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.},
    booktitle = {Cambridge {Handbook} of {Cyber} {Behavior}},
    publisher = {Cambridge University Press},
    author = {Reuter, Christian and Kaufhold, Marc-André},
    editor = {Yan, Zheng},
    year = {2023},
    keywords = {Crisis, HCI, Peace, Projekt-CYWARN, Projekt-ATHENE-FANCY, Projekt-emergenCITY},
    }

  • Franz Kuntke, Lars Baumgärtner, Christian Reuter (2023)
    Rural Communication in Outage Scenarios: Disruption-Tolerant Networking via LoRaWAN Setups
    Proceedings of Information Systems for Crisis Response and Management (ISCRAM) .
    [BibTeX] [Abstract] [Download PDF]

    Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.

    @inproceedings{kuntke_rural_2023,
    title = {Rural {Communication} in {Outage} {Scenarios}: {Disruption}-{Tolerant} {Networking} via {LoRaWAN} {Setups}},
    url = {https://idl.iscram.org/files/kuntke/2023/2581_Kuntke_etal2023.pdf},
    abstract = {Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.},
    booktitle = {Proceedings of {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    author = {Kuntke, Franz and Baumgärtner, Lars and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, RSF, Projekt-MAKI, Projekt-GeoBox, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--13},
    }

  • Leon Würsching, Florentin Putz, Steffen Haesler, Matthias Hollick (2023)
    FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) New York, NY, USA. doi:10.1145/3544548.3580993
    [BibTeX] [Abstract] [Download PDF]

    Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.

    @inproceedings{wursching_fido2_2023,
    address = {New York, NY, USA},
    series = {{CHI} '23},
    title = {{FIDO2} the {Rescue}? {Platform} vs. {Roaming} {Authentication} on {Smartphones}},
    url = {https://peasec.de/paper/2023/2023_WuerschingPutzHaeslerHollick_PlatformvsRoamingAuthenticationonSmartphones_CHI.pdf},
    doi = {10.1145/3544548.3580993},
    abstract = {Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {Association for Computing Machinery},
    author = {Würsching, Leon and Putz, Florentin and Haesler, Steffen and Hollick, Matthias},
    year = {2023},
    note = {event-place: Hamburg, HH, Germany},
    keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A*, AuswahlUsableSec, Projekt-emergenCITY},
    }

  • Jonas Höchst, Lars Baumgärtner, Franz Kuntke, Alvar Penning, Artur Sterz, Markus Sommer, Bernd Freisleben (2023)
    Mobile Device-to-Device Communication for Crisis Scenarios Using Low-Cost LoRa Modems
    In: Hans Jochen Scholl, Eric E. Holdeman, Kees F. Boersma: Disaster Management and Information Technology: Professional Response and Recovery Management in the Age of Disasters. Cham: Springer International Publishing, , 235–268. doi:10.1007/978-3-031-20939-0_12
    [BibTeX] [Abstract] [Download PDF]

    We present an approach to enable long-range device-to-device communication between smartphones in crisis situations. Our approach is based on inexpensive and readily available microcontrollers with integrated LoRa hardware that we empower to receive and forward messages via Bluetooth, Wi-Fi, or a serial connection by means of a dedicated firmware, called rf95modem. The developed firmware cannot only be used in crisis scenarios but also in a variety of other applications, such as providing a communication fallback during outdoor activities, geolocation-based games or broadcasting of local information. We present two applications to show the benefits of our approach. First, we introduce a novel device-to-device LoRa chat application that works on both Android and iOS as well as on traditional computers like notebooks using a console-based interface. Second, we demonstrate how other infrastructure-less technology can benefit from our approach by integrating it into the DTN7 delay-tolerant networking software. Furthermore, we present the results of an in-depth experimental evaluation of approach consisting of (i) real-world device-to-device LoRa transmissions in urban and rural areas and (ii) scalability tests based on simulations of LoRa device-to-device usage in a medium-sized city with up to 1000 active users. The firmware, our device-to-device chat application, our integration into DTN7, as well as our code fragments of the experimental evaluation and the experimental results are available under permissive open-source licenses.

    @incollection{hochst_mobile_2023,
    address = {Cham},
    title = {Mobile {Device}-to-{Device} {Communication} for {Crisis} {Scenarios} {Using} {Low}-{Cost} {LoRa} {Modems}},
    isbn = {978-3-031-20939-0},
    url = {https://peasec.de/paper/2023/2023_HoechstBaumgaertnerKuntkePenningSterzSommerFreisleben_MobileD2DCommunication_DMaIT.pdf},
    abstract = {We present an approach to enable long-range device-to-device communication between smartphones in crisis situations. Our approach is based on inexpensive and readily available microcontrollers with integrated LoRa hardware that we empower to receive and forward messages via Bluetooth, Wi-Fi, or a serial connection by means of a dedicated firmware, called rf95modem. The developed firmware cannot only be used in crisis scenarios but also in a variety of other applications, such as providing a communication fallback during outdoor activities, geolocation-based games or broadcasting of local information. We present two applications to show the benefits of our approach. First, we introduce a novel device-to-device LoRa chat application that works on both Android and iOS as well as on traditional computers like notebooks using a console-based interface. Second, we demonstrate how other infrastructure-less technology can benefit from our approach by integrating it into the DTN7 delay-tolerant networking software. Furthermore, we present the results of an in-depth experimental evaluation of approach consisting of (i) real-world device-to-device LoRa transmissions in urban and rural areas and (ii) scalability tests based on simulations of LoRa device-to-device usage in a medium-sized city with up to 1000 active users. The firmware, our device-to-device chat application, our integration into DTN7, as well as our code fragments of the experimental evaluation and the experimental results are available under permissive open-source licenses.},
    booktitle = {Disaster {Management} and {Information} {Technology}: {Professional} {Response} and {Recovery} {Management} in the {Age} of {Disasters}},
    publisher = {Springer International Publishing},
    author = {Höchst, Jonas and Baumgärtner, Lars and Kuntke, Franz and Penning, Alvar and Sterz, Artur and Sommer, Markus and Freisleben, Bernd},
    editor = {Scholl, Hans Jochen and Holdeman, Eric E. and Boersma, F. Kees},
    year = {2023},
    doi = {10.1007/978-3-031-20939-0_12},
    keywords = {Crisis, Security, RSF, Projekt-emergenCITY, Projekt-ATHENE},
    pages = {235--268},
    }

  • Steffen Haesler, Marc Wendelborn, Christian Reuter (2023)
    Getting the Residents‘ Attention: The Perception of Warning Channels in Smart Home Warning Systems
    Proceedings of the ACM Designing Interactive Systems Conference (DIS) New York, NY, USA. doi:10.1145/3563657.3596076
    [BibTeX] [Abstract] [Download PDF]

    About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.

    @inproceedings{haesler_getting_2023,
    address = {New York, NY, USA},
    series = {{DIS} '23},
    title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
    isbn = {978-1-4503-9893-0},
    url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
    doi = {10.1145/3563657.3596076},
    abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
    booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
    publisher = {Association for Computing Machinery},
    author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
    year = {2023},
    note = {event-place: Pittsburgh, PA, USA},
    keywords = {Crisis, HCI, Student, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1114--1127},
    }

  • Christian Reuter, Marc-André Kaufhold, Tom Biselli, Helene Pleil (2023)
    Increasing Adoption Despite Perceived Limitations of Social Media in Emergencies: Representative Insights on German Citizens’ Perception and Trends from 2017 to 2021
    International Journal of Disaster Risk Reduction (IJDRR) ;96. doi:https://doi.org/10.1016/j.ijdrr.2023.103880
    [BibTeX] [Abstract] [Download PDF]

    The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.

    @article{reuter_increasing_2023,
    title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
    volume = {96},
    issn = {2212-4209},
    url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
    doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
    abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
    journal = {International Journal of Disaster Risk Reduction (IJDRR)},
    author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, SocialMedia, Student, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY, Projekt-NEBULA, Projekt-CYLENCE},
    }

  • Marco Zivkovic, Jonas Franken, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Infrastrukturen und historisches Wissen: Eine interdisziplinäre Analyse der Resilienz von Schienen- und Kabelnetzen
    Tagungsband Fachtagung Katastrophenforschung 2023 Leoben.
    [BibTeX] [Abstract] [Download PDF]

    Im Forschungsprojekt “ Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”“ wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.

    @inproceedings{zivkovic_infrastrukturen_2023,
    address = {Leoben},
    title = {Infrastrukturen und historisches {Wissen}: {Eine} interdisziplinäre {Analyse} der {Resilienz} von {Schienen}- und {Kabelnetzen}},
    isbn = {978-3-900397-11-1},
    url = {https://peasec.de/paper/2023/2023_ZivkovicFrankenThiessenEngelsReuter_InfrastrukturenHistorischesWissen_FKF23.pdf},
    abstract = {Im Forschungsprojekt " Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”" wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.},
    booktitle = {Tagungsband {Fachtagung} {Katastrophenforschung} 2023},
    publisher = {Disaster Competence Network Austria},
    author = {Zivkovic, Marco and Franken, Jonas and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    keywords = {Crisis, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-NetzGeschichte},
    }

  • Jonas Franken, Marco Zivkovic, Nadja Thiessen, Jens Ivo Engels, Christian Reuter (2023)
    Das Netz hat Geschichte: Historisch-technische Analyse der kritischen Infrastrukturen in der Region Rhein/Main
    In: : INFORMATIK 2023: 53. Jahrestagung der Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge). Bonn: Gesellschaft für Informatik e. V., , 1–6. doi:10.18420/inf2023_159
    [BibTeX] [Abstract] [Download PDF]

    Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.

    @incollection{franken_netz_2023,
    address = {Bonn},
    title = {Das {Netz} hat {Geschichte}: {Historisch}-technische {Analyse} der kritischen {Infrastrukturen} in der {Region} {Rhein}/{Main}},
    url = {https://peasec.de/paper/2023/2023_FrankenZivkovicThiessenEngelsReuter_NetzGeschichte_GI.pdf},
    abstract = {Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.},
    booktitle = {{INFORMATIK} 2023: 53. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge})},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Franken, Jonas and Zivkovic, Marco and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
    year = {2023},
    doi = {10.18420/inf2023_159},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Projekt-AgriRegio},
    pages = {1--6},
    }

    2022

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Cultural Violence and Fragmentation on Social Media: Interventions and Countermeasures by Humans and Social Bots
    In: Myriam Dunn Cavelty, Andreas Wenger: Cyber Security Politics: Socio-Technological Transformations and Political Fragmentation. Routledge, , 48–63.
    [BibTeX] [Abstract] [Download PDF]

    Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.

    @incollection{haunschild_cultural_2022,
    title = {Cultural {Violence} and {Fragmentation} on {Social} {Media}: {Interventions} and {Countermeasures} by {Humans} and {Social} {Bots}},
    isbn = {978-0-367-62674-7},
    url = {https://peasec.de/paper/2022/2022_HaunschildKaufholdReuter_SocialMediaAndFragmentation_Routledge.pdf},
    abstract = {Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.},
    booktitle = {Cyber {Security} {Politics}: {Socio}-{Technological} {Transformations} and {Political} {Fragmentation}},
    publisher = {Routledge},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Cavelty, Myriam Dunn and Wenger, Andreas},
    year = {2022},
    keywords = {Crisis, SocialMedia, Peace, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {48--63},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    1 ed. Wiesbaden: Springer Vieweg. doi:https://doi.org/10.1007/978-3-658-39720-3
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022,
    address = {Wiesbaden},
    edition = {1},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    isbn = {978-3-658-39719-7},
    url = {https://link.springer.com/book/10.1007/978-3-658-39720-3},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    language = {en},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2022},
    doi = {https://doi.org/10.1007/978-3-658-39720-3},
    keywords = {Crisis, HCI, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Christian Bueger, Tobias Liebetrau, Jonas Franken (2022)
    Security threats to undersea communications cables and infrastructure – consequences for the EU
    Brussels: European Parliament.
    [BibTeX] [Abstract] [Download PDF]

    The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.

    @book{bueger_security_2022,
    address = {Brussels},
    title = {Security threats to undersea communications cables and infrastructure – consequences for the {EU}},
    url = {https://www.europarl.europa.eu/thinktank/en/document/EXPO_IDA(2022)702557},
    abstract = {The EU’s subsea data cable network is both vital for global connectivity and vulnerable. This study provides a systematic review of the current security threats, as well as the actors at the origin of these threats. Building on reports and expert input, the paper takes stock of current awareness, preparedness and response mechanisms, both at the EU and Member State level. A number of recommendations suggest how to improve the resilience of the cable network. Proposals build on the need to enhance EU-wide awareness, improve coordination and share information across EU institutions and Member States. In addition, surveillance capabilities must be advanced, response and repair mechanisms strengthened, and the topic mainstreamed across external action.},
    publisher = {European Parliament},
    author = {Bueger, Christian and Liebetrau, Tobias and Franken, Jonas},
    year = {2022},
    keywords = {Student, Security, Infrastructure, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Denis Orlov, Simon Möller, Sven Düfler, Steffen Haesler, Christian Reuter (2022)
    Detecting a Crisis: Comparison of Self-Reported vs. Automated Internet Outage Measuring Methods
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-321
    [BibTeX] [Abstract] [Download PDF]

    Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.

    @inproceedings{orlov_detecting_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Detecting a {Crisis}: {Comparison} of {Self}-{Reported} vs. {Automated} {Internet} {Outage} {Measuring} {Methods}},
    url = {https://dl.gi.de/handle/20.500.12116/39089},
    doi = {10.18420/muc2022-mci-ws10-321},
    abstract = {Every day, there are internet disruptions or outages around the world that affect our daily lives. In this paper, we analyzed these events in Germany in recent years and found out how they can be detected, and what impact they have on citizens, especially in crisis situations. For this purpose, we take a look at two different approaches to recording internet outages, namely the self-reporting of citizens and automatic reporting by algorithmic examination of the availability of IP networks. We evaluate the data of six major events with regard to their meaningfulness in quality and quantity. We found that due to the amount of data and the inherent imprecision of the methods used, it is difficult to detect outages through algorithmic examination. But once an event is publicly known by self-reporting, they have advantages to capture the temporal and spatial dimensions of the outage due to its nature of objective measurements. As a result, we propose that users’ crowdsourcing can enhance the detection of outages and should be seen as an important starting point to even begin an analysis with algorithm-based techniques, but it is to ISPs and regulatory authorities to support that.},
    language = {en},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Orlov, Denis and Möller, Simon and Düfler, Sven and Haesler, Steffen and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Christian Reuter (2022)
    A European Perspective on Crisis Informatics: Citizens‘ and Authorities‘ attitudes towards Social Media for Public Safety and Security
    Nijmegen: The Radboud University Thesis Repository.
    [BibTeX] [Abstract] [Download PDF]

    Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.

    @book{reuter_european_2022-1,
    address = {Nijmegen},
    title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
    url = {https://repository.ubn.ru.nl/handle/2066/253000},
    abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
    publisher = {The Radboud University Thesis Repository},
    author = {Reuter, Christian},
    year = {2022},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, SocialMedia, Projekt-EmerGent, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, Dissertation},
    }

  • Markus Bayer, Marc-André Kaufhold, Björn Buchhold, Marcel Keller, Jörg Dallmeyer, Christian Reuter (2022)
    Data Augmentation in Natural Language Processing: A Novel Text Generation Approach for Long and Short Text Classifiers
    International Journal of Machine Learning and Cybernetics (IJMLC) . doi:10.1007/s13042-022-01553-3
    [BibTeX] [Abstract] [Download PDF]

    In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.

    @article{bayer_data_2022,
    title = {Data {Augmentation} in {Natural} {Language} {Processing}: {A} {Novel} {Text} {Generation} {Approach} for {Long} and {Short} {Text} {Classifiers}},
    url = {https://link.springer.com/article/10.1007/s13042-022-01553-3},
    doi = {10.1007/s13042-022-01553-3},
    abstract = {In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.},
    journal = {International Journal of Machine Learning and Cybernetics (IJMLC)},
    author = {Bayer, Markus and Kaufhold, Marc-André and Buchhold, Björn and Keller, Marcel and Dallmeyer, Jörg and Reuter, Christian},
    year = {2022},
    keywords = {Student, Security, A-Paper, Ranking-ImpactFactor, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2022)
    Perceptions and Use of Warning Apps – Did Recent Crises Lead to Changes in Germany?
    Mensch und Computer 2022 – Tagungsband New York. doi:10.1145/3543758.3543770
    [BibTeX] [Abstract] [Download PDF]

    Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.

    @inproceedings{haunschild_perceptions_2022,
    address = {New York},
    title = {Perceptions and {Use} of {Warning} {Apps} – {Did} {Recent} {Crises} {Lead} to {Changes} in {Germany}?},
    url = {http://www.peasec.de/paper/2022/2022_HaunschildKaufholdReuter_WarningAppsChangesGermany_MuC.pdf},
    doi = {10.1145/3543758.3543770},
    abstract = {Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.},
    language = {en},
    booktitle = {Mensch und {Computer} 2022 - {Tagungsband}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2022},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

    2021

  • Christian Reuter (2021)
    Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement (Zweite Auflage)
    2 ed. Wiesbaden: Springer Vieweg.
    [BibTeX] [Abstract] [Download PDF]

    Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.

    @book{reuter_sicherheitskritische_2021,
    address = {Wiesbaden},
    edition = {2},
    title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
    isbn = {978-3-658-32795-8},
    url = {https://www.springer.com/de/book/9783658327941},
    abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, HCI, Selected, SocialMedia, UsableSec, Security, Projekt-KontiKat, Peace, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Perceptions of Police Technology Use and Attitudes Towards the Police – A Representative Survey of the German Population
    Mensch und Computer – Workshopband Bonn. doi:10.18420/muc2021-mci-ws08-255
    [BibTeX] [Abstract] [Download PDF]

    Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.

    @inproceedings{haunschild_perceptions_2021,
    address = {Bonn},
    title = {Perceptions of {Police} {Technology} {Use} and {Attitudes} {Towards} the {Police} - {A} {Representative} {Survey} of the {German} {Population}},
    volume = {Mensch und Computer 2021 - Workshopband},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildReuter_PoliceTechnologyUseSurvey_MuC-WS.pdf},
    doi = {10.18420/muc2021-mci-ws08-255},
    abstract = {Many Germans perceive a brutalization of society, and state officials also report feeling under attack. At the same time, policing is criticised for becoming increasingly militarised and for having extended surveillance in the course of fighting terrorism. Advancements in HCI are used in the context of many of the issues that policing is facing. In this study, we conduct a representative survey of the German population to investigate personal experiences with and attitudes towards the police and information and communication technologies (ICT) used for policing. We find an overall positive image of the police and uncritical attitudes towards ICT used for general surveillance (body-worn cameras, video surveillance, face recognition) and slightly more critical attitudes towards personal surveillance (e.g. through communication data retention). The study indicates that perceptions differ according to experience of unfair treatment by the police, while other factors such as age and education have similar effects.},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik e. V.},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Security, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Selina Pauli, Christian Reuter (2021)
    Citizens‘ Perceived Information Responsibilities and Information Challenges During the COVID-19 Pandemic
    GoodIT ’21: Proceedings of the Conference on Information Technology for Social Good . doi:10.1145/3462203.3475886
    [BibTeX] [Abstract] [Download PDF]

    In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens‘ perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens‘ needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens‘ desire to stay informed.

    @inproceedings{haunschild_citizens_2021,
    title = {Citizens' {Perceived} {Information} {Responsibilities} and {Information} {Challenges} {During} the {COVID}-19 {Pandemic}},
    url = {http://www.peasec.de/paper/2021/2021_HaunschildPauliReuter_InformationResponsibilitiesCovid19_GoodIT.pdf},
    doi = {10.1145/3462203.3475886},
    abstract = {In crises, citizens show changes in their information behavior, which is mediated by trust in sources, personal relations, online and offline news outlets and information and communication technologies such as apps and social media. Through a repeated one-week survey with closed and open questions of German citizens during the beginning of the COVID-19 pandemic, this study examines citizens' perceptions of information responsibilities, their satisfaction with the fulfillment of these responsibilities and their wishes for improving the information flow. The study shows that the dynamism of the crisis and the federally varying strategies burden citizens who perceive an obligation to stay informed, but view agencies as responsible for making information readily available. The study contributes a deeper understanding of citizens' needs in crises and discusses implications for design of communication tools for dynamic situations that reduce information overload while fulfilling citizens' desire to stay informed.},
    booktitle = {{GoodIT} '21: {Proceedings} of the {Conference} on {Information} {Technology} for {Social} {Good}},
    author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {151--156},
    }

  • Steffen Haesler, Stefka Schmid, Annemike Sophia Vierneisel, Christian Reuter (2021)
    Stronger Together: How Neighborhood Groups Build up a Virtual Network during the COVID-19 Pandemic
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2).
    [BibTeX] [Abstract] [Download PDF]

    During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.

    @article{haesler_stronger_2021,
    title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
    volume = {5},
    url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
    abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
    year = {2021},
    keywords = {AuswahlCrisis, Crisis, HCI, Selected, A-Paper, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Steffen Haesler, Ragnark Mogk, Florentin Putz, Kevin T. Logan, Nadja Thiessen, Katharina Kleinschnitger, Lars Baumgärtner, Jan-Philipp Stroscher, Christian Reuter, Michele Knodt, Matthias Hollick (2021)
    Connected Self-Organized Citizens in Crises: An Interdisciplinary Resilience Concept for Neighborhoods
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481749
    [BibTeX] [Abstract] [Download PDF]

    When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.

    @inproceedings{haesler_connected_2021,
    address = {Virtual Event, USA},
    title = {Connected {Self}-{Organized} {Citizens} in {Crises}: {An} {Interdisciplinary} {Resilience} {Concept} for {Neighborhoods}},
    url = {https://peasec.de/paper/2021/2021_Haesleretal_ConnectedSelfOrganizedCitizensinCrises_CSCWComp.pdf},
    doi = {10.1145/3462204.3481749},
    abstract = {When facing major crisis events, such as earthquakes, flooding,or attacks on infrastructure, people start to organize within theirneighborhoods. While this has historically been an analog process,people now use collaboration or messenger apps to support theirself-organization. Unfortunately, these apps are not designed to beresilient and fail with communication infrastructure outages whenservers are no longer available. We provide a resilience conceptwith requirements derived from an interdisciplinary view enablingcitizens to communicate and collaborate in everyday life and duringcrisis events. Our human-centered prototype integrates conceptsof nudging for crisis preparedness, decentralized and secure com-munication, participation, smart resource management, historicalknowledge, and legal issues to help guide further research.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haesler, Steffen and Mogk, Ragnark and Putz, Florentin and Logan, Kevin T. and Thiessen, Nadja and Kleinschnitger, Katharina and Baumgärtner, Lars and Stroscher, Jan-Philipp and Reuter, Christian and Knodt, Michele and Hollick, Matthias},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Kilian Demuth, Henri-Jacques Geiß, Christian Richter, Christian Reuter (2021)
    Nutzer, Sammler, Entscheidungsträger? Arten der Bürgerbeteiligung in Smart Cities
    HMD Praxis der Wirtschaftsinformatik ;58. doi:10.1365/s40702-021-00770-8
    [BibTeX] [Abstract] [Download PDF]

    Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.

    @article{haunschild_nutzer_2021,
    title = {Nutzer, {Sammler}, {Entscheidungsträger}? {Arten} der {Bürgerbeteiligung} in {Smart} {Cities}},
    volume = {58},
    url = {https://peasec.de/paper/2021/2021_HaunschildDemuthGeissRichterReuter_NutzerSammlerEntscheidungstragerBuergerbeteiligungSmartCities_HMD.pdf},
    doi = {10.1365/s40702-021-00770-8},
    abstract = {Digitalisierung ist ein präsenter Faktor in vielen Städten. So existieren bereits viele Smart-City-Initiativen, bei denen Städte versuchen, ihre Prozesse durch Erfassung und Verknüpfung von Daten, oft unter Zuhilfenahme von Datenplattformen, zu optimieren. In Anbetracht der damit einhergehenden großen Investitionen und Veränderungen wird Bürgerbeteiligung als zentraler Faktor für den Erfolg solcher Initiativen betrachtet. Bisher ist allerdings nicht klar, was typische Beteiligungsformate von Smart-City-Initiativen sind und welche Rolle(n) BürgerInnen dabei einnehmen. Dieser Beitrag leitet mittels einer Literaturanalyse zu Smart Cities ein Kategorienschema zu typischen Bürgerbeteiligungsarten ab. Die Analyse ergab, dass sich Einbindung von BürgerInnen in politische Entscheidungen und bei der Entwicklung technischer Artefakte maßgeblich auf e‑Government oder Participatory Design bezieht. Im Hinblick auf die Beteiligungsarten zeigt sich, dass Makrofabriken, Living Labs und Open-Data-Plattformen häufige Ansätze sind, um BürgerInnen als Co-Creators einzubinden. Zudem werden BürgerInnen mit Citizen Sensing zur Erfassung von Daten oder Missständen einbezogen. Dabei zeigen sich sowohl aktivere, als auch eher passive Beteiligungsarten. Die Analyse zeigt, dass die Einbindung von BürgerInnen häufig entweder auf eine Beteiligung an politischen Entscheidungen oder an der Entwicklung technischer Artefakte abzielt. Auch wenn keine klare Abgrenzung möglich ist, sind diese Ansätze dann eher durch e‑Government oder Participatory Design inspiriert.},
    journal = {HMD Praxis der Wirtschaftsinformatik},
    author = {Haunschild, Jasmin and Demuth, Kilian and Geiß, Henri-Jacques and Richter, Christian and Reuter, Christian},
    year = {2021},
    keywords = {HCI, Student, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    }

  • Jasmin Haunschild, Christian Reuter (2021)
    Bridging from Crisis to Everyday Life – An Analysis of User Reviews of the Warning App NINA and the COVID-19 Information Apps CoroBuddy and DarfIchDas
    CSCW ’21 Companion: Conference Companion Publication of the 2021 on Computer Supported Cooperative Work and Social Computing Virtual Event, USA. doi:10.1145/3462204.3481745
    [BibTeX] [Abstract] [Download PDF]

    During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.

    @inproceedings{haunschild_bridging_2021,
    address = {Virtual Event, USA},
    title = {Bridging from {Crisis} to {Everyday} {Life} – {An} {Analysis} of {User} {Reviews} of the {Warning} {App} {NINA} and the {COVID}-19 {Information} {Apps} {CoroBuddy} and {DarfIchDas}},
    url = {https://peasec.de/paper/2021/2021_HaunschildReuter_UserReviewsWarningCovidApps_CSCWComp.pdf},
    doi = {10.1145/3462204.3481745},
    abstract = {During a dynamic and protracted crisis such as the COVID-19 pandemic, citizens are continuously challenged with making decisionsunder uncertainty. In addition to evaluating the risk of their behav-iors to themselves and others, citizens also have to consider themost current regulation, which often varies federally and locallyand by incidence numbers. Few tools help to stay informed aboutthe current rules. The state-run German multi-hazard warningapp NINA incorporated a feature for COVID-19, while two apps,DarfIchDas and CoroBuddy, focus only on COVID-19 regulationand are privately run. To investigate users’ expectations, perceivedadvantages, and gaps as well as the developers’ challenges, we analyze recent app store reviews of the apps and developers’ replies.We show that the warning app and the COVID-19 regulation appsare evaluated on different terms, that the correctness and portrayalof complex rules are the main challenges and that developers andeditors are underusing users’ potential for crowdsourcing.},
    booktitle = {{CSCW} '21 {Companion}: {Conference} {Companion} {Publication} of the 2021 on {Computer} {Supported} {Cooperative} {Work} and {Social} {Computing}},
    publisher = {ACM},
    author = {Haunschild, Jasmin and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {72--78},
    }

  • Rolf Egert, Nina Gerber, Jasmin Haunschild, Philipp Kuehn, Verena Zimmermann (2021)
    Towards Resilient Critical Infrastructures – Motivating Users to Contribute to Smart Grid Resilience
    i-com – Journal of Interactive Media ;20(2):161–175. doi:10.1515/icom-2021-0021
    [BibTeX] [Abstract] [Download PDF]

    Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers – capable of producing and consuming electricity – who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.

    @article{egert_towards_2021,
    series = {i-com},
    title = {Towards {Resilient} {Critical} {Infrastructures} - {Motivating} {Users} to {Contribute} to {Smart} {Grid} {Resilience}},
    volume = {20},
    url = {https://www.degruyter.com/document/doi/10.1515/icom-2021-0021/html},
    doi = {10.1515/icom-2021-0021},
    abstract = {Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers - capable of producing and consuming electricity - who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.},
    number = {2},
    journal = {i-com - Journal of Interactive Media},
    author = {Egert, Rolf and Gerber, Nina and Haunschild, Jasmin and Kuehn, Philipp and Zimmermann, Verena},
    year = {2021},
    keywords = {Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {161--175},
    }

    2020

  • Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter (2020)
    Warning the Public: A Survey on Attitudes, Expectations and Use of Mobile Crisis Apps in Germany
    Proceedings of the European Conference on Information Systems (ECIS) .
    [BibTeX] [Abstract] [Download PDF]

    As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.

    @inproceedings{kaufhold_warning_2020,
    title = {Warning the {Public}: {A} {Survey} on {Attitudes}, {Expectations} and {Use} of {Mobile} {Crisis} {Apps} in {Germany}},
    url = {http://www.peasec.de/paper/2020/2020_KaufholdHaunschildReuter_WarningthePublic_ECIS.pdf},
    abstract = {As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.},
    booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
    publisher = {AIS},
    author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, A-Paper, Ranking-VHB-B, Ranking-WKWI-A, Ranking-CORE-A, Projekt-ATHENE-SecUrban, Projekt-ATHENE-FANCY, Projekt-emergenCITY},
    }

  • Steffen Haesler, Stefka Schmid, Christian Reuter (2020)
    Crisis Volunteering Nerds: Three Months After COVID-19 Hackathon \#WirVsVirus
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424584
    [BibTeX] [Abstract] [Download PDF]

    The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.

    @inproceedings{haesler_crisis_2020,
    title = {Crisis {Volunteering} {Nerds}: {Three} {Months} {After} {COVID}-19 {Hackathon} \#{WirVsVirus}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424584},
    doi = {10.1145/3406324.3424584},
    abstract = {The hackathon \#WirVsVirus in March 2020 was one of the biggest hackathons in history. Under the patronage of the federal government of Germany, 28,361 participants worked together in 1,498 projects, finding innovative apps and solutions against the COVID-19 pandemic. Three months after the event, we present an exemplifying analysis of the topics, used technologies and remaining activity of these projects. Shedding light on this instance of citizen science allows to highlight the potential of hackathons and startup culture regarding socio-technological resilience. At the same time, it may be understood as an impulse for crisis informatics to consider new forms of volunteering in the course of crisis management.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    publisher = {ACM},
    author = {Haesler, Steffen and Schmid, Stefka and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--56},
    }

  • Christian Reuter, Marc-André Kaufhold, Tina Comes, Michèle Knodt, Max Mühlhäuser (2020)
    Mobile Resilience: Designing Mobile Interactive Systems for Societal and Technical Resilience
    MobileHCI ’20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services . doi:10.1145/3406324.3424590
    [BibTeX] [Abstract] [Download PDF]

    Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.

    @inproceedings{reuter_mobile_2020,
    title = {Mobile {Resilience}: {Designing} {Mobile} {Interactive} {Systems} for {Societal} and {Technical} {Resilience}},
    url = {https://dl.acm.org/doi/pdf/10.1145/3406324.3424590},
    doi = {10.1145/3406324.3424590},
    abstract = {Digitalization and interconnectedness, facilitated by the Internet of Things (IoT) and the widespread distribution of mobile devices, can be used to tackle important societal challenges. This is maybe most prominently visible in the response to the COVID-2019 Pandemic. However, the design of mobile technology, functionality and underlying infrastructures must be resilient against disruptions caused by man-made (e.g. bombings, hacking) and natural (e.g. earthquakes, hurricanes) crises, emergencies and threats. To explore challenges, designs and potentials of interactive technologies, this workshop investigates the overlapping space of mobile technologies and resilient systems, including future application domains such as smart cities.},
    booktitle = {{MobileHCI} '20: 22nd {International} {Conference} on {Human}-{Computer} {Interaction} with {Mobile} {Devices} and {Services}},
    author = {Reuter, Christian and Kaufhold, Marc-André and Comes, Tina and Knodt, Michèle and Mühlhäuser, Max},
    year = {2020},
    keywords = {Crisis, HCI, SocialMedia, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-emergenCITY},
    pages = {1--3},
    }

  • Christian Reuter, Jasmin Haunschild, Matthias Hollick, Max Mühlhäuser, Joachim Vogt, Michael Kreutzer (2020)
    Towards Secure Urban Infrastructures: Cyber Security Challenges to Information and Communication Technology in Smart Cities
    Mensch und Computer 2020 – Workshopband Magdeburg. doi:10.18420/muc2020-ws117-408
    [BibTeX] [Abstract] [Download PDF]

    The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.

    @inproceedings{reuter_towards_2020,
    address = {Magdeburg},
    title = {Towards {Secure} {Urban} {Infrastructures}: {Cyber} {Security} {Challenges} to {Information} and {Communication} {Technology} in {Smart} {Cities}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/33550/muc2020-ws-408.pdf},
    doi = {10.18420/muc2020-ws117-408},
    abstract = {The growth of cities continues to be a global megatrend. As more and more people live in urban areas and urban services and infrastructures are under growing strain, technologies are increasingly being researched and used to make city life more efficient and comfortable. As a result, so-called “Smart Cities” have complex IT infrastructures and cyber-physical systems such as sensor/actuator networks for the general population and are developing worldwide. Urban infrastructure must be secured against attacks, ensuring reliable and resilient services for citizens as well as privacy and data security. This paper introduces selected challenges faced by infrastructure providers, citizens and decision-makers in handling attacks aimed at information and communication technologies (ICT) of urban infrastructures and presents current research avenues for tackling cyberattacks and for developing tools for creating, portraying and disseminating actiona-ble information as one important response to security challenges. It then presents findings from a representative survey conducted in Germany (N=1091) on the experiences and perceptions of citizens concerning the relevance of cyberat-tacks will be presented.},
    booktitle = {Mensch und {Computer} 2020 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Reuter, Christian and Haunschild, Jasmin and Hollick, Matthias and Mühlhäuser, Max and Vogt, Joachim and Kreutzer, Michael},
    editor = {Hansen, C. and Nürnberger, A. and Preim, B.},
    year = {2020},
    keywords = {Crisis, UsableSec, Security, Infrastructure, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--7},
    }

  • Christian Reuter, Marc-André Kaufhold, Fabian Spahr, Thomas Spielhofer, Anna Sophie Hahne (2020)
    Emergency Service Staff and Social Media – A Comparative Empirical Study of the Perception by Emergency Services Members in Europe in 2014 and 2017
    International Journal of Disaster Risk Reduction (IJDRR) ;46(101516). doi:10.1016/j.ijdrr.2020.101516
    [BibTeX] [Abstract] [Download PDF]

    Finding a way to ensure an effective use of social media has become increasingly important to emergency services over the past decade. Despite all efforts to determine the utility of social media for emergency organisations, it is necessary to benefit from such institutions‘ staffs‘ opinions to establish effective use. To provide empirical evidence we present a comparison of two surveys, conducted across Europe with emergency services in 2014 and 2017 respectively, with a total of 1169 answers. The analysis shows that personal experience has an effect on how organisational usage of social media is perceived and how emergency service staff view the future use of social media. Furthermore, the use has increased. This article not only shows emergency services what their staff think about their social media usage but also discusses challenges and future directions for the design of systems that can be useful for further development of optimized organisational social media usage.

    @article{reuter_emergency_2020,
    title = {Emergency {Service} {Staff} and {Social} {Media} – {A} {Comparative} {Empirical} {Study} of the {Perception} by {Emergency} {Services} {Members} in {Europe} in 2014 and 2017},
    volume = {46},
    url = {https://peasec.de/paper/2020/2020_ReuterKaufholdSpahrSpielhoferHahne_EmergencyServiceSocialMediaAttitude20142017_IJDRR.pdf},
    doi = {10.1016/j.ijdrr.2020.101516},
    abstract = {Finding a way to ensure an effective use of social media has become increasingly important to emergency services over the past decade. Despite all efforts to determine the utility of social media for emergency organisations, it is necessary to benefit from such institutions' staffs' opinions to establish effective use. To provide empirical evidence we present a comparison of two surveys, conducted across Europe with emergency services in 2014 and 2017 respectively, with a total of 1169 answers. The analysis shows that personal experience has an effect on how organisational usage of social media is perceived and how emergency service staff view the future use of social media. Furthermore, the use has increased. This article not only shows emergency services what their staff think about their social media usage but also discusses challenges and future directions for the design of systems that can be useful for further development of optimized organisational social media usage.},
    number = {101516},
    journal = {International Journal of Disaster Risk Reduction (IJDRR)},
    author = {Reuter, Christian and Kaufhold, Marc-André and Spahr, Fabian and Spielhofer, Thomas and Hahne, Anna Sophie},
    year = {2020},
    keywords = {Crisis, SocialMedia, Student, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY},
    }

  • Milan Stute, Max Maass, Tom Schons, Marc-André Kaufhold, Christian Reuter, Matthias Hollick (2020)
    Empirical Insights for Designing Information and Communication Technology for International Disaster Response
    International Journal of Disaster Risk Reduction (IJDRR) ;47(101598):1–10. doi:10.1016/j.ijdrr.2020.101598
    [BibTeX] [Abstract] [Download PDF]

    Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.

    @article{stute_empirical_2020,
    title = {Empirical {Insights} for {Designing} {Information} and {Communication} {Technology} for {International} {Disaster} {Response}},
    volume = {47},
    url = {https://www.sciencedirect.com/science/article/pii/S2212420919309501},
    doi = {10.1016/j.ijdrr.2020.101598},
    abstract = {Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.},
    number = {101598},
    journal = {International Journal of Disaster Risk Reduction (IJDRR)},
    author = {Stute, Milan and Maass, Max and Schons, Tom and Kaufhold, Marc-André and Reuter, Christian and Hollick, Matthias},
    year = {2020},
    keywords = {Crisis, Student, UsableSec, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY},
    pages = {1--10},
    }

  • Marc-André Kaufhold, Markus Bayer, Christian Reuter (2020)
    Rapid relevance classification of social media posts in disasters and emergencies: A system and evaluation featuring active, incremental and online learning
    Information Processing & Management (IPM) ;57(1):1–32.
    [BibTeX] [Abstract] [Download PDF]

    The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.

    @article{kaufhold_rapid_2020,
    title = {Rapid relevance classification of social media posts in disasters and emergencies: {A} system and evaluation featuring active, incremental and online learning},
    volume = {57},
    url = {https://peasec.de/paper/2020/2020_KaufholdBayerReuter_RapidRelevanceClassification_IPM.pdf},
    abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.},
    number = {1},
    journal = {Information Processing \& Management (IPM)},
    author = {Kaufhold, Marc-André and Bayer, Markus and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, SocialMedia, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Ranking-WKWI-B, Projekt-ATHENE-SecUrban, Projekt-emergenCITY, AuswahlKaufhold},
    pages = {1--32},
    }

  • Jasmin Haunschild, Marc-André Kaufhold, Christian Reuter (2020)
    Sticking with Landlines? Citizens‘ and Police Social Media Use and Expectation During Emergencies
    Proceedings of the International Conference on Wirtschaftsinformatik (WI) (Best Paper Social Impact Award) Potsdam, Germany. doi:10.30844/wi_2020_o2-haunschild
    [BibTeX] [Abstract] [Download PDF]

    Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens‘ perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens‘ perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services‘ social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.

    @inproceedings{haunschild_sticking_2020,
    address = {Potsdam, Germany},
    title = {Sticking with {Landlines}? {Citizens}' and {Police} {Social} {Media} {Use} and {Expectation} {During} {Emergencies}},
    url = {http://www.peasec.de/paper/2020/2020_HaunschildKaufholdReuter_SocialMediaPoliceSurvey_WI.pdf},
    doi = {10.30844/wi_2020_o2-haunschild},
    abstract = {Crisis informatics has examined the use, potentials and weaknesses of social media in emergencies across different events (e.g., man-made, natural or hybrid), countries and heterogeneous participants (e.g., citizens or emergency services) for almost two decades. While most research analyzes specific cases, few studies have focused on citizens' perceptions of different social media platforms in emergencies using a representative sample. Basing our questionnaire on a workshop with police officers, we present the results of a representative study on citizens' perception of social media in emergencies that we conducted in Germany. Our study suggests that when it comes to emergencies, socio-demographic differences are largely insignificant and no clear preferences for emergency services' social media strategies exist. Due to the widespread searching behavior on some platforms, emergency services can reach a wide audience by turning to certain channels but should account for groups with distinct preferences.},
    booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI}) ({Best} {Paper} {Social} {Impact} {Award})},
    publisher = {AIS Electronic Library (AISel)},
    author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
    year = {2020},
    keywords = {Crisis, Ranking-CORE-C, Ranking-VHB-C, Ranking-WKWI-A, Projekt-MAKI, Projekt-ATHENE-SecUrban, Projekt-emergenCITY},
    pages = {1--16},
    }

    ATHENE-CyAware: User-Centered Technology Design for Cyber Situational Awareness (1.1.2023-31.12.2026, BMBF+HMWK)

    ATHENE-CyAware: User-Centered Technology Design for Cyber Situational Awareness (01.01.2023-31.12.2026, BMBF+HMWK)

    Looking at the 2015 Ukraine power grid cyberattack, the 2017 WannaCry ransomware attack, or the 2020 University Hospital of Düsseldorf hack, amongst others, the vulnerability of critical infrastructures and thus also of society to cyberattacks becomes apparent. The growing interconnection of information and communication technology in combination with the increasing number, variety, and professionalism of cyber threats exacerbate the challenges for Computer Emergency Response Teams (CERTs) and IT Security Officers (ITSOs) to maintain cyber situational awareness, i.e., to provide an accurate situation picture of the cyber threats and security vulnerabilities relevant to the organization and other target groups as a foundation for decision-making. Thus, the overarching goal of the project “User-Centered Technology Design for Cyber Situational Awareness” (CYAWARE) is to design and evaluate usable security technologies enhancing the cyber situational awareness of CERTs and ITSOs in businesses, industry, government, and society.
    More specifically, this includes (1) an artificial intelligence pipeline for the adjustable, fast, performant, and transparent detection of cyber threats and vulnerabilities as well as (2) a visual analytics dashboard for the customizable filtering for relevant information enhancing cyber situational awareness, with a special emphasis on external threat awareness. Embedded into the methodological framework of a design case study, the project comprises empirical pre-studies to understand organizational practices, the design of innovative ICT to tackle identified challenges, and the evaluation of their functionality, usability, and user experience. The findings of the participatory and user-centered design approach will be distilled into best practices, guidelines, and design implications to enhance our understanding of usable technologies contributing to cyber situational awareness and decision-making.

    CNTR: Cluster Natur- und Technikwissenschaftliche Rüstungskontrollforschung (1.1.2023-31.12.2026, AA)

    CNTR: Cluster Natur- und Technikwissenschaftliche Rüstungskontrollforschung (1.1.2023-31.12.2026, AA)

    https://www.cntrarmscontrol.org/

    Der russische Überfall auf die Ukraine hat die möglichen Gefahren, die von rüstungs­technischen Inno­vationen, Nuklear­waffen, chemischen und biologischen Kampf­stoffen sowie digitaler Kriegs­führung ausgehen, drastisch ins Bewusstsein zurück­gebracht. Auch wenn modernste Waffen­systeme in der Ukraine nur punktuell zum Einsatz kamen, zeigt der Einsatz von Drohnen, hoch­präzisen Flugabwehr­systemen oder Cyber­fähigkeiten exem­plarisch, wie sehr Technologie die Macht­verhältnisse auf dem Schlachtfeld beein­flussen kann. Neue Waffen­technologie kann im Extremfall Macht­verhältnisse disruptiv umkehren und für Unsicher­heit sorgen. Letzteres gilt auch für Chemie- und Biowaffen, sogar wenn sie lediglich rhetorisch für Propaganda- und Desinformations­zwecke benutzt werden.

    Ziel des Clusters Natur- und Technik­wissenschaftliche Rüstungs­kontrollforschung (CNTR) ist es, diese Gefahren zu untersuchen, wissen­schaftlich fundiert einzuordnen und auf dieser Grundlage Handlungs­empfehlungen zur Stärkung der Rüstungs­kontrolle zu entwickeln. Dazu integriert das Cluster technik- und natur­wissen­schaftliche Erkenntnisse und Expertise in den inter­disziplinären Diskurs der Friedens- und Konflikt­forschung. Eng verzahnt arbeiten Forschende der Natur- und Sozial­wissenschaften am Leibnitz-Institut für Friedens- und Konflikt­forschung (PRIF) mit den Universitäten Darmstadt und Gießen zusammen, ganz im Sinne der 2019 formulierten Empfehlungen des Wissenschafts­rats zur Weiter­entwicklung der Friedens- und Konfliktforschung. Das Projekt wird über eine Laufzeit von vier Jahren (Januar 2023 bis Dezember 2026) vom Auswärtigen Amt gefördert.

    Im Rahmen des Clusters wird u.a. folgende Forschungs­gruppe gegründet: Neue Technologien und Rüstungskontrolle (geleitet von Prof. Dr. Dr. Christian Reuter und Dr. Niklas Schörnig): Die Rüstungs­kontrolle ist in einer schweren Krise, mehr noch: der Einsatz neuster Technologien wie Hyperschall­raketen, Drohnen oder gar die militärische Nutzung künstlicher Intelligenz lassen einen neuen quali­tativen Rüstungs­wettlauf und die umfang­reiche Verbreitung modernster Waffen­technologie wahr­scheinlich erscheinen. Um in dieser Situation zur Analyse von militärischen Potenzialen, zur Ein­schätzung von Risiken und zur Entwicklung neuer Optionen für Rüstungs­kontrolle, aber auch zur Abrüstung und Nicht­verbreitung von Nuklear­waffen beizutragen, ist natur­wissen­schaftliche Expertise notwendig. Verschärft wird das Problem durch den zunehmenden Einsatz von Künstlicher Intelligenz (KI) und (semi)­autonomen Waffen. Gleichzeitig können neue Technologien aber auch dazu beitragen, wirksame Gegen­strategien und zuverlässigere Instrumente für Rüstungs­kontrolle und Verifikation zu entwickeln.

    CYLENCE: Strategien und Werkzeuge gegen Cybermobbing und Hassbotschaften (1.8.2023-31.07.2026, BMBF)

    CYLENCE: Strategien und Werkzeuge gegen Cybermobbing und Hassbotschaften (1.8.2023-31.7.2026, BMBF)

    https://peasec.de/cylence

    Laut einer vergleichenden Studie des Bündnis gegen Cybermobbing e.V. (Beitzinger & Leest, 2021) waren 2021 rund 11,5% der Menschen in Deutschland von Cybermobbing betroffen. Während etwas mehr als 53% der Cybermobbingvorfälle im privaten Umfeld geschehen, entfallen noch 38% auf das Arbeitsumfeld. Neben Depressionen, Suchtgefahr oder körperlichen Beschwerden stuften sich rund 15% der Betroffenen von Mobbing und Cybermobbing als suizidgefährdet ein. Aus wirtschaftlicher Sicht ist dabei die Kündigungsbereitschaft von Mobbingopfern um 40% höher, Betroffene weisen fast doppelt so viele Krankheitstage wie der Durchschnitt auf und die jährlichen Kosten durch den Produktionsausfall in der deutschen Wirtschaft werden auf rund 8 Mrd. Euro geschätzt. Eine regelmäßige Befragung der Landesanstalt für Medien NRW (Landesanstalt für Medien NRW, 2021) verdeutlicht zudem, dass die Anzahl der Internetnutzer*innen in Deutschland, die häufig mit Hassbotschaften konfrontiert sind, in den letzten Jahren von 27% (2017) auf 39% (2021) angestiegen ist. Obwohl im Jahr 2021 über zwei Drittel der Befragten schon einmal Hasskommentare wahrgenommen haben, haben nur 28% von diesen einen Hasskommentar beim jeweiligen Portal gemeldet.

    Das Ziel von CYLENCE ist die Entwicklung von Strategien und Werkzeugen zur medienübergreifenden Meldung, Erkennung und Behandlung von Cybermobbing und Hassbotschaften. Dazu sollen organisationale Strategien und Werkzeuge zur Erfassung und Analyse (teil-)öffentlicher, sozialer Datenquellen (z.B. Facebook, Telegram, Twitter) auf Basis eines partizipativen Entwicklungsprozesses Ermittlungs- und Strafverfolgungsbehörden (ESBs) zur verbesserten Früherkennung und Behandlung von Cyber-Missbrauchsfällen befähigen. Eine darauf ausgerichtete Schulungsstrategie wird durch ein interaktives Tutorial für die Aneignung der entwickelten Werkzeuge ergänzt, die mithilfe von Künstlicher Intelligenz (KI) und Visual Analytics (VA) die anpassbare, faire und nachvollziehbare KI-Detektion und echtzeitbasierte Dashboard-Aufbereitung von Cyber-Missbrauchsinhalten unterstützen. Zur Erhöhung der zivilen Sicherheit sollen weiter die Erkennung und Meldung von Cybermobbing und Hassbotschaften durch die Bevölkerung gestärkt werden. Dies umfasst eine Strategie zur Verbesserung der Kommunikation zwischen Bürger*innen, Betroffenen und ESBs, welche durch empirische Feldforschung (z.B. repräsentative Befragungen) unterstützt und im Rahmen einer Kampagne erprobt wird. Dazu werden Werkzeuge zur Erkennung und Meldung von Cyber-Missbrauch für Bürger*innen durch ein Browser-Plugin und eine Smartphone-App zur Verfügung gestellt und evaluiert.

    2024

  • Marc-André Kaufhold, Jasmin Haunschild, Christian Reuter (2024)
    Cultural Violence and Peace Interventions in Social Media
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.

    @incollection{kaufhold_cultural_2024,
    address = {Wiesbaden, Germany},
    title = {Cultural {Violence} and {Peace} {Interventions} in {Social} {Media}},
    abstract = {Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Crisis, HCI, SocialMedia, Peace, Projekt-CYLENCE},
    }

  • Marc-André Kaufhold, Thea Riebe, Markus Bayer, Christian Reuter (2024)
    ‚We Do Not Have the Capacity to Monitor All Media‘: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response Teams
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) .
    [BibTeX] [Abstract]

    Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.

    @inproceedings{kaufhold_we_2024,
    series = {{CHI} '24},
    title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
    abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {Association for Computing Machinery},
    author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
    }

    2023

  • Christian Reuter, Marc-André Kaufhold, Tom Biselli, Helene Pleil (2023)
    Increasing Adoption Despite Perceived Limitations of Social Media in Emergencies: Representative Insights on German Citizens’ Perception and Trends from 2017 to 2021
    International Journal of Disaster Risk Reduction (IJDRR) ;96. doi:https://doi.org/10.1016/j.ijdrr.2023.103880
    [BibTeX] [Abstract] [Download PDF]

    The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.

    @article{reuter_increasing_2023,
    title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
    volume = {96},
    issn = {2212-4209},
    url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
    doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
    abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
    journal = {International Journal of Disaster Risk Reduction (IJDRR)},
    author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
    year = {2023},
    keywords = {AuswahlCrisis, Crisis, SocialMedia, Student, A-Paper, Ranking-ImpactFactor, Projekt-emergenCITY, Projekt-NEBULA, Projekt-CYLENCE},
    }

  • Marc-André Kaufhold, Markus Bayer, Julian Bäumler, Christian Reuter, Stefan Stieglitz, Ali Sercan Basyurt, Milad Mirabaie, Christoph Fuchß, Kaan Eyilmez (2023)
    CYLENCE: Strategies and Tools for Cross-Media Reporting, Detection, and Treatment of Cyberbullying and Hatespeech in Law Enforcement Agencies
    Mensch und Computer 2023 – Workshopband Rapperswil, Switzerland. doi:10.18420/muc2023-mci-ws01-211
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.

    @inproceedings{kaufhold_cylence_2023,
    address = {Rapperswil, Switzerland},
    title = {{CYLENCE}: {Strategies} and {Tools} for {Cross}-{Media} {Reporting}, {Detection}, and {Treatment} of {Cyberbullying} and {Hatespeech} in {Law} {Enforcement} {Agencies}},
    url = {https://dl.gi.de/items/0e0efe8f-64bf-400c-85f7-02b65f83189d},
    doi = {10.18420/muc2023-mci-ws01-211},
    abstract = {Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.},
    language = {de},
    booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Bayer, Markus and Bäumler, Julian and Reuter, Christian and Stieglitz, Stefan and Basyurt, Ali Sercan and Mirabaie, Milad and Fuchß, Christoph and Eyilmez, Kaan},
    year = {2023},
    keywords = {HCI, UsableSec, Projekt-CYLENCE},
    }

    SFB1119 CROSSING: Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen (1.8.2018-30.06.2026, DFG)

    SFB CROSSING – Kryptografiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen (01.08.2018-30.06.2026, DFG)

    https://www.crossing.tu-darmstadt.de/

    Kryptographie ist ein unverzichtbares Instrument für die sichere Gestaltung digitaler Prozesse, in dem sie Vertraulichkeit, Integrität, Authentisierung und Unabstreitbarkeit gewährleistet. Auf diese Weise können viele Dienste sicher über das Internet abgewickelt werden. Dennoch lassen sich nicht alle in der Praxis auftretenden Probleme mit den bereits existierenden kryptographischen Verfahren lösen. Diese Problemstellung motivierte CROSSING schon vor dessen Start im Jahre 2014, und ist auch heute noch aktuell. Dementsprechend war und ist das übergeordnete Ziel des Sonderforschungsbereichs CROSSING: Kryptographie-basierte Sicherheitslösungen zu entwickeln, die Vertrauen in heutigen und zukünftigen IT-Systemen ermöglichen. Die Lösungen werden die Effizienz- und Sicherheitsanforderungen dieser IT-Umgebungen erfüllen und werden sicher implementiert sein. Entwickler, Administratoren und Endanwender von IT werden diese Lösungen leicht nutzen können, auch wenn sie keine Kryptographie-Experten sind.

    Teilprojekt: Transparenz als nutzerzentrierte Intervention für Privatsphäre und Sicherheit

    Das Projekt zielt darauf ab, Nutzer angemessen zu informieren und aufzuklären, um eine bessere Entscheidungsfindung in Bezug auf das persönliche Sicherheits- und Privatheitsverhalten zu fördern. Das Projekt untersucht insbesondere, in welchen Kontexten und für welche Nutzer transparente, nachvollziehbare Indikatoren als Intervention zu solch verbesserten Ergebnissen führen. Ganz allgemein untersucht das Projekt, ob und wie nutzerzentrierte Sicherheits- und Privatheits-Interventionen von der Personalisierung und Kontrolle durch die Benutzer selbst profitieren können.

    2024

  • Tom Biselli, Laura Utz, Christian Reuter (2024)
    Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners
    Proceedings on Privacy Enhancing Technologies (PoPETs) (1):171–191. doi:https://doi.org/10.56553/popets-2024-0011
    [BibTeX] [Abstract] [Download PDF]

    Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.

    @article{biselli_supporting_2024,
    title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
    url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
    doi = {https://doi.org/10.56553/popets-2024-0011},
    abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
    number = {1},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
    year = {2024},
    keywords = {HCI, Selected, Student, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, AuswahlUsableSec},
    pages = {171--191},
    }

  • Christian Reuter (2024)
    Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{reuter_information_2024,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2024},
    keywords = {Selected, Security, Peace, Infrastructure, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-TraCe},
    }

  • Christian Reuter, Konstantin Aal, Jürgen Altmann, Ute Bernhardt, Kai Denker, Anja-Liisa Gonsior, Dominik Herrmann, Matthias Hollick, Marc-André Kaufhold, Thomas Reinhold, Thea Riebe, Ingo Ruhmann, Klaus-Peter Saalbach, Niklas Schörnig, Ali Sunyaev, Volker Wulf (2024)
    The Future of IT in Peace and Security
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.

    @incollection{reuter_future_2024,
    address = {Wiesbaden, Germany},
    title = {The {Future} of {IT} in {Peace} and {Security}},
    abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aal, Konstantin and Altmann, Jürgen and Bernhardt, Ute and Denker, Kai and Gonsior, Anja-Liisa and Herrmann, Dominik and Hollick, Matthias and Kaufhold, Marc-André and Reinhold, Thomas and Riebe, Thea and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING},
    }

  • Christian Reuter (2024)
    Information Technology for Peace and Security – Introduction and Overview
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.

    @incollection{reuter_information_2024-1,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {Introduction} and {Overview}},
    abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING},
    }

  • Thomas Reinhold, Christian Reuter (2024)
    From Cyber War to Cyber Peace
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg.
    [BibTeX] [Abstract]

    The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.

    @incollection{reinhold_cyber_2024,
    address = {Wiesbaden, Germany},
    title = {From {Cyber} {War} to {Cyber} {Peace}},
    abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING, Cyberwar, Projekt-CNTR},
    }

  • Thomas Reinhold (2024)
    Towards a Peaceful Development of Cyberspace: Challenges and Technical Measures for the De-Escalation of State-Led Cyberconflicts and Arms Control of Cyberweapons
    Springer Fachmedien Wiesbaden.
    [BibTeX] [Abstract]

    Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states‘ security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.

    @book{reinhold_towards_2024,
    title = {Towards a {Peaceful} {Development} of {Cyberspace}: {Challenges} and {Technical} {Measures} for the {De}-{Escalation} of {State}-{Led} {Cyberconflicts} and {Arms} {Control} of {Cyberweapons}},
    abstract = {Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states' security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.},
    publisher = {Springer Fachmedien Wiesbaden},
    author = {Reinhold, Thomas},
    year = {2024},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE, Dissertation},
    }

    2023

  • Thomas Reinhold, Christian Reuter (2023)
    Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;12(1):31–58. doi:10.1007/s42597-023-00099-7
    [BibTeX] [Abstract] [Download PDF]

    While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.

    @article{reinhold_preventing_2023,
    title = {Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack},
    volume = {12},
    issn = {2524-6976},
    url = {https://doi.org/10.1007/s42597-023-00099-7},
    doi = {10.1007/s42597-023-00099-7},
    abstract = {While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reinhold, Thomas and Reuter, Christian},
    month = apr,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {31--58},
    }

  • Sebastian Surminski, Christian Niesler, Sebastian Linsner, Lucas Davi, Christian Reuter (2023)
    SCAtt-man: Side-Channel-Based Remote Attestation for Embedded Devices that Users Understand
    Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy New York, NY, USA. doi:10.1145/3577923.3583652
    [BibTeX] [Abstract] [Download PDF]

    From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.

    @inproceedings{surminski_scatt-man_2023,
    address = {New York, NY, USA},
    series = {{CODASPY} '23},
    title = {{SCAtt}-man: {Side}-{Channel}-{Based} {Remote} {Attestation} for {Embedded} {Devices} that {Users} {Understand}},
    isbn = {9798400700675},
    url = {https://doi.org/10.1145/3577923.3583652},
    doi = {10.1145/3577923.3583652},
    abstract = {From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.},
    booktitle = {Proceedings of the {Thirteenth} {ACM} {Conference} on {Data} and {Application} {Security} and {Privacy}},
    publisher = {Association for Computing Machinery},
    author = {Surminski, Sebastian and Niesler, Christian and Linsner, Sebastian and Davi, Lucas and Reuter, Christian},
    year = {2023},
    keywords = {HCI, UsableSec, Security, Ranking-CORE-B, Projekt-CROSSING},
    pages = {225--236},
    }

  • Thea Riebe, Julian Bäumler, Marc-André Kaufhold, Christian Reuter (2023)
    Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design Perspective
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) . doi:10.1007/s10606-022-09453-4
    [BibTeX] [Abstract] [Download PDF]

    The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.

    @article{riebe_values_2023,
    title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
    url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
    doi = {10.1007/s10606-022-09453-4},
    abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    }

  • Elise Özalp, Katrin Hartwig, Christian Reuter (2023)
    Trends in Explainable Artificial Intelligence for Non-Experts
    In: Peter Klimczak, Christer Petersen: AI – Limits and Prospects of Artificial Intelligence. Bielefeld: Transcript Verlag, , 223–243.
    [BibTeX] [Abstract] [Download PDF]

    In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.

    @incollection{ozalp_trends_2023,
    address = {Bielefeld},
    title = {Trends in {Explainable} {Artificial} {Intelligence} for {Non}-{Experts}},
    url = {https://www.transcript-verlag.de/978-3-8376-5732-6/ai-limits-and-prospects-of-artificial-intelligence/?c=313000019},
    abstract = {In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.},
    booktitle = {{AI} - {Limits} and {Prospects} of {Artificial} {Intelligence}},
    publisher = {Transcript Verlag},
    author = {Özalp, Elise and Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Petersen, Christer},
    year = {2023},
    keywords = {HCI, Student, UsableSec, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
    pages = {223--243},
    }

  • Enno Steinbrink, Tom Biselli, Sebastian Linsner, Franziska Herbert, Christian Reuter (2023)
    Privacy Perception and Behaviour in Safety-Critical Environments
    In: Nina Gerber, Alina Stöver, Karola Marky: Human Factors in Privacy Research. Cham: Springer International Publishing, , 237–251.
    [BibTeX] [Abstract] [Download PDF]

    When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.

    @incollection{steinbrink_privacy_2023,
    address = {Cham},
    title = {Privacy {Perception} and {Behaviour} in {Safety}-{Critical} {Environments}},
    isbn = {978-3-031-28643-8},
    url = {https://doi.org/10.1007/978-3-031-28643-8_12},
    abstract = {When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.},
    booktitle = {Human {Factors} in {Privacy} {Research}},
    publisher = {Springer International Publishing},
    author = {Steinbrink, Enno and Biselli, Tom and Linsner, Sebastian and Herbert, Franziska and Reuter, Christian},
    editor = {Gerber, Nina and Stöver, Alina and Marky, Karola},
    year = {2023},
    keywords = {HCI, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-FANCY, Projekt-GRKPrivacy},
    pages = {237--251},
    }

  • Thomas Reinhold, Helene Pleil, Christian Reuter (2023)
    Challenges for Cyber Arms Control: A Qualitative Expert Interview Study
    Zeitschrift für Außen- und Sicherheitspolitik (ZfAS) ;16(3):289–310. doi:10.1007/s12399-023-00960-w
    [BibTeX] [Abstract] [Download PDF]

    The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.

    @article{reinhold_challenges_2023,
    title = {Challenges for {Cyber} {Arms} {Control}: {A} {Qualitative} {Expert} {Interview} {Study}},
    volume = {16},
    issn = {1866-2196},
    url = {https://doi.org/10.1007/s12399-023-00960-w},
    doi = {10.1007/s12399-023-00960-w},
    abstract = {The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.},
    number = {3},
    journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
    author = {Reinhold, Thomas and Pleil, Helene and Reuter, Christian},
    month = aug,
    year = {2023},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {289--310},
    }

  • Thomas Reinhold, Philipp Kuehn, Daniel Günther, Thomas Schneider, Christian Reuter (2023)
    ExTRUST: Reducing Exploit Stockpiles With a Privacy-Preserving Depletion Systems for Inter-State Relationships
    IEEE Transactions on Technology and Society ;4(2):158–170. doi:10.1109/TTS.2023.3280356
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.

    @article{reinhold_extrust_2023,
    title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
    volume = {4},
    url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
    doi = {10.1109/TTS.2023.3280356},
    abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
    number = {2},
    journal = {IEEE Transactions on Technology and Society},
    author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
    year = {2023},
    keywords = {Selected, Student, A-Paper, Peace, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-GRKPrivacy},
    pages = {158--170},
    }

  • Markus Bayer, Tobias Frey, Christian Reuter (2023)
    Multi-Level Fine-Tuning, Data Augmentation, and Few-Shot Learning for Specialized Cyber Threat Intelligence
    Computers & Security . doi:10.1016/j.cose.2023.103430
    [BibTeX] [Abstract] [Download PDF]

    A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication

    @article{bayer_multi-level_2023,
    title = {Multi-{Level} {Fine}-{Tuning}, {Data} {Augmentation}, and {Few}-{Shot} {Learning} for {Specialized} {Cyber} {Threat} {Intelligence}},
    issn = {0167-4048},
    url = {https://peasec.de/paper/2023/2023_BayerFreyReuter_MultiLevelFineTuningForCyberThreatIntelligence_CS.pdf},
    doi = {10.1016/j.cose.2023.103430},
    abstract = {A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication},
    journal = {Computers \& Security},
    author = {Bayer, Markus and Frey, Tobias and Reuter, Christian},
    year = {2023},
    keywords = {Student, Security, A-Paper, Ranking-ImpactFactor, Projekt-CROSSING, Projekt-CYWARN, Projekt-ATHENE},
    }

  • Katrin Hartwig, Christian Reuter (2023)
    Countering Fake News Technically – Detection and Countermeasure Approaches to Support Users
    In: Peter Klimczak, Thomas Zoglauer: Truth and Fake in the Post-Factual Digital Age: Distinctions in the Humanities and IT Sciences. Wiesbaden: Springer Fachmedien Wiesbaden, , 131–147. doi:10.1007/978-3-658-40406-2_7
    [BibTeX] [Abstract] [Download PDF]

    The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.

    @incollection{hartwig_countering_2023,
    address = {Wiesbaden},
    title = {Countering {Fake} {News} {Technically} – {Detection} and {Countermeasure} {Approaches} to {Support} {Users}},
    isbn = {978-3-658-40406-2},
    url = {https://peasec.de/paper/2023/2023_HartwigReuter_CounteringFakeNews_TruthFakePostTruth.pdf},
    abstract = {The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.},
    booktitle = {Truth and {Fake} in the {Post}-{Factual} {Digital} {Age}: {Distinctions} in the {Humanities} and {IT} {Sciences}},
    publisher = {Springer Fachmedien Wiesbaden},
    author = {Hartwig, Katrin and Reuter, Christian},
    editor = {Klimczak, Peter and Zoglauer, Thomas},
    year = {2023},
    doi = {10.1007/978-3-658-40406-2_7},
    keywords = {Crisis, HCI, SocialMedia, Projekt-CROSSING, Projekt-ATHENE},
    pages = {131--147},
    }

  • Thomas Reinhold (2023)
    Towards a Peaceful Development of Cyberspace: Challenges and Technical Measures for the De-Escalation of State-Led Cyberconflicts and Arms Control of Cyberweapons
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt. doi:10.26083/tuprints-00024559
    [BibTeX] [Abstract] [Download PDF]

    Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states‘ security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.

    @book{reinhold_towards_2023,
    address = {Darmstadt, Germany},
    title = {Towards a {Peaceful} {Development} of {Cyberspace}: {Challenges} and {Technical} {Measures} for the {De}-{Escalation} of {State}-{Led} {Cyberconflicts} and {Arms} {Control} of {Cyberweapons}},
    url = {https://tuprints.ulb.tu-darmstadt.de/24559/},
    abstract = {Cyberspace, already a few decades old, has become a matter of course for most of us, part of our everyday life. At the same time, this space and the global infrastructure behind it are essential for our civilizations, the economy and administration, and thus an essential expression and lifeline of a globalized world. However, these developments also create vulnerabilities and thus, cyberspace is increasingly developing into an intelligence and military operational area – for the defense and security of states but also as a component of offensive military planning, visible in the creation of military cyber-departments and the integration of cyberspace into states' security and defense strategies. In order to contain and regulate the conflict and escalation potential of technology used by military forces, over the last decades, a complex tool set of transparency, de-escalation and arms control measures has been developed and proof-tested. Unfortunately, many of these established measures do not work for cyberspace due to its specific technical characteristics. Even more, the concept of what constitutes a weapon – an essential requirement for regulation – starts to blur for this domain. Against this background, this thesis aims to answer how measures for the de-escalation of state-led conflicts in cyberspace and arms control of cyberweapons can be developed. In order to answer this question, the dissertation takes a specifically technical perspective on these problems and the underlying political challenges of state behavior and international humanitarian law in cyberspace to identify starting points for technical measures of transparency, arms control and verification. Based on this approach of adopting already existing technical measures from other fields of computer science, the thesis will provide proof of concepts approaches for some mentioned challenges like a classification system for cyberweapons that is based on technical measurable features, an approach for the mutual reduction of vulnerability stockpiles and an approach to plausibly assure the non-involvement in a cyberconflict as a measure for de-escalation. All these initial approaches and the questions of how and by which measures arms control and conflict reduction can work for cyberspace are still quite new and subject to not too many debates. Indeed, the approach of deliberately self-restricting the capabilities of technology in order to serve a bigger goal, like the reduction of its destructive usage, is yet not very common for the engineering thinking of computer science. Therefore, this dissertation also aims to provide some impulses regarding the responsibility and creative options of computer science with a view to the peaceful development and use of cyberspace.},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
    author = {Reinhold, Thomas},
    year = {2023},
    doi = {10.26083/tuprints-00024559},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-ATHENE, Dissertation},
    }

  • Christian Reuter, Thea Riebe, Laura Guntrum (2023)
    Science Peace Security ‘23 – Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research
    Darmstadt, Germany: TUprints. doi:10.26083/tuprints-00024777
    [BibTeX] [Abstract] [Download PDF]

    The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.

    @book{reuter_science_2023,
    address = {Darmstadt, Germany},
    title = {Science {Peace} {Security} ‘23 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
    abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
    publisher = {TUprints},
    author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    year = {2023},
    doi = {10.26083/tuprints-00024777},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
    }

  • Christian Reuter, Thea Riebe, Laura Guntrum (2023)
    Science Peace Security ’23: Editorial of the Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research
    In: Christian Reuter, Thea Riebe, Laura Guntrum: Science Peace Security ’23: Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research. Darmstadt, Germany: TUprints, , 9–13. doi:10.26083/tuprints-00024777
    [BibTeX] [Abstract] [Download PDF]

    The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.

    @incollection{reuter_science_2023-1,
    address = {Darmstadt, Germany},
    title = {Science {Peace} {Security} ’23: {Editorial} of the {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
    abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
    booktitle = {Science {Peace} {Security} ’23: {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    publisher = {TUprints},
    author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    editor = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
    year = {2023},
    doi = {10.26083/tuprints-00024777},
    keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
    pages = {9--13},
    }

    2022

  • Christian Reuter, Luigi Lo Iacono, Alexander Benlian (2022)
    A Quarter Century of Usable Security and Privacy Research: Transparency, Tailorability, and the Road Ahead
    Behaviour & Information Technology (BIT) ;41(10):2035–2048. doi:10.1080/0144929X.2022.2080908
    [BibTeX] [Abstract] [Download PDF]

    In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.

    @article{reuter_quarter_2022,
    title = {A {Quarter} {Century} of {Usable} {Security} and {Privacy} {Research}: {Transparency}, {Tailorability}, and the {Road} {Ahead}},
    volume = {41},
    issn = {0144-929X},
    url = {https://www.tandfonline.com/toc/tbit20/41/10},
    doi = {10.1080/0144929X.2022.2080908},
    abstract = {In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.},
    number = {10},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
    year = {2022},
    keywords = {Crisis, HCI, SocialMedia, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {2035--2048},
    }

  • Laura Buhleier, Sebastian Linsner, Enno Steinbrink, Christian Reuter (2022)
    Eine Klassifikation sicherheitskritischer UX-Design-Patterns
    Mensch und Computer – Workshopband Darmstadt. doi:10.18420/muc2022-mci-ws10-275
    [BibTeX] [Abstract] [Download PDF]

    User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.

    @inproceedings{buhleier_klassifikation_2022,
    address = {Darmstadt},
    series = {Mensch und {Computer} 2022 - {Workshopband}},
    title = {Eine {Klassifikation} sicherheitskritischer {UX}-{Design}-{Patterns}},
    url = {https://dl.gi.de/handle/20.500.12116/39087},
    doi = {10.18420/muc2022-mci-ws10-275},
    abstract = {User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.},
    language = {de},
    booktitle = {Mensch und {Computer} - {Workshopband}},
    publisher = {Gesellschaft für Informatik},
    author = {Buhleier, Laura and Linsner, Sebastian and Steinbrink, Enno and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Student, UsableSec, Security, Projekt-CROSSING, Projekt-GRKPrivacy},
    }

  • Tom Biselli, Enno Steinbrink, Franziska Herbert, Gina Maria Schmidbauer-Wolf, Christian Reuter (2022)
    On the Challenges of Developing a Concise Questionnaire to Identify Privacy Personas
    Proceedings on Privacy Enhancing Technologies (PoPETs) (4):645–669. doi:10.56553/popets-2022-0126
    [BibTeX] [Abstract] [Download PDF]

    Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.

    @article{biselli_challenges_2022,
    title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
    url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
    doi = {10.56553/popets-2022-0126},
    abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
    number = {4},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec, Projekt-GRKPrivacy},
    pages = {645--669},
    }

  • Katrin Hartwig, Christian Reuter (2022)
    Nudging Users Towards Better Security Decisions in Password Creation Using Whitebox-based Multidimensional Visualizations
    Behaviour & Information Technology (BIT) ;41(7):1357–1380. doi:10.1080/0144929X.2021.1876167
    [BibTeX] [Abstract] [Download PDF]

    Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.

    @article{hartwig_nudging_2022,
    title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
    volume = {41},
    url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
    doi = {10.1080/0144929X.2021.1876167},
    abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
    number = {7},
    journal = {Behaviour \& Information Technology (BIT)},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2022},
    keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-A, Projekt-CROSSING, Projekt-ATHENE-FANCY, AuswahlUsableSec},
    pages = {1357--1380},
    }

    2021

  • Anjuli Franz, Gregor Albrecht, Verena Zimmermann, Katrin Hartwig, Christian Reuter, Alexander Benlian, Joachim Vogt (2021)
    SoK: Still Plenty of Phish in the Sea — A Review of User-Oriented Phishing Interventions and Avenues for Future Research
    USENIX Symposium on Usable Privacy and Security (SOUPS) .
    [BibTeX] [Abstract] [Download PDF]

    Phishing is a prevalent cyber threat, targeting individuals and organizations alike. Previous approaches on anti-phishing measures have started to recognize the role of the user, who, at the center of the target, builds the last line of defense. However, user-oriented phishing interventions are fragmented across a diverse research landscape, which has not been systematized to date. This makes it challenging to gain an overview of the various approaches taken by prior works. In this paper, we present a taxonomy of phishing interventions based on a systematic literature analysis. We shed light on the diversity of existing approaches by analyzing them with respect to the intervention type, the addressed phishing attack vector, the time at which the intervention takes place, and the required user interaction. Furthermore, we highlight shortcomings and challenges emerging from both our literature sample and prior meta-analyses, and discuss them in the light of current movements in the field of usable security. With this article, we hope to provide useful directions for future works on phishing interventions.

    @inproceedings{franz_sok_2021,
    title = {{SoK}: {Still} {Plenty} of {Phish} in the {Sea} — {A} {Review} of {User}-{Oriented} {Phishing} {Interventions} and {Avenues} for {Future} {Research}},
    isbn = {978-1-939133-25-0},
    url = {https://www.usenix.org/system/files/soups2021-franz.pdf},
    abstract = {Phishing is a prevalent cyber threat, targeting individuals and
    organizations alike. Previous approaches on anti-phishing
    measures have started to recognize the role of the user, who,
    at the center of the target, builds the last line of defense.
    However, user-oriented phishing interventions are fragmented
    across a diverse research landscape, which has not been
    systematized to date. This makes it challenging to gain an
    overview of the various approaches taken by prior works.
    In this paper, we present a taxonomy of phishing interventions
    based on a systematic literature analysis. We shed light
    on the diversity of existing approaches by analyzing them
    with respect to the intervention type, the addressed phishing
    attack vector, the time at which the intervention takes place,
    and the required user interaction. Furthermore, we highlight
    shortcomings and challenges emerging from both our literature
    sample and prior meta-analyses, and discuss them in
    the light of current movements in the field of usable security.
    With this article, we hope to provide useful directions for
    future works on phishing interventions.},
    booktitle = {{USENIX} {Symposium} on {Usable} {Privacy} and {Security} ({SOUPS})},
    author = {Franz, Anjuli and Albrecht, Gregor and Zimmermann, Verena and Hartwig, Katrin and Reuter, Christian and Benlian, Alexander and Vogt, Joachim},
    year = {2021},
    keywords = {UsableSec, Security, Ranking-CORE-B, Projekt-CROSSING, AuswahlUsableSec},
    }

  • Katrin Hartwig, Christian Reuter (2021)
    Nudge or Restraint: How do People Assess Nudging in Cybersecurity – A Representative Study in Germany
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481514
    [BibTeX] [Abstract] [Download PDF]

    While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.

    @inproceedings{hartwig_nudge_2021,
    address = {Karlsruhe, Germany},
    title = {Nudge or {Restraint}: {How} do {People} {Assess} {Nudging} in {Cybersecurity} - {A} {Representative} {Study} in {Germany}},
    url = {https://peasec.de/paper/2021/2021_HartwigReuter_NudgingCybersecurityRepresentativeStudy_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481514},
    abstract = {While nudging is a long-established instrument in many contexts, it has more recently emerged to be relevant in cybersecurity as well. For instance, existing research suggests nudges for stronger passwords or safe WiFi connections. However, those nudges are often not as effective as desired. To improve their effectiveness, it is crucial to understand how people assess nudges in cybersecurity, to address potential fears and resulting reactance and to facilitate voluntary compliance. In other contexts, such as the health sector, studies have already thoroughly explored the attitude towards nudging. To address that matter in cybersecurity, we conducted a representative study in Germany (𝑁 = 1, 012), asking people about their attitude towards nudging in that specific context. Our findings reveal that 64\% rated nudging in cybersecurity as helpful, however several participants expected risks such as intentional misguidance, manipulation and data exposure as well.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Reuter, Christian},
    year = {2021},
    keywords = {UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {141--150},
    }

  • Katrin Hartwig, Atlas Englisch, Jan Pelle Thomson, Christian Reuter (2021)
    Finding Secret Treasure? Improving Memorized Secrets Through Gamification
    European Symposium on Usable Security (EuroUSEC) Karlsruhe, Germany. doi:10.1145/3481357.3481509
    [BibTeX] [Abstract] [Download PDF]

    Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom. Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000) to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of participants’ gaming frequency.

    @inproceedings{hartwig_finding_2021,
    address = {Karlsruhe, Germany},
    title = {Finding {Secret} {Treasure}? {Improving} {Memorized} {Secrets} {Through} {Gamification}},
    url = {https://peasec.de/paper/2021/2021_HartwigEnglischThomsonReuter_MemorizedSecretsThroughGamification_EuroUSEC.pdf},
    doi = {10.1145/3481357.3481509},
    abstract = {Users tend to bypass systems that are designed to increase their personal security and privacy while limiting their perceived freedom.
    Nudges present a possible solution to this problem, offering security benefits without taking away perceived freedom. We have
    identified a lack of research comparing concrete implementations of nudging concepts in an emulated real-world scenario to assess their
    relative value as a nudge. Comparing multiple nudging implementations in an emulated real-world scenario including a novel avatar
    nudge with gamification elements, this publication discusses the advantages of nudging for stronger user-created passwords regarding
    efficacy, usability, and memorability.We investigated the effect of gamification in nudges, performing two studies (𝑁1 = 16, 𝑁2 = 1, 000)
    to refine and evaluate implementations of current and novel nudging concepts. Our research found a gamified nudge, which integrates
    a personalizable avatar guide into the registration process, to perform less effectively than state-of-the-art nudges, independently of
    participants’ gaming frequency.},
    booktitle = {European {Symposium} on {Usable} {Security} ({EuroUSEC})},
    publisher = {ACM},
    author = {Hartwig, Katrin and Englisch, Atlas and Thomson, Jan Pelle and Reuter, Christian},
    year = {2021},
    keywords = {Student, UsableSec, Security, Projekt-CROSSING, Projekt-ATHENE-SecUrban},
    pages = {105--117},
    }

    2020

  • Philipp Imperatori, Thea Riebe, Christian Reuter (2020)
    Verschlüsselungspolitik der USA: Vom Clipper-Chip zu Edward Snowden
    FIfF-Kommunikation ;37:77–80.
    [BibTeX] [Download PDF]

    @article{imperatori_verschlusselungspolitik_2020,
    title = {Verschlüsselungspolitik der {USA}: {Vom} {Clipper}-{Chip} zu {Edward} {Snowden}},
    volume = {37},
    url = {https://tuprints.ulb.tu-darmstadt.de/20060/1/fk-1-20-p77.pdf},
    journal = {FIfF-Kommunikation},
    author = {Imperatori, Philipp and Riebe, Thea and Reuter, Christian},
    year = {2020},
    keywords = {Student, Security, Peace, Projekt-DualUse, Projekt-CROSSING},
    pages = {77--80},
    }

  • Christian Reuter, Jürgen Altmann, Malte Göttsche, Mirko Himmel (2020)
    Zur naturwissenschaftlich-technischen Friedens- und Konfliktforschung – Aktuelle Herausforderungen und Bewertung der Empfehlungen des Wissenschaftsrats
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) ;9(1):143–154. doi:10.1007/s42597-020-00035-z
    [BibTeX] [Abstract] [Download PDF]

    ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.

    @article{reuter_zur_2020,
    title = {Zur naturwissenschaftlich-technischen {Friedens}- und {Konfliktforschung} – {Aktuelle} {Herausforderungen} und {Bewertung} der {Empfehlungen} des {Wissenschaftsrats}},
    volume = {9},
    url = {https://link.springer.com/content/pdf/10.1007/s42597-020-00035-z.pdf},
    doi = {10.1007/s42597-020-00035-z},
    abstract = {ie besorgniserregende Aufkündigung des INF-Vertrags, der wiederholte Einsatz von Chemiewaffen in Syrien, kontroverse Diskussionen über die Einführung autonomer Waffensysteme oder zunehmende Cyber-Bedrohungen prägen das aktuelle politische Weltgeschehen. Besonders in einer Zeit, in der nukleare, biologische und chemische Abrüstung- und Rüstungskontrollmaßnahmen vor großen Herausforderungen stehen und gleichzeitig neue Technologien veränderte Anforderungen an diese Kontrollmechanismen mit sich bringen, gewinnt die naturwissenschaftlich-technische Friedensforschung enorm an Bedeutung. Sie beschäftigt sich auf der Grundlage von Erkenntnissen aus verschiedenen Naturwissenschaften und technischen Fachrichtungen (z. B. Physik, Chemie, Biologie, Informatik) mit der Rolle naturwissenschaftlicher und technischer Möglichkeiten im Kontext von Krieg und Frieden sowie Rüstung und Abrüstung. Sie unterstützt die politischen Prozesse der Kriegsprävention, der Abrüstung und der Vertrauensbildung mit Analysen der Eigenschaften und Folgen neuer Waffenarten und Technologien. Aus dieser Forschung werden Vorschläge für die Begrenzung neuer Waffenentwicklungen ebenso entwickelt wie technische Lösungen für eine verbesserte Rüstungskontrolle. Dieser Artikel benennt aktuelle Herausforderungen der naturwissenschaftlich-technischen Friedensforschung und geht dabei auch auf die aktuellen Empfehlungen des Wissenschaftsrats zur Weiterentwicklung der Friedens- und Konfliktforschung aus dem Jahr 2019 ein.},
    number = {1},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2020},
    keywords = {Security, Peace, Projekt-CROSSING, Cyberwar, Projekt-ATHENE-SecUrban},
    pages = {143--154},
    }

    2019

  • Christian Reuter, Konstantin Aal, Larissa Aldehoff, Jürgen Altmann, Johannes Buchmann, Ute Bernhardt, Kai Denker, Dominik Herrmann, Matthias Hollick, Stefan Katzenbeisser, Marc-André Kaufhold, Alfred Nordmann, Thomas Reinhold, Thea Riebe, Annette Ripper, Ingo Ruhmann, Klaus-Peter Saalbach, Niklas Schörnig, Ali Sunyaev, Volker Wulf (2019)
    The Future of IT in Peace and Security
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 405–413. doi:10.1007/978-3-658-25652-4_19
    [BibTeX] [Abstract] [Download PDF]

    Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.

    @incollection{reuter_future_2019,
    address = {Wiesbaden, Germany},
    title = {The {Future} of {IT} in {Peace} and {Security}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aal, Konstantin and Aldehoff, Larissa and Altmann, Jürgen and Buchmann, Johannes and Bernhardt, Ute and Denker, Kai and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Nordmann, Alfred and Reinhold, Thomas and Riebe, Thea and Ripper, Annette and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_19},
    keywords = {HCI, UsableSec, Security, Peace, Projekt-CRISP, Projekt-CROSSING},
    pages = {405--413},
    }

  • Christian Reuter (2019)
    Information Technology for Peace and Security – Introduction and Overview
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 3–9. doi:10.1007/978-3-658-25652-4_1
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.

    @incollection{reuter_information_2019,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {Introduction} and {Overview}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_1},
    keywords = {Crisis, Security, Peace, Projekt-CRISP, Projekt-CROSSING},
    pages = {3--9},
    }

  • Sebastian Linsner, Rashmi Varma, Christian Reuter (2019)
    Vulnerability Assessment in the Smart Farming Infrastructure through Cyberattacks
    39. GIL-Jahrestagung: Informatik in der Land-, Forst- und Ernährungswirtschaft Fokus; Digitalisierung für landwirtschaftliche Betriebe in kleinstrukturierten Regionen – ein Widerspruch in sich?, Lecture Notes in Informatics (LNI) Wien, Austria.
    [BibTeX] [Abstract] [Download PDF]

    The Internet of Things (IoT) has a significant impact on agriculture. So-called Smart Farming uses drones and a variety of sensors to measure climate, irrigation, soil moisture or GPS position. With this rapid influx of technology increases the threat that vulnerabilities in those technologies are being exploited for malicious intent. To show the impact of cyberattacks on agriculture, we present a simulation of several attacks on a ZigBee-based wireless sensor network. We conduct a delay attack, an interference attack and three different routing attacks (sinkhole, blackhole and selective forwarding attack). Those attacks are simulated using NETA with the OMNET++ framework. We will show that the security of WSN is influenced by factors like energy consumption or computation power, which can conflict with other interests like low per-unit costs.

    @inproceedings{linsner_vulnerability_2019,
    address = {Wien, Austria},
    title = {Vulnerability {Assessment} in the {Smart} {Farming} {Infrastructure} through {Cyberattacks}},
    url = {http://gil-net.de/Publikationen/139_119.pdf},
    abstract = {The Internet of Things (IoT) has a significant impact on agriculture. So-called Smart Farming uses drones and a variety of sensors to measure climate, irrigation, soil moisture or GPS position. With this rapid influx of technology increases the threat that vulnerabilities in those technologies are being exploited for malicious intent. To show the impact of cyberattacks on agriculture, we present a simulation of several attacks on a ZigBee-based wireless sensor network. We conduct a delay attack, an interference attack and three different routing attacks (sinkhole, blackhole and selective forwarding attack). Those attacks are simulated using NETA with the OMNET++ framework. We will show that the security of WSN is influenced by factors like energy consumption or computation power, which can conflict with other interests like low per-unit costs.},
    booktitle = {39. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft} {Fokus}; {Digitalisierung} für landwirtschaftliche {Betriebe} in kleinstrukturierten {Regionen} – ein {Widerspruch} in sich?, {Lecture} {Notes} in {Informatics} ({LNI})},
    publisher = {Gesellschaft für Informatik},
    author = {Linsner, Sebastian and Varma, Rashmi and Reuter, Christian},
    editor = {Meyer-Aurich, A.},
    year = {2019},
    keywords = {Student, Ranking-CORE-C, Ranking-VHB-C, Security, Infrastructure, RSF, Projekt-CROSSING, Projekt-GeoBox, Projekt-HyServ},
    pages = {119--124},
    }

  • Sebastian Linsner, Franz Kuntke, Gina Maria Schmidbauer-Wolf, Christian Reuter (2019)
    Blockchain in der Landwirtschaft 4.0 – Empirische Studie zu Erwartungen von Landwirt_innen gegenüber dezentralen Services auf Basis von Distributed Ledger Technology
    Mensch und Computer 2019 Hamburg, Germany. doi:10.1145/3340764.3340799
    [BibTeX] [Abstract] [Download PDF]

    Digitalization, which proceeds in all branches, as well in agriculture, by using new technology, sensors and networking, requires responsible usage of data. One possibility to manage data and use them to create value is the blockchain-technology. It is primary enforced by the food industries and consumers to ensure traceability and transparency. To put blockchain-technology into beneficial use in agriculture, this domain has to be analyzed regarding social and business aspects. This paper presents the results of a qualitative study where 41 actors from the agricultural do-main participated in focus groups and delivered a written statement. It was found that farmers are interested in adapting new markets and technologies early to get an economic advantage. On the other hand, the fear of losing traditional local business partners and the social surroundings of the farmers must be considered

    @inproceedings{linsner_blockchain_2019,
    address = {Hamburg, Germany},
    title = {Blockchain in der {Landwirtschaft} 4.0 - {Empirische} {Studie} zu {Erwartungen} von {Landwirt}\_innen gegenüber dezentralen {Services} auf {Basis} von {Distributed} {Ledger} {Technology}},
    url = {https://dl.acm.org/citation.cfm?id=3340799},
    doi = {10.1145/3340764.3340799},
    abstract = {Digitalization, which proceeds in all branches, as well in agriculture, by using new technology, sensors and networking, requires responsible usage of data. One possibility to manage data and use them to create value is the blockchain-technology. It is primary enforced by the food industries and consumers to ensure traceability and transparency. To put blockchain-technology into beneficial use in agriculture, this domain has to be analyzed regarding social and business aspects. This paper presents the results of a qualitative study where 41 actors from the agricultural do-main participated in focus groups and delivered a written statement. It was found that farmers are interested in adapting new markets and technologies early to get an economic advantage. On the other hand, the fear of losing traditional local business partners and the social surroundings of the farmers must be considered},
    booktitle = {Mensch und {Computer} 2019},
    publisher = {ACM},
    author = {Linsner, Sebastian and Kuntke, Franz and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
    editor = {Alt, Florian and Bulling, Andreas and Döring, Tanja},
    year = {2019},
    keywords = {Cooperation, HCI, Projekt-CRISP, Projekt-CROSSING, Projekt-MAKI, Projekt-GeoBox, Projekt-HyServ},
    pages = {103--113},
    }

  • Christian Reuter, Katja Häusser, Mona Bien, Franziska Herbert (2019)
    Between Effort and Security: User Assessment of the Adequacy of Security Mechanisms for App Categories
    Mensch und Computer 2019 Hamburg, Germany. doi:10.1145/3340764.3340770
    [BibTeX] [Abstract] [Download PDF]

    With the increasing popularity of the smartphone, the number of people using it for financial transactions such as online shopping, online banking or mobile payment is also growing. Apps used in these contexts store sensitive and valuable data, creating a need for security measures. It has not yet been researched to what extent certain authentication mechanisms, which can be information-, biometric- as well as token-based, are suitable for individual apps and the respective data. The goal of this work is to assess how perceived security and estimated effort of using such mechanisms, as well as the degree to which app data is considered worth protecting, influence users‘ choices of appropriate measures to protect app categories. Therefore, we conducted a representative study (n=1024). On the one hand, our results show that a positive correlation between perceived security and effort exists for all investigated non-biometric authentication methods. On the other hand, the study sheds light on the differences between the investigated app categories and the users‘ choice of the appropriate security mechanisms for the particular category. In contrast to perceived security having a positive influence on a user’s preference of mechanism, a relation can hardly be identified for effort. Moreover, app data sensitivity does not seem relevant for the users‘ choice of security mechanism.

    @inproceedings{reuter_between_2019,
    address = {Hamburg, Germany},
    title = {Between {Effort} and {Security}: {User} {Assessment} of the {Adequacy} of {Security} {Mechanisms} for {App} {Categories}},
    url = {http://www.peasec.de/paper/2019/2019_ReuterHaeusserBienHerbert_EffortSecurity_MuC.pdf},
    doi = {10.1145/3340764.3340770},
    abstract = {With the increasing popularity of the smartphone, the number of people using it for financial transactions such as online shopping, online banking or mobile payment is also growing. Apps used in these contexts store sensitive and valuable data, creating a need for security measures. It has not yet been researched to what extent certain authentication mechanisms, which can be information-, biometric- as well as token-based, are suitable for individual apps and the respective data. The goal of this work is to assess how perceived security and estimated effort of using such mechanisms, as well as the degree to which app data is considered worth protecting, influence users' choices of appropriate measures to protect app categories. Therefore, we conducted a representative study (n=1024). On the one hand, our results show that a positive correlation between perceived security and effort exists for all investigated non-biometric authentication methods. On the other hand, the study sheds light on the differences between the investigated app categories and the users' choice of the appropriate security mechanisms for the particular category. In contrast to perceived security having a positive influence on a user's preference of mechanism, a relation can hardly be identified for effort. Moreover, app data sensitivity does not seem relevant for the users' choice of security mechanism.},
    booktitle = {Mensch und {Computer} 2019},
    publisher = {ACM},
    author = {Reuter, Christian and Häusser, Katja and Bien, Mona and Herbert, Franziska},
    editor = {Alt, Florian and Bulling, Andreas and Döring, Tanja},
    year = {2019},
    keywords = {HCI, Student, UsableSec, Security, Projekt-CRISP, Projekt-CROSSING, Projekt-ATHENE-FANCY},
    pages = {287--297},
    }

  • Larissa Aldehoff, Meri Dankenbring, Christian Reuter (2019)
    Renouncing Privacy in Crisis Management? People’s View on Social Media Monitoring and Surveillance
    Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) València, Spain.
    [BibTeX] [Abstract] [Download PDF]

    Social media is used during crises and disasters by state authorities and citizens to communicate and provide, gain and analyze information. Monitoring of platforms in such cases is both a well-established practice and a research area. The question, whether people are willing to renounce privacy in social media during critical incidents, or even allow surveillance in order to contribute to public security, remains unanswered. Our survey of 1,024 German inhabitants is the first empirical study on people’s views on social media monitoring and surveillance in crisis management. We find the willingness to share data during an imminent threat depends mostly on the type of data: a majority (63\% and 67\%, respectively) would give access to addresses and telephone numbers, whereas the willingness to share content of chats or telephone calls is significantly lower (27\%). Our analysis reveals diverging opinions among participants and some effects of sociodemographic variables on the acceptance of invasions into privacy.

    @inproceedings{aldehoff_renouncing_2019,
    address = {València, Spain},
    title = {Renouncing {Privacy} in {Crisis} {Management}? {People}'s {View} on {Social} {Media} {Monitoring} and {Surveillance}},
    url = {http://www.peasec.de/paper/2019/2019_AldehoffDankenbringReuter_RenouncingPrivacyCrisisManagement_ISCRAM.pdf},
    abstract = {Social media is used during crises and disasters by state authorities and citizens to communicate and provide, gain and analyze information. Monitoring of platforms in such cases is both a well-established practice and a research area. The question, whether people are willing to renounce privacy in social media during critical incidents, or even allow surveillance in order to contribute to public security, remains unanswered. Our survey of 1,024 German inhabitants is the first empirical study on people's views on social media monitoring and surveillance in crisis management. We find the willingness to share data during an imminent threat depends mostly on the type of data: a majority (63\% and 67\%, respectively) would give access to addresses and telephone numbers, whereas the willingness to share content of chats or telephone calls is significantly lower (27\%). Our analysis reveals diverging opinions among participants and some effects of sociodemographic variables on the acceptance of invasions into privacy.},
    booktitle = {Proceedings of the {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
    publisher = {ISCRAM Association},
    author = {Aldehoff, Larissa and Dankenbring, Meri and Reuter, Christian},
    editor = {Franco, Zeno and González, José J. and Canós, José H.},
    year = {2019},
    keywords = {Crisis, SocialMedia, Student, UsableSec, Security, Peace, Projekt-CRISP, Projekt-DualUse, Projekt-CROSSING, Projekt-ATHENE-FANCY},
    pages = {1184--1197},
    }

  • Thomas Reinhold, Christian Reuter (2019)
    From Cyber War to Cyber Peace
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 139–164. doi:10.1007/978-3-658-25652-4_7
    [BibTeX] [Abstract] [Download PDF]

    The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.

    @incollection{reinhold_cyber_2019,
    address = {Wiesbaden, Germany},
    title = {From {Cyber} {War} to {Cyber} {Peace}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_7},
    keywords = {Security, Peace, Projekt-CRISP, Projekt-DualUse, Projekt-CROSSING, Cyberwar},
    pages = {139--164},
    }

  • Christian Reuter (2019)
    Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg. doi:10.1007/978-3-658-25652-4
    [BibTeX] [Abstract] [Download PDF]

    Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.

    @book{reuter_information_2019-1,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4},
    keywords = {Crisis, Selected, Security, Peace, Infrastructure, Projekt-CRISP, Projekt-DualUse, RSF, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-MAKI},
    }

    2017

  • Christian Reuter, Marc-André Kaufhold, Jonas Klös (2017)
    Benutzbare Sicherheit: Usability, Safety und Security bei Passwörtern
    Mensch & Computer: Workshopband Regensburg, Germany. doi:https://doi.org/10.18420/muc2017-ws01-0384
    [BibTeX] [Abstract] [Download PDF]

    Obwohl Usability und Sicherheit beides relevante Anforderungen für Anwendungssysteme sind, stehen sie in einem Spannungsfeld. Sicherheit kann als Schutz vor Angriffen von außen (Security), aber auch für das sichere Funktionieren (Safety) dieser Anwendungssysteme verstanden werden. Durch die immer größere Vernetzung klassischer Safety-Domänen, wie dem Katastrophenschutz, gewinnen Security-Aspekte dort ebenfalls an Bedeutung. Die Übertragung von kritischen und vertraulichen Informationen auf mobile Endgeräte muss zugleich passwortgeschützt als auch schnell verfügbar sein; zeitintensive Authentifizierungsmechanismen können hier stören. In dieser Studie werden die Nutzung von Passwörtern vor dem Hintergrund der Abwägung von Sicherheit und Usability exploriert und Hypothesen zum Umgang mit Passwörtern aufgestellt, die im Kontext der Digitalisierung in der zivilen Sicherheit sowie mobilen und ubiquitären Geräte im Katastrophenschutz an enormer Bedeutung gewinnen.

    @inproceedings{reuter_benutzbare_2017,
    address = {Regensburg, Germany},
    title = {Benutzbare {Sicherheit}: {Usability}, {Safety} und {Security} bei {Passwörtern}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/3214/2017_WS01_384.pdf?sequence=1&isAllowed=y},
    doi = {https://doi.org/10.18420/muc2017-ws01-0384},
    abstract = {Obwohl Usability und Sicherheit beides relevante Anforderungen für Anwendungssysteme sind, stehen sie in einem Spannungsfeld. Sicherheit kann als Schutz vor Angriffen von außen (Security), aber auch für das sichere Funktionieren (Safety) dieser Anwendungssysteme verstanden werden. Durch die immer größere Vernetzung klassischer Safety-Domänen, wie dem Katastrophenschutz, gewinnen Security-Aspekte dort ebenfalls an Bedeutung. Die Übertragung von kritischen und vertraulichen Informationen auf mobile Endgeräte muss zugleich passwortgeschützt als auch schnell verfügbar sein; zeitintensive Authentifizierungsmechanismen können hier stören. In dieser Studie werden die Nutzung von Passwörtern vor dem Hintergrund der Abwägung von Sicherheit und Usability exploriert und Hypothesen zum Umgang mit Passwörtern aufgestellt, die im Kontext der Digitalisierung in der zivilen Sicherheit sowie mobilen und ubiquitären Geräte im Katastrophenschutz an enormer Bedeutung gewinnen.},
    booktitle = {Mensch \& {Computer}: {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Reuter, Christian and Kaufhold, Marc-André and Klös, Jonas},
    editor = {Burghardt, M. and Wimmer, R. and Wolff, C. and Womser-Hacker, C.},
    year = {2017},
    keywords = {HCI, Student, UsableSec, Security, Projekt-KontiKat, Projekt-CRISP, Projekt-CROSSING},
    pages = {33--41},
    }

    TraCe: Regionales Forschungszentrum „Transformations of Political Violence“ (1.4.2022-31.3.2026, BMBF)

    TraCe: Regionales Forschungszentrum „Transformations of Political Violence“ (1.4.2022-31.3.2026, BMBF)

    https://www.trace-center.de/

    Die Geschichte moderner Gesell­schaften und der inter­nationalen Beziehungen wird üblicher­weise als ein schritt­weiser Verzicht auf Gewalt erzählt. Von einer Über­windung organisierter Gewalt kann allerdings keine Rede sein. Aktuelle Tendenzen weisen vielmehr in die entgegen­gesetzte Richtung: Das welt­weite Konflikt­geschehen hat an Inten­sität wieder zu­genommen; Globalisierung und techno­logischer Wandel ermöglichen neue Formen kriege­rischer und terroris­tischer Gewalt. Diese Ent­wicklungen verweisen auf Trans­formationen, die existierende Normen und Praktiken zur Einhegung politischer Gewalt heraus­fordern. Das Regionale Forschungs­zentrum „Trans­formations of Political Violence“ untersucht diese Ent­wicklungen mit dem Ziel, die Konse­quenzen für den inner­gesell­schaftlichen und inter­nationalen Frieden zu iden­tifizieren und Strategien zur Ein­dämmung politi­scher Gewalt unter den sich ver­ändernden Bedingungen zu entwickeln.

    Das Regionale Forschungs­zentrum “Trans­formations of Political Violence“ ist ein Kooperations­projekt Leibnitz-Institut für Friedens- und Konflikt­forschung (PRIF), der Goethe-Universität Frankfurt, der Justus-Liebig-Universität Gießen, der Philipps-Universität Marburg und der Technischen Universität Darmstadt. Es handelt sich um eine inter­disziplinäre Forschungs­initiative, die vom Bundes­ministerium für Bildung und Forschung (BMBF) finanziert wird (Laufzeit: April 2022 – März 2026).

    Mit der Errichtung des regionalen Forschungs­zentrums inten­sivieren die beteiligten Partner­institutionen ihre bestehende Zusammen­arbeit und bündeln ihre Ex­pertise in der inter­disziplinären Gewalt­forschung. Durch die thematische Profil­bildung und die Etablierung dauerhafter Veranstaltungs­reihen schaffen sie ein regionales Kompetenz­zentrum für Forschung, Lehre und Wissens­transfer, das inter­national sichtbar ist und systematisch zur Einhegung und Prävention politischer Gewalt beiträgt.

    Das Zentrum bringt disziplinäre Pers­pektiven aus Politik­wissen­schaft, Soziologie, Geschichts- und Rechts­wissenschaften, Sozial­anthropologie, Sozial­psychologie, Kultur- und Sprach­wissen­schaften und Informatik sowie verschiedene methodologische Ansätze zusammen und untersucht das Zusammen­spiel unter­schiedlicher Typen und Ebenen politischer Gewalt systematisch in drei thematischen Forschungs­feldern sowie in einem Synergiefeld.

    2024

  • Christian Reuter (2024)
    Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace
    Wiesbaden, Germany: Springer Vieweg.
    [BibTeX]

    @book{reuter_information_2024,
    address = {Wiesbaden, Germany},
    title = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian},
    year = {2024},
    keywords = {Selected, Security, Peace, Infrastructure, Projekt-CROSSING, AuswahlPeace, Cyberwar, Projekt-TraCe},
    }

  • Laura Guntrum (2024)
    Keyboard Fighters: The Use of ICTs by Activists in Times of Military Coup in Myanmar
    Proceedings of the Conference on Human Factors in Computing Systems (CHI) .
    [BibTeX] [Abstract]

    Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.

    @inproceedings{guntrum_keyboard_2024,
    series = {{CHI} '24},
    title = {Keyboard {Fighters}: {The} {Use} of {ICTs} by {Activists} in {Times} of {Military} {Coup} in {Myanmar}},
    abstract = {Amidst the ongoing anti-military protests in Myanmar since 2021, there is a noticeable research gap on ICT-supported activism. Generally, ICTs play an important role during political crises in conjunction with activists’ practices on the ground. Inspired by Resource Mobilization Theory, I conducted qualitative interviews (N=16) and a qualitative online survey (N=34), which demonstrate the intersection between analog and digital domains, showcasing the ingenuity of the activists, and the rapid adoption of ICTs in a country that has experienced a digital revolution within the last few years. As not all people were able to protest on-the-ground, they acted as keyboard fighters to organize protests, to share information, and to support the civil disobedience movement in Myanmar. The study identifies, inter alia, the need for better offline applications with wider coverage in times of internet shutdowns, applications that cannot be easily identified during physical controls, and providing free and secure VPN access.},
    booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
    publisher = {Association for Computing Machinery},
    author = {Guntrum, Laura},
    year = {2024},
    keywords = {HCI, Selected, A-Paper, Ranking-CORE-A*, Peace, Projekt-TraCe, Projekt-ATHENE},
    }

    2023

  • Stefka Schmid, Laura Guntrum, Steffen Haesler, Lisa Schultheiß, Christian Reuter (2023)
    Digital Volunteers During the COVID-19 Pandemic: Care Work on Social Media for Socio-technical Resilience
    Weizenbaum Journal of the Digital Society ;3(1). doi:10.34669/WI.WJDS/3.3.6
    [BibTeX] [Abstract] [Download PDF]

    Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.

    @article{schmid_digital_2023,
    title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
    volume = {3},
    issn = {2748-5625},
    url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
    doi = {10.34669/WI.WJDS/3.3.6},
    abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices